blob: fbbe6e4726276140409dee8b7247659034e0aa4a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
'use strict'
const config = require('config')
const mongoose = require('mongoose')
const express = require('express')
const oAuth = require('../../../middlewares').oauth
const Client = mongoose.model('OAuthClient')
const router = express.Router()
router.get('/client', getAngularClient)
router.post('/token', oAuth.token, success)
// TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged,, implement revoke token route
// ---------------------------------------------------------------------------
module.exports = router
// ---------------------------------------------------------------------------
function getAngularClient (req, res, next) {
const serverHost = config.get('webserver.host')
const serverPort = config.get('webserver.port')
let headerHostShouldBe = serverHost
if (serverPort !== 80 && serverPort !== 443) {
headerHostShouldBe += ':' + serverPort
}
// Don't make this check if this is a test instance
if (process.env.NODE_ENV !== 'test' && req.get('host') !== headerHostShouldBe) {
return res.type('json').status(403).end()
}
Client.loadFirstClient(function (err, client) {
if (err) return next(err)
if (!client) return next(new Error('No client available.'))
res.json({
client_id: client._id,
client_secret: client.clientSecret
})
})
}
function success (req, res, next) {
res.end()
}
|