147 lines
4.5 KiB
JavaScript
147 lines
4.5 KiB
JavaScript
module.exports = function(app) {
|
|
let models = app.models;
|
|
let bootTimestamp = new Date().getTime();
|
|
|
|
app.get('/', function(req, res) {
|
|
let token = req.cookies.vnToken;
|
|
validateToken(token, function(isValid) {
|
|
if (!isValid) {
|
|
redirectToAuth(res, req.get('origin'));
|
|
return;
|
|
}
|
|
|
|
res.render('index.ejs', {
|
|
assets: app.getWpAssets('salix'),
|
|
version: bootTimestamp
|
|
});
|
|
});
|
|
});
|
|
|
|
app.get('/acl', function(req, res) {
|
|
let token = req.cookies.vnToken;
|
|
validateToken(token, function(isValid, token) {
|
|
if (isValid)
|
|
sendUserRole(res, token);
|
|
else
|
|
sendACL(res, {});
|
|
});
|
|
});
|
|
|
|
app.get('/login', function(req, res) {
|
|
let token = req.query.token;
|
|
let continueUrl = req.query.continue;
|
|
|
|
validateToken(token, function(isValid) {
|
|
if (isValid) {
|
|
res.cookie('vnToken', token /* , {httpOnly: true} */);
|
|
res.redirect(continueUrl ? continueUrl : '/');
|
|
} else
|
|
redirectToAuth(res);
|
|
});
|
|
});
|
|
|
|
app.get('/logout', function(req, res) {
|
|
let token = req.cookies.vnToken;
|
|
models.User.logout(token, function() {
|
|
redirectToAuth(res);
|
|
});
|
|
});
|
|
|
|
app.get('/validateToken', function(req, res) {
|
|
let token = req.headers.authorization;
|
|
|
|
validateToken(token, function(isValid) {
|
|
if (isValid)
|
|
res.json(null);
|
|
else {
|
|
res.status(401).json({
|
|
message: 'Invalid token'
|
|
});
|
|
}
|
|
});
|
|
});
|
|
|
|
function validateToken(tokenId, cb) {
|
|
models.AccessToken.findById(tokenId, function(err, token) {
|
|
if (token) {
|
|
token.validate(function(err, isValid) {
|
|
cb(isValid === true, token);
|
|
});
|
|
} else
|
|
cb(false);
|
|
});
|
|
}
|
|
|
|
function sendUserRole(res, token) {
|
|
if (token.userId) {
|
|
let query = {
|
|
where: {
|
|
principalId: token.userId,
|
|
principalType: 'USER'
|
|
},
|
|
include: [{
|
|
relation: 'role',
|
|
scope: {
|
|
fields: ['name']
|
|
}
|
|
}]
|
|
};
|
|
models.RoleMapping.find(query, function(_, roles) {
|
|
if (roles) {
|
|
let acl = {
|
|
userProfile: {},
|
|
roles: {}
|
|
};
|
|
Object.keys(roles).forEach(function(_, i) {
|
|
if (roles[i].roleId) {
|
|
let rol = roles[i].role();
|
|
acl.roles[rol.name] = true;
|
|
}
|
|
});
|
|
models.User.findById(token.userId, function(_, userProfile) {
|
|
// acl.userProfile = userProfile;
|
|
if (userProfile && userProfile.id) {
|
|
acl.userProfile.id = userProfile.id;
|
|
acl.userProfile.username = userProfile.username;
|
|
acl.userProfile.warehouseId = 1;
|
|
sendACL(res, acl);
|
|
} else
|
|
sendACL(res, {});
|
|
});
|
|
} else
|
|
sendACL(res, {});
|
|
});
|
|
} else
|
|
sendACL(res, {});
|
|
}
|
|
|
|
function redirectToAuth(res, continueUrl) {
|
|
let authUrl = app.get('url auth');
|
|
let params = {
|
|
apiKey: app.get('api key'),
|
|
continue: continueUrl
|
|
};
|
|
res.clearCookie('vnToken');
|
|
res.redirect(`${authUrl}/?${encodeUri(params)}`);
|
|
}
|
|
|
|
function sendACL(res, acl) {
|
|
let aclStr = JSON.stringify(acl);
|
|
res.header('Content-Type', 'application/javascript; charset=UTF-8');
|
|
res.send(`(function(window){window.salix = window.salix || {}; window.salix.acl = window.salix.acl || {}; window.salix.acl = ${aclStr}; })(window)`);
|
|
}
|
|
};
|
|
|
|
function encodeUri(object) {
|
|
let uri = '';
|
|
for (let key in object) {
|
|
if (object[key]) {
|
|
if (uri.length > 0)
|
|
uri += '&';
|
|
uri += encodeURIComponent(key) + '=';
|
|
uri += encodeURIComponent(object[key]);
|
|
}
|
|
}
|
|
return uri;
|
|
}
|