module.exports = function(app) { let models = app.models; let bootTimestamp = new Date().getTime(); app.get('/', function(req, res) { let token = req.cookies.vnToken; validateToken(token, function(isValid) { if (!isValid) { redirectToAuth(res, req.get('origin')); return; } res.render('index.ejs', { assets: app.getWpAssets('salix'), version: bootTimestamp }); }); }); app.get('/acl', function(req, res) { let token = req.cookies.vnToken; validateToken(token, function(isValid, token) { if (isValid) sendUserRole(res, token); else sendACL(res, {}); }); }); app.get('/login', function(req, res) { let token = req.query.token; let continueUrl = req.query.continue; validateToken(token, function(isValid) { if (isValid) { res.cookie('vnToken', token /* , {httpOnly: true} */); res.redirect(continueUrl ? continueUrl : '/'); } else redirectToAuth(res); }); }); app.get('/logout', function(req, res) { let token = req.cookies.vnToken; models.User.logout(token, function() { redirectToAuth(res); }); }); app.get('/validateToken', function(req, res) { let token = req.headers.authorization; validateToken(token, function(isValid) { if (isValid) res.json(null); else { res.status(401).json({ message: 'Invalid token' }); } }); }); function validateToken(tokenId, cb) { models.AccessToken.findById(tokenId, function(err, token) { if (token) { token.validate(function(err, isValid) { cb(isValid === true, token); }); } else cb(false); }); } function sendUserRole(res, token) { if (token.userId) { let query = { where: { principalId: token.userId, principalType: 'USER' }, include: [{ relation: 'role', scope: { fields: ['name'] } }] }; models.RoleMapping.find(query, function(_, roles) { if (roles) { let acl = { userProfile: {}, roles: {} }; Object.keys(roles).forEach(function(_, i) { if (roles[i].roleId) { let rol = roles[i].role(); acl.roles[rol.name] = true; } }); models.User.findById(token.userId, function(_, userProfile) { // acl.userProfile = userProfile; if (userProfile && userProfile.id) { acl.userProfile.id = userProfile.id; acl.userProfile.username = userProfile.username; acl.userProfile.warehouseId = 1; sendACL(res, acl); } else sendACL(res, {}); }); } else sendACL(res, {}); }); } else sendACL(res, {}); } function redirectToAuth(res, continueUrl) { let authUrl = app.get('url auth'); let params = { apiKey: app.get('api key'), continue: continueUrl }; res.clearCookie('vnToken'); res.redirect(`${authUrl}/?${encodeUri(params)}`); } function sendACL(res, acl) { let aclStr = JSON.stringify(acl); res.header('Content-Type', 'application/javascript; charset=UTF-8'); res.send(`(function(window){window.salix = window.salix || {}; window.salix.acl = window.salix.acl || {}; window.salix.acl = ${aclStr}; })(window)`); } }; function encodeUri(object) { let uri = ''; for (let key in object) { if (object[key]) { if (uri.length > 0) uri += '&'; uri += encodeURIComponent(key) + '='; uri += encodeURIComponent(object[key]); } } return uri; }