jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Move simple auth to separate express server

Browse Source
This commit is contained in:
Johannes Zellner
2015-10-11 13:22:52 +02:00
parent 79c17abad2
commit 23303363ee
3 changed files with 93 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
src/simpleauth.js
View File

@@ -1,17 +1,28 @@
'use strict';
exports = module.exports = {
login: login,
logout: logout
start: start,
stop: stop
};
var assert = require('assert'),
debug = require('debug')('box:simpleauth'),
user = require('./user.js'),
tokendb = require('./tokendb.js'),
clients = require('./clients.js');
clients = require('./clients.js'),
config = require('./config.js'),
debug = require('debug')('box:proxy'),
middleware = require('./middleware'),
express = require('express'),
HttpError = require('connect-lastmile').HttpError,
HttpSuccess = require('connect-lastmile').HttpSuccess,
DatabaseError = require('./databaseerror.js'),
UserError = require('./user.js').UserError,
http = require('http');
function login(clientId, username, password, callback) {
var gHttpServer = null;
function loginLogic(clientId, username, password, callback) {
assert.strictEqual(typeof clientId, 'string');
assert.strictEqual(typeof username, 'string');
assert.strictEqual(typeof password, 'string');
@@ -39,7 +50,7 @@ function login(clientId, username, password, callback) {
});
}
function logout(accessToken, callback) {
function logoutLogic(accessToken, callback) {
assert.strictEqual(typeof accessToken, 'string');
assert.strictEqual(typeof callback, 'function');
@@ -50,3 +61,76 @@ function logout(accessToken, callback) {
callback(null);
});
}
function login(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
if (typeof req.body.clientId !== 'string') return next(new HttpError(400, 'clientId is required'));
if (typeof req.body.username !== 'string') return next(new HttpError(400, 'username is required'));
if (typeof req.body.password !== 'string') return next(new HttpError(400, 'password is required'));
loginLogic(req.body.clientId, req.body.username, req.body.password, function (error, result) {
if (error && error.reason === DatabaseError.NOT_FOUND) return next(new HttpError(401, 'Unknown client'));
if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(401, 'Forbidden'));
if (error && error.reason === UserError.WRONG_PASSWORD) return next(new HttpError(401, 'Forbidden'));
if (error) return next(new HttpError(500, error));
var tmp = {
accessToken: result.accessToken,
user: {
id: result.user.id,
username: result.user.username,
email: result.user.email,
admin: !!result.user.admin
}
};
next(new HttpSuccess(201, tmp));
});
}
function logout(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
if (typeof req.body.accessToken !== 'string') return next(new HttpError(400, 'accessToken required'));
logoutLogic(req.body.accessToken, function (error) {
if (error) return next(new HttpError(500, error));
next(new HttpSuccess(200, {}));
});
}
function initializeExpressSync() {
var app = express();
var httpServer = http.createServer(app);
httpServer.on('error', console.error);
var json = middleware.json({ strict: true, limit: '100kb' });
var router = new express.Router();
// basic auth
router.post('/api/v1/login', login);
router.get ('/api/v1/logout', logout);
app
.use(middleware.timeout(10000))
.use(json)
.use(router);
return httpServer;
}
function start(callback) {
assert.strictEqual(typeof callback, 'function');
gHttpServer = initializeExpressSync();
gHttpServer.listen(config.get('simpleAuthPort'), '127.0.0.1', callback);
}
function stop(callback) {
assert.strictEqual(typeof callback, 'function');
gHttpServer.close(callback);
}