var url = require('url'); var md5 = require('md5'); module.exports = function(app) { let User = app.models.User; let applications = app.get('applications'); app.get('/',function(req, res){ res.render('index.ejs'); }); app.post('/login', function(req, res) { let user = req.body.user; let password = req.body.password; let syncOnFail = true; login(); function login() { let loginInfo = { username: user, password: password }; User.login(loginInfo, 'user', loginCb); } function loginCb(err, token) { if (err) { if(syncOnFail) { syncOnFail = false; let filter = {where: {name: user}}; app.models.Account.findOne(filter, findCb); } else badLogin(); return; } let query = url.parse(req.body.location, true).query; let loginUrl = applications[query.apiKey]; if (!loginUrl) loginUrl = applications.default; res.send(JSON.stringify({ token: token.id, continue: query.continue, loginUrl: loginUrl, })); } function findCb(err, instance) { if(!instance || instance.password !== md5(password)) { badLogin(); return; } let where = {username: user}; let userData = { username: user, password: password, email: `${user}@verdnatura.es` }; User.upsertWithWhere(where, userData, login); } function badLogin() { res.status(401); res.send(JSON.stringify({ message: 'Login failed' })); } }); app.get('/logout', function (req, res) { User.logout(req.accessToken.id, () => res.redirect('/')); }); };