salix/services/auth/server/boot/routes.js

84 lines
2.3 KiB
JavaScript

var url = require('url');
var md5 = require('md5');
module.exports = function(app) {
let User = app.models.User;
let applications = app.get('applications');
app.get('/',function(req, res){
res.render('index.ejs');
});
app.post('/login', function(req, res) {
let user = req.body.user;
let password = req.body.password;
let syncOnFail = true;
let usesEmail = user.indexOf('@') !== -1;
login();
function login() {
let loginInfo = {password: password};
if (usesEmail)
loginInfo.email = user;
else
loginInfo.username = user;
User.login(loginInfo, 'user', loginCb);
}
function loginCb(err, token) {
if (err) {
if(syncOnFail && !usesEmail) {
syncOnFail = false;
let filter = {where: {name: user}};
app.models.Account.findOne(filter, findCb);
}
else
badLogin();
return;
}
let query = url.parse(req.body.location, true).query;
let loginUrl = applications[query.apiKey];
if (!loginUrl)
loginUrl = applications.default;
res.send(JSON.stringify({
token: token.id,
continue: query.continue,
loginUrl: loginUrl,
}));
}
function findCb(err, instance) {
if(!instance || instance.password !== md5(password)) {
badLogin();
return;
}
let where = {id: instance.id};
let userData = {
id: instance.id,
username: user,
password: password,
email: instance.email,
created: instance.created,
updated: instance.updated
};
User.upsertWithWhere(where, userData, login);
}
function badLogin() {
res.status(401);
res.send(JSON.stringify({
message: 'Login failed'
}));
}
});
app.get('/logout', function (req, res) {
User.logout(req.accessToken.id,
() => res.redirect('/'));
});
};