jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Remove oauth

Browse Source 
A whole bunch of useless stuff
This commit is contained in:
Johannes Zellner
2020-02-05 18:15:53 +01:00
parent bfffde5f89
commit 4ae12ac10b
18 changed files with 3 additions and 2558 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/server.js
-48
View File
@@ -13,14 +13,10 @@ var accesscontrol = require('./accesscontrol.js'),
database = require('./database.js'),
eventlog = require('./eventlog.js'),
express = require('express'),
hat = require('./hat.js'),
http = require('http'),
middleware = require('./middleware'),
passport = require('passport'),
path = require('path'),
paths = require('./paths.js'),
routes = require('./routes/index.js'),
safe = require('safetydance'),
settings = require('./settings.js'),
ws = require('ws');
@@ -40,9 +36,6 @@ function initializeExpressSync() {
var json = middleware.json({ strict: true, limit: QUERY_LIMIT }), // application/json
urlencoded = middleware.urlencoded({ extended: false, limit: QUERY_LIMIT }); // application/x-www-form-urlencoded
app.set('views', path.join(__dirname, 'oauth2views'));
app.set('view options', { layout: true, debug: false });
app.set('view engine', 'ejs');
app.set('json spaces', 2); // pretty json
// for rate limiting
@@ -68,39 +61,14 @@ function initializeExpressSync() {
var router = new express.Router();
router.del = router.delete; // amend router.del for readability further on
// load or generate the session secret
var sessionSecret = safe.fs.readFileSync(paths.SESSION_SECRET_FILE, 'utf8');
if (!sessionSecret) {
sessionSecret = hat(128);
safe.fs.writeFileSync(paths.SESSION_SECRET_FILE, sessionSecret);
}
var SessionFileStore = require('session-file-store')(middleware.session);
app
// the timeout middleware will respond with a 503. the request itself cannot be 'aborted' and will continue
// search for req.clearTimeout in route handlers to see places where this timeout is reset
.use(middleware.timeout(REQUEST_TIMEOUT, { respond: true }))
.use(json)
.use(urlencoded)
.use(middleware.cookieParser())
.use(middleware.cors({ origins: [ '*' ], allowCredentials: false }))
.use(middleware.session({
secret: sessionSecret,
saveUninitialized: false,
resave: false,
store: new SessionFileStore({
path: paths.SESSION_DIR
}),
cookie: {
path: '/',
httpOnly: true,
secure: process.env.BOX_ENV !== 'test',
maxAge: 600000
}
}))
.use(passport.initialize())
.use(passport.session())
.use(router)
.use(middleware.lastMile());
@@ -220,18 +188,6 @@ function initializeExpressSync() {
router.post('/api/v1/groups/:groupId', usersManageScope, routes.groups.update);
router.del ('/api/v1/groups/:groupId', usersManageScope, routes.groups.remove);
// form based login routes used by oauth2 frame
router.get ('/api/v1/session/login', routes.oauth2.loginForm);
router.post('/api/v1/session/login', routes.oauth2.login);
router.get ('/api/v1/session/logout', routes.oauth2.logout);
router.get ('/api/v1/session/callback', routes.oauth2.sessionCallback());
router.get ('/api/v1/session/account/setup.html', routes.oauth2.accountSetupSite);
router.post('/api/v1/session/account/setup', routes.oauth2.accountSetup);
// oauth2 routes
router.get ('/api/v1/oauth/dialog/authorize', routes.oauth2.authorization());
router.post('/api/v1/oauth/token', routes.oauth2.token());
// client/token routes
router.get ('/api/v1/clients', clientsScope, routes.clients.getAll);
router.post('/api/v1/clients', clientsScope, routes.clients.add);
@@ -380,8 +336,6 @@ function start(callback) {
assert.strictEqual(typeof callback, 'function');
assert.strictEqual(gHttpServer, null, 'Server is already up and running.');
routes.oauth2.initialize(); // init's the oauth server
gHttpServer = initializeExpressSync();
async.series([
@@ -407,8 +361,6 @@ function stop(callback) {
], function (error) {
if (error) return callback(error);
routes.oauth2.uninitialize();
gHttpServer = null;
callback(null);