This commit is contained in:
2021-01-16 23:55:27 -05:00
commit 10d10079aa
8070 changed files with 386150 additions and 0 deletions

116
nodejs/routes/auth.js Executable file
View File

@ -0,0 +1,116 @@
'use strict';
const router = require('express').Router();
const {User} = require('../models/user');
const {Auth, AuthToken} = require('../models/auth');
const {PasswordResetToken} = require('../models/token');
router.post('/login', async function(req, res, next){
try{
let auth = await Auth.login(req.body);
return res.json({
login: true,
token: auth.token.token,
message:`${req.body.uid} logged in!`,
});
}catch(error){
next(error);
}
});
router.all('/logout', async function(req, res, next){
try{
if(req.user){
await req.user.logout();
}
res.json({message: 'Bye'})
}catch(error){
next(error);
}
});
router.post('/resetpassword', async function(req, res, next){
try{
let sent = await User.passwordReset(`${req.protocol}://${req.hostname}`, req.body.mail);
console.info('resetpassword for', req.body.mail, 'sent')
return res.json({
message: 'If the emaill address is in our system, you will receive a message.'
});
}catch(error){
next(error);
}
});
router.post('/resetpassword/:token', async function(req, res, next){
try{
let token = await PasswordResetToken.get(req.params.token);
if(token.is_valid && 86400000+Number(token.created_on) > (new Date).getTime()){
let user = await User.get(token.created_by);
await user.setPassword(req.body);
token.update({is_valid: false});
return res.json({
message: 'Password has been changed.'
});
}
}catch(error){
next(error);
}
});
router.post('/invite/:token/:mailToken', async function(req, res, next) {
try{
req.body.token = req.params.token;
req.body.mailToken = req.params.mailToken;
let user = await User.addByInvite(req.body);
let token = await AuthToken.add(user);
return res.json({
user: user.uid,
token: token.token
});
}catch(error){
next(error);
}
});
router.post('/invite/:token', async function(req, res, next){
try{
let data = {
token: req.params.token,
url: `${req.protocol}://${req.hostname}`,
mail: req.body.mail,
}
await User.verifyEmail(data);
return res.send({message: 'sent'});
}catch(error){
next(error)
}
});
module.exports = router;
/*
verify public ssh key
*/
// router.post('/verifykey', async function(req, res){
// let key = req.body.key;
// try{
// return res.json({
// info: await Users.verifyKey(key)
// });
// }catch(error){
// return res.status(400).json({
// message: 'Key is not a public key file!'
// });
// }
// });

125
nodejs/routes/group.js Normal file
View File

@ -0,0 +1,125 @@
'use strict';
const router = require('express').Router();
const {User} = require('../models/user_ldap');
const {Group} = require('../models/group_ldap');
const permission = require('../utils/permission');
router.get('/', async function(req, res, next){
try{
let member = req.query.member ? await User.get(req.query.member) : {}
return res.json({
results: await Group[req.query.detail ? "listDetail" : "list"](member.dn)
});
}catch(error){
next(error);
}
});
router.post('/', async function(req, res, next){
try{
await permission.byGroup(req.user, ['app_sso_admin']);
req.body.owner = req.user.dn;
return res.json({
results: await Group.add(req.body),
message: `${req.body.name} was added!`
})
}catch(error){
next(error);
}
});
router.get('/:name', async function(req, res, next){
try{
return res.json({
results: await Group.get(req.params.name)
});
}catch(error){
next(error);
}
});
router.put('/owner/:group/:uid', async function(req, res, next){
try{
await permission.byGroup(req.user, ['app_sso_admin'], [req.params.group]);
var group = await Group.get(req.params.group);
var user = await User.get(req.params.uid);
return res.json({
results: group.addOwner(user),
message: `Added owner ${req.params.uid} to ${req.params.group} group.`
});
}catch(error){
next(error);
}
});
router.delete('/owner/:group/:uid', async function(req, res, next){
try{
await permission.byGroup(req.user, ['app_sso_admin'], [req.params.group]);
var group = await Group.get(req.params.group);
var user = await User.get(req.params.uid);
return res.json({
results: group.removeOwner(user),
message: `Removed Owner ${req.params.uid} from ${req.params.group} group.`
});
}catch(error){
next(error);
}
});
router.put('/:group/:uid', async function(req, res, next){
try{
await permission.byGroup(req.user, ['app_sso_admin'], [req.params.group]);
var group = await Group.get(req.params.group);
var user = await User.get(req.params.uid);
return res.json({
results: group.addMember(user),
message: `Added user ${req.params.uid} to ${req.params.group} group.`
});
}catch(error){
next(error);
}
});
router.delete('/:group/:uid', async function(req, res, next){
try{
await permission.byGroup(req.user, ['app_sso_admin'], [req.params.group]);
var group = await Group.get(req.params.group);
var user = await User.get(req.params.uid);
return res.json({
results: group.removeMember(user),
message: `Removed user ${req.params.uid} from ${req.params.group} group.`
});
}catch(error){
next(error);
}
});
router.delete('/:group', async function(req, res, next){
try{
await permission.byGroup(req.user, ['app_sso_admin'], [req.params.group]);
var group = await Group.get(req.params.group);
return res.json({
removed: await group.remove(),
results: group,
message: `Group ${req.params.group} Deleted`
});
}catch(error){
next(error);
}
});
module.exports = router;

75
nodejs/routes/index.js Executable file
View File

@ -0,0 +1,75 @@
'use strict';
var express = require('express');
var router = express.Router();
const moment = require('moment');
const {InviteToken, PasswordResetToken} = require('./../models/token');
/* GET home page. */
router.get('/', async function(req, res, next) {
res.render('home', { title: 'Express' });
});
/* GET home page. */
router.get('/users', function(req, res, next) {
res.render('users', { title: 'Express' });
});
router.get('/users/:uid', function(req, res, next) {
res.render('home', { title: 'Express' });
});
router.get('/groups', function(req, res, next) {
res.render('groups', { title: 'Express' });
});
router.get('/login/resetpassword/:token', async function(req, res, next){
let token = await PasswordResetToken.get(req.params.token);
if(token.is_valid && 86400000+Number(token.created_on) > (new Date).getTime()){
res.render('reset_password', {token:token});
}else{
next({message: 'token not found', status: 404});
}
});
router.get('/login/invite/:token/:mailToken', async function(req, res, next){
try{
let token = await InviteToken.get(req.params.token);
if(token.is_valid && token.mail !== '__NONE__' && token.mail_token === req.params.mailToken){
token.created_on = moment(token.created_on, 'x').fromNow();
res.render('invite', { title: 'Express', invite: token });
}else{
next({message: 'token not found', status: 404});
}
}catch(error){
next(error);
}
});
router.get('/login/invite/:token', async function(req, res, next){
try{
let token = await InviteToken.get(req.params.token);
token.created_on = moment(token.created_on, 'x').fromNow();
if(token.is_valid){
res.render('invite_email', { title: 'Express', invite: token });
}else{
next({message: 'token not found', status: 404});
}
}catch(error){
next(error);
}
});
/* GET home page. */
router.get('/login', function(req, res, next) {
res.render('login', {redirect: req.query.redirect});
});
module.exports = router;

63
nodejs/routes/token.js Normal file
View File

@ -0,0 +1,63 @@
'use strict';
const router = require('express').Router();
const {AuthToken} = require('../models/auth');
const {Token, InviteToken} = require('../models/token');
const tokens = {
auth: AuthToken,
invite: InviteToken
}
router.get('/:name', async function(req, res, next){
try{
console.log(tokens, req.params.name)
return res.json({
results: await tokens[req.params.name][req.query.detail ? "listDetail" : "list"]()
});
}catch(error){
next(error);
}
});
router.get('/:name/:token', async function(req, res, next){
try{
return res.json({
results: await tokens[req.params.name].get(req.params.token)
});
}catch(error){
next(error);
}
});
// router.delete('/:username', async function(req, res, next){
// try{
// let user = await User.get(req.params.username);
// return res.json({username: req.params.username, results: await user.remove()})
// }catch(error){
// next(error);
// }
// });
module.exports = router;
/*
verify public ssh key
*/
// router.post('/verifykey', async function(req, res){
// let key = req.body.key;
// try{
// return res.json({
// info: await Users.verifyKey(key)
// });
// }catch(error){
// return res.status(400).json({
// message: 'Key is not a public key file!'
// });
// }
// });

141
nodejs/routes/user.js Executable file
View File

@ -0,0 +1,141 @@
'use strict';
const router = require('express').Router();
const {User} = require('../models/user');
const permission = require('../utils/permission');
router.get('/', async function(req, res, next){
try{
return res.json({
results: await User[req.query.detail ? "listDetail" : "list"]()
});
}catch(error){
next(error);
}
});
router.post('/', async function(req, res, next){
try{
await permission.byGroup(req.user, ['app_sso_admin'])
req.body.created_by = req.user.uid
return res.json({results: await User.add(req.body)});
}catch(error){
next(error);
}
});
router.delete('/:uid', async function(req, res, next){
try{
let user;
if(req.params.uid.toLowerCase() === req.user.uid.toLowerCase()){
user = req.user;
}else{
user = await User.get(req.params.uid);
await permission.byGroup(req.user, ['app_sso_admin'])
}
return res.json({uid: req.params.uid, results: await user.remove()})
}catch(error){
next(error);
}
});
router.put('/:uid', async function(req, res, next){
try{
let user;
if(req.params.uid.toLowerCase() === req.user.uid.toLowerCase()){
user = req.user;
}else{
user = await User.get(req.params.uid);
await permission.byGroup(req.user, ['app_sso_admin'])
}
return res.json({
results: await user.update(req.body),
message: `Updated ${req.params.uid} user`
});
}catch(error){
next(error);
}
});
router.get('/me', async function(req, res, next){
try{
return res.json(await User.get({uid: req.user.uid}));
}catch(error){
next(error);
}
});
router.put('/password', async function(req, res, next){
try{
return res.json({results: await req.user.setPassword(req.body)})
}catch(error){
next(error);
}
});
router.put('/:uid/password', async function(req, res, next){
try{
let user;
if(req.params.uid.toLowerCase() === req.user.uid.toLowerCase()){
user = req.user;
}else{
user = await User.get(req.params.uid);
await permission.byGroup(req.user, ['app_sso_admin'])
}
return res.json({
results: await user.setPassword(req.body),
message: `User ${user.uid} password changed.`
});
}catch(error){
next(error);
}
});
router.post('/invite', async function(req, res, next){
try{
let token = await req.user.invite();
return res.json({token: token.token});
}catch(error){
next(error);
}
});
router.post('/key', async function(req, res, next){
try{
let added = await User.addSSHkey({
uid: req.user.uid,
key: req.body.key
});
return res.status(added === true ? 200 : 400).json({
message: added
});
}catch(error){
next(error);
}
});
router.get('/:uid', async function(req, res, next){
try{
return res.json({
results: await User.get(req.params.uid),
});
}catch(error){
next(error);
}
});
module.exports = router;