aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--client/src/app/shared/auth/auth.service.ts2
-rw-r--r--server/controllers/api/v1/clients.js40
-rw-r--r--server/controllers/api/v1/index.js2
-rw-r--r--server/controllers/api/v1/users.js28
4 files changed, 44 insertions, 28 deletions
diff --git a/client/src/app/shared/auth/auth.service.ts b/client/src/app/shared/auth/auth.service.ts
index 4c08e24c0..6a5b19ffe 100644
--- a/client/src/app/shared/auth/auth.service.ts
+++ b/client/src/app/shared/auth/auth.service.ts
@@ -8,7 +8,7 @@ import { User } from './user.model';
8 8
9@Injectable() 9@Injectable()
10export class AuthService { 10export class AuthService {
11 private static BASE_CLIENT_URL = '/api/v1/users/client'; 11 private static BASE_CLIENT_URL = '/api/v1/clients/local';
12 private static BASE_TOKEN_URL = '/api/v1/users/token'; 12 private static BASE_TOKEN_URL = '/api/v1/users/token';
13 13
14 loginChangedSource: Observable<AuthStatus>; 14 loginChangedSource: Observable<AuthStatus>;
diff --git a/server/controllers/api/v1/clients.js b/server/controllers/api/v1/clients.js
new file mode 100644
index 000000000..0d222634b
--- /dev/null
+++ b/server/controllers/api/v1/clients.js
@@ -0,0 +1,40 @@
1'use strict'
2
3const config = require('config')
4const express = require('express')
5const mongoose = require('mongoose')
6
7const Client = mongoose.model('OAuthClient')
8
9const router = express.Router()
10
11router.get('/local', getLocalClient)
12
13// Get the client credentials for the PeerTube front end
14function getLocalClient (req, res, next) {
15 const serverHost = config.get('webserver.host')
16 const serverPort = config.get('webserver.port')
17 let headerHostShouldBe = serverHost
18 if (serverPort !== 80 && serverPort !== 443) {
19 headerHostShouldBe += ':' + serverPort
20 }
21
22 // Don't make this check if this is a test instance
23 if (process.env.NODE_ENV !== 'test' && req.get('host') !== headerHostShouldBe) {
24 return res.type('json').status(403).end()
25 }
26
27 Client.loadFirstClient(function (err, client) {
28 if (err) return next(err)
29 if (!client) return next(new Error('No client available.'))
30
31 res.json({
32 client_id: client._id,
33 client_secret: client.clientSecret
34 })
35 })
36}
37
38// ---------------------------------------------------------------------------
39
40module.exports = router
diff --git a/server/controllers/api/v1/index.js b/server/controllers/api/v1/index.js
index e0c29a8a2..af41bc280 100644
--- a/server/controllers/api/v1/index.js
+++ b/server/controllers/api/v1/index.js
@@ -4,11 +4,13 @@ const express = require('express')
4 4
5const router = express.Router() 5const router = express.Router()
6 6
7const clientsController = require('./clients')
7const podsController = require('./pods') 8const podsController = require('./pods')
8const remoteController = require('./remote') 9const remoteController = require('./remote')
9const usersController = require('./users') 10const usersController = require('./users')
10const videosController = require('./videos') 11const videosController = require('./videos')
11 12
13router.use('/clients', clientsController)
12router.use('/pods', podsController) 14router.use('/pods', podsController)
13router.use('/remote', remoteController) 15router.use('/remote', remoteController)
14router.use('/users', usersController) 16router.use('/users', usersController)
diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js
index e084974ce..fdbcc3ff5 100644
--- a/server/controllers/api/v1/users.js
+++ b/server/controllers/api/v1/users.js
@@ -1,7 +1,6 @@
1'use strict' 1'use strict'
2 2
3const each = require('async/each') 3const each = require('async/each')
4const config = require('config')
5const express = require('express') 4const express = require('express')
6const mongoose = require('mongoose') 5const mongoose = require('mongoose')
7const waterfall = require('async/waterfall') 6const waterfall = require('async/waterfall')
@@ -14,7 +13,6 @@ const admin = middlewares.admin
14const oAuth = middlewares.oauth 13const oAuth = middlewares.oauth
15const validatorsUsers = middlewares.validators.users 14const validatorsUsers = middlewares.validators.users
16 15
17const Client = mongoose.model('OAuthClient')
18const User = mongoose.model('User') 16const User = mongoose.model('User')
19const Video = mongoose.model('Video') 17const Video = mongoose.model('Video')
20 18
@@ -41,7 +39,7 @@ router.delete('/:username',
41 validatorsUsers.usersRemove, 39 validatorsUsers.usersRemove,
42 removeUser 40 removeUser
43) 41)
44router.get('/client', getAngularClient) 42
45router.post('/token', oAuth.token, success) 43router.post('/token', oAuth.token, success)
46// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route 44// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route
47 45
@@ -65,30 +63,6 @@ function createUser (req, res, next) {
65 }) 63 })
66} 64}
67 65
68function getAngularClient (req, res, next) {
69 const serverHost = config.get('webserver.host')
70 const serverPort = config.get('webserver.port')
71 let headerHostShouldBe = serverHost
72 if (serverPort !== 80 && serverPort !== 443) {
73 headerHostShouldBe += ':' + serverPort
74 }
75
76 // Don't make this check if this is a test instance
77 if (process.env.NODE_ENV !== 'test' && req.get('host') !== headerHostShouldBe) {
78 return res.type('json').status(403).end()
79 }
80
81 Client.loadFirstClient(function (err, client) {
82 if (err) return next(err)
83 if (!client) return next(new Error('No client available.'))
84
85 res.json({
86 client_id: client._id,
87 client_secret: client.clientSecret
88 })
89 })
90}
91
92function listUsers (req, res, next) { 66function listUsers (req, res, next) {
93 User.list(function (err, usersList) { 67 User.list(function (err, usersList) {
94 if (err) return next(err) 68 if (err) return next(err)