From 23a5a916dba8960e77e0dcc9f9050e0df0a5f60b Mon Sep 17 00:00:00 2001
From: Chocobozzz <florian.bigard@gmail.com>
Date: Wed, 27 Apr 2016 22:11:48 +0200
Subject: Make angular client load dynamically the generated client id/secret

---
 server/controllers/api/v1/users.js | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'server/controllers')

diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js
index f45b47077..1125b9faa 100644
--- a/server/controllers/api/v1/users.js
+++ b/server/controllers/api/v1/users.js
@@ -1,13 +1,16 @@
 'use strict'
 
+const config = require('config')
 const express = require('express')
 const oAuth2 = require('../../../middlewares/oauth2')
 
 const middleware = require('../../../middlewares')
 const cacheMiddleware = middleware.cache
+const Users = require('../../../models/users')
 
 const router = express.Router()
 
+router.get('/client', cacheMiddleware.cache(false), getAngularClient)
 router.post('/token', cacheMiddleware.cache(false), oAuth2.token, success)
 
 // ---------------------------------------------------------------------------
@@ -16,6 +19,27 @@ module.exports = router
 
 // ---------------------------------------------------------------------------
 
+function getAngularClient (req, res, next) {
+  const server_host = config.get('webserver.host')
+  const server_port = config.get('webserver.port')
+  let header_host_should_be = server_host
+  if (server_port !== 80 && server_port !== 443) {
+    header_host_should_be += ':' + server_port
+  }
+
+  if (req.get('host') !== header_host_should_be) return res.type('json').status(403).end()
+
+  Users.getFirstClient(function (err, client) {
+    if (err) return next(err)
+    if (!client) return next(new Error('No client available.'))
+
+    res.json({
+      client_id: client._id,
+      client_secret: client.clientSecret
+    })
+  })
+}
+
 function success (req, res, next) {
   res.end()
 }
-- 
cgit v1.2.3