1
0
Fork 0
auth.rxbn.de/bin/web/routes/static.js

142 lines
3.3 KiB
JavaScript

/*
* This file is part of the authRXBN single sign-on package.
*
* (c) Ruben Meyer <contact@rxbn.de>
*/
var express = require('express');
var route = express.Router();
var fs = require('fs');
var path = require('path');
var fileCheck = (file) => {
if(typeof global['gds'].cache.web == 'undefined') global['gds'].cache.web = {};
let dir = global['__dirname'] + '/bin/web/views';
let path_j = path.join(dir, file.toLowerCase());
if(typeof global['gds'].cache.web[path_j] == 'undefined') {
if(fs.existsSync(path_j+'.pug')) {
global['gds'].cache.web[path_j] = true;
} else {
global['gds'].cache.web[path_j] = false;
}
}
if(global['gds'].cache.web[path_j] === true) {
return path_j;
} else {
return false;
}
};
route.all('/', function(req, res, next) {
// TODO: show login page or dashboard
// res.end('login or dashboard');
global['modules'].database.getApps((err, rep) => {
res.render('index', {
session: req.session,
apps: rep
});
})
});
// login page or app request
route.get('/authenticate', (req, res) => {
req.session.appRequest = {}; // TODO: data
global['modules'].database.getApps((err, rep) => {
if(req.query.appId) {
if(req.query.appId && typeof req.query.appId == "string") {
// req.query.appId
// verify appId (if in rep)
req.session.appRequest.appId = req.query.appId;
// TODO: on accept, setAuthCode and redirect with token
// on cancel, redirect to dashboard
}
}
if(req.session && req.session.user) {
res.render('request', {
session: req.session,
appRequest: req.session.appRequest,
apps: rep
});
} else {
res.render('login', {
session: req.session,
login_title: "Login to use APP_NAME via authRxbn", // appRequest app name
appRequest: req.session.appRequest
});
}
});
});
route.all('/*', (req, res, next) => {
// passthrough to next route
if(req.path.startsWith('/api'))
return next();
if(req.path == "/request") return res.render('error/404');
let pathRules = require("./rules");
let group = "anon";
if(req.session && req.session.user) {
group = "user";
if(req.session.user.group == 999) group = "admin";
}
pathRules.forEach((rule) => {
if(rule.rule == "block") {
if(group == rule.group) {
let regex = new RegExp(rule.expression, "g");
if(regex.test(req.path)) {
if(rule.type == "404") {
return res.status(404).render('error/404', {
error_code: 404,
error_msg: 'msg.request.file.not_found',
session: req.session
});
} else if(rule.type == "missing_permission") {
return res.status(401).render('error/permission', {
error_code: 401,
session: req.session
});
} else if(rule.type == "login") {
return res.status(401).render('error/login', {
error_code: 401,
session: req.session
});
} else {
return res.status(401).render('error/error', {
error_code: 401,
session: req.session
});
}
}
}
}
});
if(fileCheck(req.path)) {
return res.render(req.path.replace(/^\//, ''), {
session: req.session,
cfg: global['gds'].cfg
});
} else {
return res.status(404).render('error/404', {
error_code: 404,
error_msg: 'msg.request.file.not_found',
session: req.session
});
}
// TODO: try to login
// TODO: role-based authorization
// TODO: show login page or page
});
module.exports = route;