aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2016-04-27 22:11:48 +0200
committerChocobozzz <florian.bigard@gmail.com>2016-04-27 22:11:48 +0200
commit23a5a916dba8960e77e0dcc9f9050e0df0a5f60b (patch)
tree4b13e967a5b9715ba2c6b74681f13e6ccdfa86e4
parent2693922352c23401b658720251db2966c92614bb (diff)
downloadPeerTube-23a5a916dba8960e77e0dcc9f9050e0df0a5f60b.tar.gz
PeerTube-23a5a916dba8960e77e0dcc9f9050e0df0a5f60b.tar.zst
PeerTube-23a5a916dba8960e77e0dcc9f9050e0df0a5f60b.zip
Make angular client load dynamically the generated client id/secret
-rw-r--r--client/angular/users/services/auth.service.ts17
-rw-r--r--server/controllers/api/v1/users.js24
-rw-r--r--server/models/users.js5
3 files changed, 46 insertions, 0 deletions
diff --git a/client/angular/users/services/auth.service.ts b/client/angular/users/services/auth.service.ts
index 89412c3df..c09f0a343 100644
--- a/client/angular/users/services/auth.service.ts
+++ b/client/angular/users/services/auth.service.ts
@@ -11,12 +11,29 @@ export class AuthService {
11 11
12 private _loginChanged; 12 private _loginChanged;
13 private _baseLoginUrl = '/api/v1/users/token'; 13 private _baseLoginUrl = '/api/v1/users/token';
14 private _baseClientUrl = '/api/v1/users/client';
14 private _clientId = '56f055587305d40b21904240'; 15 private _clientId = '56f055587305d40b21904240';
15 private _clientSecret = 'megustalabanana'; 16 private _clientSecret = 'megustalabanana';
16 17
17 constructor (private http: Http) { 18 constructor (private http: Http) {
18 this._loginChanged = new Subject<AuthStatus>(); 19 this._loginChanged = new Subject<AuthStatus>();
19 this.loginChanged$ = this._loginChanged.asObservable(); 20 this.loginChanged$ = this._loginChanged.asObservable();
21
22 // Fetch the client_id/client_secret
23 // FIXME: save in local storage?
24 this.http.get(this._baseClientUrl)
25 .map(res => res.json())
26 .catch(this.handleError)
27 .subscribe(
28 result => {
29 this._clientId = result.client_id;
30 this._clientSecret = result.client_secret;
31 console.log('Client credentials loaded.');
32 },
33 error => {
34 alert(error);
35 }
36 )
20 } 37 }
21 38
22 login(username: string, password: string) { 39 login(username: string, password: string) {
diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js
index f45b47077..1125b9faa 100644
--- a/server/controllers/api/v1/users.js
+++ b/server/controllers/api/v1/users.js
@@ -1,13 +1,16 @@
1'use strict' 1'use strict'
2 2
3const config = require('config')
3const express = require('express') 4const express = require('express')
4const oAuth2 = require('../../../middlewares/oauth2') 5const oAuth2 = require('../../../middlewares/oauth2')
5 6
6const middleware = require('../../../middlewares') 7const middleware = require('../../../middlewares')
7const cacheMiddleware = middleware.cache 8const cacheMiddleware = middleware.cache
9const Users = require('../../../models/users')
8 10
9const router = express.Router() 11const router = express.Router()
10 12
13router.get('/client', cacheMiddleware.cache(false), getAngularClient)
11router.post('/token', cacheMiddleware.cache(false), oAuth2.token, success) 14router.post('/token', cacheMiddleware.cache(false), oAuth2.token, success)
12 15
13// --------------------------------------------------------------------------- 16// ---------------------------------------------------------------------------
@@ -16,6 +19,27 @@ module.exports = router
16 19
17// --------------------------------------------------------------------------- 20// ---------------------------------------------------------------------------
18 21
22function getAngularClient (req, res, next) {
23 const server_host = config.get('webserver.host')
24 const server_port = config.get('webserver.port')
25 let header_host_should_be = server_host
26 if (server_port !== 80 && server_port !== 443) {
27 header_host_should_be += ':' + server_port
28 }
29
30 if (req.get('host') !== header_host_should_be) return res.type('json').status(403).end()
31
32 Users.getFirstClient(function (err, client) {
33 if (err) return next(err)
34 if (!client) return next(new Error('No client available.'))
35
36 res.json({
37 client_id: client._id,
38 client_secret: client.clientSecret
39 })
40 })
41}
42
19function success (req, res, next) { 43function success (req, res, next) {
20 res.end() 44 res.end()
21} 45}
diff --git a/server/models/users.js b/server/models/users.js
index 046fe462d..a852bf25b 100644
--- a/server/models/users.js
+++ b/server/models/users.js
@@ -35,6 +35,7 @@ const Users = {
35 getAccessToken: getAccessToken, 35 getAccessToken: getAccessToken,
36 getClient: getClient, 36 getClient: getClient,
37 getClients: getClients, 37 getClients: getClients,
38 getFirstClient: getFirstClient,
38 getRefreshToken: getRefreshToken, 39 getRefreshToken: getRefreshToken,
39 getUser: getUser, 40 getUser: getUser,
40 getUsers: getUsers, 41 getUsers: getUsers,
@@ -64,6 +65,10 @@ function getAccessToken (bearerToken, callback) {
64 return OAuthTokensDB.findOne({ accessToken: bearerToken }).populate('user') 65 return OAuthTokensDB.findOne({ accessToken: bearerToken }).populate('user')
65} 66}
66 67
68function getFirstClient (callback) {
69 return OAuthClientsDB.findOne({}, callback)
70}
71
67function getClient (clientId, clientSecret) { 72function getClient (clientId, clientSecret) {
68 logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').') 73 logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').')
69 74