diff options
Diffstat (limited to 'server/controllers/api')
-rw-r--r-- | server/controllers/api/v1/users.js | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js index f45b47077..1125b9faa 100644 --- a/server/controllers/api/v1/users.js +++ b/server/controllers/api/v1/users.js | |||
@@ -1,13 +1,16 @@ | |||
1 | 'use strict' | 1 | 'use strict' |
2 | 2 | ||
3 | const config = require('config') | ||
3 | const express = require('express') | 4 | const express = require('express') |
4 | const oAuth2 = require('../../../middlewares/oauth2') | 5 | const oAuth2 = require('../../../middlewares/oauth2') |
5 | 6 | ||
6 | const middleware = require('../../../middlewares') | 7 | const middleware = require('../../../middlewares') |
7 | const cacheMiddleware = middleware.cache | 8 | const cacheMiddleware = middleware.cache |
9 | const Users = require('../../../models/users') | ||
8 | 10 | ||
9 | const router = express.Router() | 11 | const router = express.Router() |
10 | 12 | ||
13 | router.get('/client', cacheMiddleware.cache(false), getAngularClient) | ||
11 | router.post('/token', cacheMiddleware.cache(false), oAuth2.token, success) | 14 | router.post('/token', cacheMiddleware.cache(false), oAuth2.token, success) |
12 | 15 | ||
13 | // --------------------------------------------------------------------------- | 16 | // --------------------------------------------------------------------------- |
@@ -16,6 +19,27 @@ module.exports = router | |||
16 | 19 | ||
17 | // --------------------------------------------------------------------------- | 20 | // --------------------------------------------------------------------------- |
18 | 21 | ||
22 | function getAngularClient (req, res, next) { | ||
23 | const server_host = config.get('webserver.host') | ||
24 | const server_port = config.get('webserver.port') | ||
25 | let header_host_should_be = server_host | ||
26 | if (server_port !== 80 && server_port !== 443) { | ||
27 | header_host_should_be += ':' + server_port | ||
28 | } | ||
29 | |||
30 | if (req.get('host') !== header_host_should_be) return res.type('json').status(403).end() | ||
31 | |||
32 | Users.getFirstClient(function (err, client) { | ||
33 | if (err) return next(err) | ||
34 | if (!client) return next(new Error('No client available.')) | ||
35 | |||
36 | res.json({ | ||
37 | client_id: client._id, | ||
38 | client_secret: client.clientSecret | ||
39 | }) | ||
40 | }) | ||
41 | } | ||
42 | |||
19 | function success (req, res, next) { | 43 | function success (req, res, next) { |
20 | res.end() | 44 | res.end() |
21 | } | 45 | } |