diff options
author | Johannes Zellner <johannes@cloudron.io> | 2019-08-07 22:33:23 +0200 |
---|---|---|
committer | Johannes Zellner <johannes@cloudron.io> | 2019-08-07 22:33:23 +0200 |
commit | c2c00fca7dccb6e512a0f01bc87db129538765ef (patch) | |
tree | 3b872bed1587231a22d24fe8aaf3043565900f3b /src/auth.js | |
parent | d5940df06a4f498176dad293f66607fb69eb2a28 (diff) | |
download | Surfer-c2c00fca7dccb6e512a0f01bc87db129538765ef.tar.gz Surfer-c2c00fca7dccb6e512a0f01bc87db129538765ef.tar.zst Surfer-c2c00fca7dccb6e512a0f01bc87db129538765ef.zip |
Add access token ui and rest api
Diffstat (limited to 'src/auth.js')
-rw-r--r-- | src/auth.js | 37 |
1 files changed, 34 insertions, 3 deletions
diff --git a/src/auth.js b/src/auth.js index 2532688..a885d49 100644 --- a/src/auth.js +++ b/src/auth.js | |||
@@ -15,6 +15,8 @@ const LDAP_USERS_BASE_DN = process.env.CLOUDRON_LDAP_USERS_BASE_DN; | |||
15 | const LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json'); | 15 | const LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json'); |
16 | const TOKENSTORE_FILE = path.resolve(process.env.TOKENSTORE_FILE || './.tokens.json'); | 16 | const TOKENSTORE_FILE = path.resolve(process.env.TOKENSTORE_FILE || './.tokens.json'); |
17 | const AUTH_METHOD = (LDAP_URL && LDAP_USERS_BASE_DN) ? 'ldap' : 'local'; | 17 | const AUTH_METHOD = (LDAP_URL && LDAP_USERS_BASE_DN) ? 'ldap' : 'local'; |
18 | const LOGIN_TOKEN_PREFIX = 'login-'; | ||
19 | const API_TOKEN_PREFIX = 'api-'; | ||
18 | 20 | ||
19 | if (AUTH_METHOD === 'ldap') { | 21 | if (AUTH_METHOD === 'ldap') { |
20 | console.log('Use ldap auth'); | 22 | console.log('Use ldap auth'); |
@@ -34,8 +36,11 @@ var tokenStore = { | |||
34 | get: function (token, callback) { | 36 | get: function (token, callback) { |
35 | callback(tokenStore.data[token] ? null : 'not found', tokenStore.data[token]); | 37 | callback(tokenStore.data[token] ? null : 'not found', tokenStore.data[token]); |
36 | }, | 38 | }, |
37 | set: function (token, data, callback) { | 39 | getApiTokens: function (callback) { |
38 | tokenStore.data[token] = data; | 40 | callback(null, Object.keys(tokenStore.data).filter(function (t) { return t.indexOf(API_TOKEN_PREFIX) === 0; })) |
41 | }, | ||
42 | set: function (token, user, callback) { | ||
43 | tokenStore.data[token] = user; | ||
39 | tokenStore.save(); | 44 | tokenStore.save(); |
40 | callback(null); | 45 | callback(null); |
41 | }, | 46 | }, |
@@ -102,7 +107,7 @@ exports.login = function (req, res, next) { | |||
102 | verifyUser(req.body.username, req.body.password, function (error, user) { | 107 | verifyUser(req.body.username, req.body.password, function (error, user) { |
103 | if (error) return next(new HttpError(401, 'Invalid credentials')); | 108 | if (error) return next(new HttpError(401, 'Invalid credentials')); |
104 | 109 | ||
105 | var accessToken = uuid(); | 110 | var accessToken = LOGIN_TOKEN_PREFIX + uuid(); |
106 | 111 | ||
107 | tokenStore.set(accessToken, user, function (error) { | 112 | tokenStore.set(accessToken, user, function (error) { |
108 | if (error) return next(new HttpError(500, error)); | 113 | if (error) return next(new HttpError(500, error)); |
@@ -139,6 +144,32 @@ exports.getProfile = function (req, res, next) { | |||
139 | next(new HttpSuccess(200, { username: req.user.username })); | 144 | next(new HttpSuccess(200, { username: req.user.username })); |
140 | }; | 145 | }; |
141 | 146 | ||
147 | exports.getTokens = function (req, res, next) { | ||
148 | tokenStore.getApiTokens(function (error, result) { | ||
149 | if (error) return next(new HttpError(500, error)); | ||
150 | |||
151 | next(new HttpSuccess(200, { accessTokens: result })); | ||
152 | }); | ||
153 | }; | ||
154 | |||
155 | exports.createToken = function (req, res, next) { | ||
156 | var accessToken = API_TOKEN_PREFIX + uuid(); | ||
157 | |||
158 | tokenStore.set(accessToken, req.user, function (error) { | ||
159 | if (error) return next(new HttpError(500, error)); | ||
160 | |||
161 | next(new HttpSuccess(201, { accessToken: accessToken })); | ||
162 | }); | ||
163 | }; | ||
164 | |||
165 | exports.delToken = function (req, res, next) { | ||
166 | tokenStore.del(req.params.token, function (error) { | ||
167 | if (error) console.error(error); | ||
168 | |||
169 | next(new HttpSuccess(200, {})); | ||
170 | }); | ||
171 | }; | ||
172 | |||
142 | // webdav usermanager | 173 | // webdav usermanager |
143 | exports.WebdavUserManager = WebdavUserManager; | 174 | exports.WebdavUserManager = WebdavUserManager; |
144 | 175 | ||