jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add ability to specify the login purpose for further use

Browse Source 
In this case the cli will specify a different token type
This commit is contained in:
Johannes Zellner
2020-02-07 23:03:30 +01:00
parent 799b588693
commit 7c86ed9783
2 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/routes/cloudron.js
View File

@@ -45,10 +45,16 @@ let assert = require('assert'),
function login(req, res, next) {
assert.strictEqual(typeof req.user, 'object');
if ('type' in req.body && typeof req.body.type !== 'string') return next(new HttpError(400, 'type must be a string'));
const type = req.body.type || tokens.ID_WEBADMIN;
const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
const auditSource = { authType: 'basic', ip: ip };
tokens.add(tokens.ID_WEBADMIN, req.user.id, Date.now() + constants.DEFAULT_TOKEN_EXPIRATION, {}, function (error, result) {
const error = tokens.validateTokenType(type);
if (error) return next(new HttpError(400, error.message));
tokens.add(type, req.user.id, Date.now() + constants.DEFAULT_TOKEN_EXPIRATION, {}, function (error, result) {
if (error) return next(new HttpError(500, error));
eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource, { userId: req.user.id, user: users.removePrivateFields(req.user) });