91 lines
1.7 KiB
JavaScript
91 lines
1.7 KiB
JavaScript
'use strict';
|
|
|
|
const router = require('express').Router();
|
|
const Users = require('../models/users');
|
|
|
|
/*
|
|
Password login
|
|
*/
|
|
router.post('/login', async function(req, res){
|
|
let username = req.body.username;
|
|
let password = req.body.password;
|
|
|
|
let groups = await Users.login({username, password});
|
|
|
|
if(groups){
|
|
return res.json({
|
|
login: true,
|
|
token: await Users.addToken({username}),
|
|
groups: groups,
|
|
});
|
|
}else{
|
|
return res.status(401).json({
|
|
login: false
|
|
});
|
|
}
|
|
|
|
});
|
|
|
|
/*
|
|
verify public ssh key
|
|
*/
|
|
router.post('/verifykey', async function(req, res){
|
|
let key = req.body.key;
|
|
|
|
try{
|
|
return res.json({
|
|
info: await Users.verifyKey(key)
|
|
});
|
|
}catch(error){
|
|
return res.status(400).json({
|
|
message: 'Key is not a public key file!'
|
|
});
|
|
}
|
|
|
|
});
|
|
|
|
|
|
router.post('/invite/:token', async function(req, res, next) {
|
|
let username = req.body.username;
|
|
let password = req.body.password;
|
|
let token = req.params.token;
|
|
|
|
// make sure invite token is valid
|
|
let invite = await Users.checkInvite({token});
|
|
|
|
if(!invite || invite.invited){
|
|
return res.status(401).json({
|
|
message: 'Token not valid'
|
|
});
|
|
}
|
|
|
|
// make sure requires fields are in
|
|
if(!username || !password){
|
|
return res.status(400).json({
|
|
message: 'Missing fields'
|
|
});
|
|
}
|
|
|
|
// make sure the requested user name can be used
|
|
if(await Users.ifUserExists({username})){
|
|
return res.status(409).json({
|
|
message: 'Username taken'
|
|
});
|
|
}
|
|
|
|
// create the new user
|
|
await Users.add({username, password, isAdmin: invite.isAdmin});
|
|
|
|
// consume the invite token
|
|
await Users.consumeInvite({token, username});
|
|
|
|
// send back API token for the new user
|
|
return res.json({
|
|
user: username,
|
|
token: await Users.addToken({username})
|
|
});
|
|
|
|
});
|
|
|
|
module.exports = router;
|