X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fcontrollers%2Fapi%2Fv1%2Fusers.js;h=0584d5cdf422e91ab27041032efe65b038b63052;hb=bc503c2a62dcf9aed6b8d90b68f0f27a7755ac01;hp=acb860c667be5a87478bf89433db6d1863c8b79b;hpb=9457bf88079a23d28011ff7c65faa56a548b7817;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js
index acb860c66..0584d5cdf 100644
--- a/server/controllers/api/v1/users.js
+++ b/server/controllers/api/v1/users.js
@@ -1,15 +1,17 @@
 'use strict'
 
-var express = require('express')
-var oAuth2 = require('../../../middlewares/oauth2')
+const config = require('config')
+const express = require('express')
+const oAuth2 = require('../../../middlewares/oauth2')
 
 const middleware = require('../../../middlewares')
 const cacheMiddleware = middleware.cache
+const Users = require('../../../models/users')
 
 const router = express.Router()
 
-router.post('/token', cacheMiddleware.cache(false), oAuth2.token(), success)
-router.get('/authenticate', cacheMiddleware.cache(false), oAuth2.authenticate(), success)
+router.get('/client', cacheMiddleware.cache(false), getAngularClient)
+router.post('/token', cacheMiddleware.cache(false), oAuth2.token, success)
 
 // ---------------------------------------------------------------------------
 
@@ -17,6 +19,27 @@ module.exports = router
 
 // ---------------------------------------------------------------------------
 
+function getAngularClient (req, res, next) {
+  const serverHost = config.get('webserver.host')
+  const serverPort = config.get('webserver.port')
+  let headerHostShouldBe = serverHost
+  if (serverPort !== 80 && serverPort !== 443) {
+    headerHostShouldBe += ':' + serverPort
+  }
+
+  if (req.get('host') !== headerHostShouldBe) return res.type('json').status(403).end()
+
+  Users.getFirstClient(function (err, client) {
+    if (err) return next(err)
+    if (!client) return next(new Error('No client available.'))
+
+    res.json({
+      client_id: client._id,
+      client_secret: client.clientSecret
+    })
+  })
+}
+
 function success (req, res, next) {
   res.end()
 }