Dinawo/CDN-APP-INSIDER
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update routes and file paths, fix authentication and security issues
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
.dinawo
2024-04-13 22:17:54 +02:00
parent 8f3e604774
commit 4e2e085a63
38 changed files with 1918 additions and 1408 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
routes/Auth/ActiveDirectory.js Normal file
View File

@@ -0,0 +1,32 @@
const express = require('express');
const router = express.Router();
const passport = require('passport');
require('../../models/Passport-ActiveDirectory');
const { checkUserExistsAD } = require('../../Middlewares/UserIDMiddlewareAD');
router.post('/', (req, res, next) => {
passport.authenticate('ActiveDirectory', (err, user) => {
if (err) {
return res.render('AuthLogin', { isAuthenticated: false, errorMessage: err.message, setupData: {}, showActiveDirectoryForm: true, currentUrl: req.originalUrl });
}
if (!user) {
return res.render('AuthLogin', { isAuthenticated: false, errorMessage: 'L\'utilisateur n\'est pas autorisé.', setupData: {}, showActiveDirectoryForm: true, currentUrl: req.originalUrl });
}
req.user = {
...user._json,
name: user._json.sAMAccountName,
id: user._json.sAMAccountName,
};
req.logIn(req.user, function(err) {
if (err) {
return next(err);
}
req.session.user = req.user;
return next();
});
})(req, res, next);
}, checkUserExistsAD);
module.exports = router;

67
routes/Auth/Discord.js Normal file
View File

@@ -0,0 +1,67 @@
const express = require('express');
const router = express.Router();
const passport = require('passport');
const { checkUserExistsDiscord } = require('../../Middlewares/UserIDMiddlewareDiscord');
const { getUserData, getSetupData } = require('../../Middlewares/watcherMiddleware');
let userData = getUserData();
let setupData;
getSetupData().then(data => {
setupData = data;
if (setupData[0].discord !== undefined) {
const DiscordStrategy = require('../../models/Passport-Discord');
}
});
let user = userData;
if (user.identifyURL) {
router.get("/auth/discord", (req, res) => {
res.redirect(user.identifyURL);
});
}
router.use(passport.initialize());
router.use(passport.session());
passport.deserializeUser((user, done) => {
done(null, user);
});
router.get("/", (req, res) => {
res.redirect(setupData.discord.identifyURL);
});
router.get('/callback', (req, res, next) => {
passport.authenticate('discord', (err, user, info) => {
if (err) {
return next(err);
}
if (!user) {
return res.redirect('/auth/login');
}
req.logIn(user, (loginErr) => {
if (loginErr) {
return next(loginErr);
}
checkUserExistsDiscord(req, res, () => {
if (req.userExists) {
return res.redirect('/dpanel/dashboard');
} else {
createUser(req.user, (createErr) => {
if (createErr) {
return next(createErr);
}
return res.redirect('/dpanel/dashboard');
});
}
});
});
})(req, res, next);
});
module.exports = router;

14
routes/Auth/Login.js Normal file
View File

@@ -0,0 +1,14 @@
const express = require('express');
const router = express.Router();
const fs = require('fs');
const path = require('path');
router.get('/', function(req, res) {
const setupFilePath = path.join('data', 'setup.json');
const setupData = JSON.parse(fs.readFileSync(setupFilePath, 'utf-8'));
const showActiveDirectoryForm = setupData[0].ldap && setupData[0].ldap.enabled === 'on';
res.render('AuthLogin', { setupData, isAuthenticated: false, errorMessage: '', showActiveDirectoryForm, currentUrl: req.originalUrl });
});
module.exports = router;

17
routes/Auth/Logout.js Normal file
View File

@@ -0,0 +1,17 @@
const express = require('express');
const router = express.Router();
const fs = require('fs');
const path = require('path');
router.get('/', (req, res) => {
req.logout(function(err) {
if (err) {
return next(err);
}
res.redirect('/auth/login');
});
});
var opts = { failWithError: true }
module.exports = router;