2017-05-21 16:36:07 +00:00
|
|
|
var url = require('url');
|
|
|
|
var md5 = require('md5');
|
2016-11-08 14:06:45 +00:00
|
|
|
|
2016-11-08 08:07:39 +00:00
|
|
|
module.exports = function(app) {
|
2017-05-21 16:36:07 +00:00
|
|
|
let User = app.models.User;
|
2017-05-17 19:23:47 +00:00
|
|
|
let applications = app.get('applications');
|
2016-11-08 08:07:39 +00:00
|
|
|
|
2017-09-22 11:06:38 +00:00
|
|
|
app.get('/', function(req, res) {
|
2018-02-14 11:52:24 +00:00
|
|
|
app.renderIndex(res);
|
2017-05-17 19:23:47 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
app.post('/login', function(req, res) {
|
2017-10-10 12:45:13 +00:00
|
|
|
let body = req.body;
|
|
|
|
let user = body.user;
|
|
|
|
let password = body.password;
|
2017-05-21 16:36:07 +00:00
|
|
|
let syncOnFail = true;
|
2017-10-10 12:45:13 +00:00
|
|
|
let usesEmail = user && user.indexOf('@') !== -1;
|
2017-05-21 16:36:07 +00:00
|
|
|
|
|
|
|
login();
|
|
|
|
|
|
|
|
function login() {
|
2017-05-22 09:31:06 +00:00
|
|
|
let loginInfo = {password: password};
|
|
|
|
|
|
|
|
if (usesEmail)
|
|
|
|
loginInfo.email = user;
|
|
|
|
else
|
|
|
|
loginInfo.username = user;
|
|
|
|
|
2017-05-21 16:36:07 +00:00
|
|
|
User.login(loginInfo, 'user', loginCb);
|
|
|
|
}
|
|
|
|
function loginCb(err, token) {
|
2017-05-17 19:23:47 +00:00
|
|
|
if (err) {
|
2017-09-22 11:06:38 +00:00
|
|
|
if (syncOnFail && !usesEmail) {
|
2017-05-21 16:36:07 +00:00
|
|
|
syncOnFail = false;
|
|
|
|
let filter = {where: {name: user}};
|
|
|
|
app.models.Account.findOne(filter, findCb);
|
2017-09-22 11:06:38 +00:00
|
|
|
} else
|
2017-05-21 16:36:07 +00:00
|
|
|
badLogin();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2017-10-13 14:23:00 +00:00
|
|
|
let apiKey;
|
2017-10-10 12:45:13 +00:00
|
|
|
let continueUrl;
|
2017-06-02 07:29:14 +00:00
|
|
|
|
2017-10-10 12:45:13 +00:00
|
|
|
try {
|
|
|
|
let query = url.parse(req.body.location, true).query;
|
2017-10-13 14:23:00 +00:00
|
|
|
apiKey = query.apiKey;
|
2017-10-10 12:45:13 +00:00
|
|
|
continueUrl = query.continue;
|
2017-10-13 14:23:00 +00:00
|
|
|
} catch (e) {
|
|
|
|
apiKey = 'default';
|
|
|
|
continueUrl = null;
|
|
|
|
}
|
|
|
|
|
2018-01-29 13:28:31 +00:00
|
|
|
let loginUrl = applications[apiKey];
|
2017-05-21 16:36:07 +00:00
|
|
|
|
2017-10-17 06:22:59 +00:00
|
|
|
res.json({
|
2017-05-21 16:36:07 +00:00
|
|
|
token: token.id,
|
2017-10-10 12:45:13 +00:00
|
|
|
continue: continueUrl,
|
2017-09-22 11:06:38 +00:00
|
|
|
loginUrl: loginUrl
|
2017-10-17 06:22:59 +00:00
|
|
|
});
|
2017-05-21 16:36:07 +00:00
|
|
|
}
|
|
|
|
function findCb(err, instance) {
|
2017-10-13 14:23:00 +00:00
|
|
|
if (err || !instance || instance.password !== md5(password)) {
|
2017-05-21 16:36:07 +00:00
|
|
|
badLogin();
|
|
|
|
return;
|
2017-05-17 19:23:47 +00:00
|
|
|
}
|
2017-05-21 16:36:07 +00:00
|
|
|
|
2017-05-22 09:04:37 +00:00
|
|
|
let where = {id: instance.id};
|
2017-05-21 16:36:07 +00:00
|
|
|
let userData = {
|
2017-05-22 09:04:37 +00:00
|
|
|
id: instance.id,
|
2017-05-21 16:36:07 +00:00
|
|
|
username: user,
|
|
|
|
password: password,
|
2017-05-22 09:04:37 +00:00
|
|
|
email: instance.email,
|
|
|
|
created: instance.created,
|
|
|
|
updated: instance.updated
|
2017-05-21 16:36:07 +00:00
|
|
|
};
|
|
|
|
User.upsertWithWhere(where, userData, login);
|
|
|
|
}
|
|
|
|
function badLogin() {
|
|
|
|
res.status(401);
|
2017-10-17 06:22:59 +00:00
|
|
|
res.json({
|
2017-05-21 16:36:07 +00:00
|
|
|
message: 'Login failed'
|
2017-10-17 06:22:59 +00:00
|
|
|
});
|
2017-05-21 16:36:07 +00:00
|
|
|
}
|
2016-11-08 08:07:39 +00:00
|
|
|
});
|
2016-11-08 14:06:45 +00:00
|
|
|
|
2017-09-22 11:06:38 +00:00
|
|
|
app.get('/logout', function(req, res) {
|
2018-01-29 20:20:04 +00:00
|
|
|
User.logout(req.accessToken.id, () => {
|
|
|
|
res.redirect('/');
|
|
|
|
});
|
2017-05-17 19:23:47 +00:00
|
|
|
});
|
|
|
|
};
|