2015-08-16 01:37:27 +02:00
|
|
|
//auth.js
|
2015-08-16 13:42:14 +02:00
|
|
|
/**
|
|
|
|
|
* Module for handling the Authentication in the web application.
|
|
|
|
|
* @module auth
|
2015-08-16 13:48:08 +02:00
|
|
|
* @author Bram van der Veen <96aa48@gmail.com>
|
2015-08-16 13:42:14 +02:00
|
|
|
*/
|
2015-08-16 01:37:27 +02:00
|
|
|
|
|
|
|
|
//Importing first and third-party modules.
|
2016-06-18 15:06:51 +02:00
|
|
|
const qs = require('querystring');
|
|
|
|
|
const https = require('socks5-https-client');
|
2015-07-21 15:01:11 +02:00
|
|
|
|
2015-08-16 01:37:27 +02:00
|
|
|
//Importing self-written modules.
|
2016-06-18 15:06:51 +02:00
|
|
|
const crypt = require('./crypt');
|
|
|
|
|
const config = require('./configuration');
|
|
|
|
|
const lookup = require('./lookup');
|
2015-07-21 15:01:11 +02:00
|
|
|
|
2015-08-16 01:37:27 +02:00
|
|
|
/**
|
|
|
|
|
* Function for starting a login request with the Magister servers.
|
|
|
|
|
* @param {String} username - Username needed for login.
|
|
|
|
|
* @param {String} password - Password needed for login.
|
|
|
|
|
* @param {Function} callback - Callback function to be called after request.
|
|
|
|
|
*/
|
2015-08-15 21:07:22 +02:00
|
|
|
function getLogin(username, password, callback) {
|
2016-06-18 15:06:51 +02:00
|
|
|
let login = qs.stringify({
|
2015-07-21 15:01:11 +02:00
|
|
|
GebruikersNaam : username,
|
|
|
|
|
Wachtwoord : password
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
https.request({
|
|
|
|
|
host : 'werkman.magister.net',
|
|
|
|
|
port : 443,
|
|
|
|
|
path : '/api/sessie',
|
|
|
|
|
method : 'POST',
|
|
|
|
|
headers : {
|
|
|
|
|
'Content-Type' : 'application/x-www-form-urlencoded',
|
|
|
|
|
'Content-Length' : login.length
|
|
|
|
|
},
|
2015-08-15 21:07:22 +02:00
|
|
|
socksPort: config().torPort,
|
|
|
|
|
socksHost: config().torHost
|
2016-06-18 15:26:06 +02:00
|
|
|
}, (res) => {
|
2015-07-21 15:01:11 +02:00
|
|
|
if (res.statusCode == 201 || res.statusCode == 200) callback(true);
|
|
|
|
|
else callback(false);
|
|
|
|
|
}).write(login);
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-16 01:37:27 +02:00
|
|
|
/**
|
|
|
|
|
* Function for doing a login to the rooster.io server
|
|
|
|
|
* this is being called by the web frontend when the
|
|
|
|
|
* user logs in.
|
|
|
|
|
* @param {Object} req - Request object supplied by Express.
|
|
|
|
|
* @param {Object} res - Response object supplied by Express.
|
|
|
|
|
* @param {Function} next - Next function supplied by Express.
|
|
|
|
|
*/
|
2015-07-21 15:01:11 +02:00
|
|
|
function login(req, res, next) {
|
2016-06-18 15:06:51 +02:00
|
|
|
let _data = '';
|
2015-07-21 15:01:11 +02:00
|
|
|
|
2016-06-18 15:26:06 +02:00
|
|
|
req.on('data', (data) => {
|
2015-07-21 15:01:11 +02:00
|
|
|
_data += data;
|
|
|
|
|
});
|
|
|
|
|
|
2016-06-18 15:26:06 +02:00
|
|
|
req.on('end', () => {
|
2016-06-18 15:06:51 +02:00
|
|
|
let loginInformation = qs.parse(_data)
|
2015-07-21 15:01:11 +02:00
|
|
|
|
2016-06-18 15:26:06 +02:00
|
|
|
getLogin(loginInformation.username, loginInformation.password, (legit) => {
|
2016-06-18 15:06:51 +02:00
|
|
|
let username = crypt.encrypt(loginInformation.username);
|
|
|
|
|
let password = crypt.encrypt(loginInformation.password);
|
2015-07-21 15:01:11 +02:00
|
|
|
if (legit) {
|
|
|
|
|
res.cookie('username', username);
|
|
|
|
|
res.cookie('password', password);
|
|
|
|
|
res.redirect('/');
|
|
|
|
|
}
|
|
|
|
|
else {res.end('Er is wat mis, misschien je wachtwoord?')}
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-16 01:37:27 +02:00
|
|
|
/**
|
|
|
|
|
* Function for logging a user out
|
|
|
|
|
* of a session on rooster.io.
|
|
|
|
|
* @param {Object} req - Request object supplied by Express.
|
|
|
|
|
* @param {Object} res - Response object supplied by Express.
|
|
|
|
|
*/
|
2015-07-21 15:01:11 +02:00
|
|
|
function logout(req, res) {
|
|
|
|
|
res.cookie('username', '');
|
|
|
|
|
res.cookie('password', '');
|
|
|
|
|
res.redirect('/');
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-16 01:37:27 +02:00
|
|
|
/**
|
|
|
|
|
* Function for checking if the user is currently authenticated.
|
|
|
|
|
* @param {Object} req - Request object supplied by Express.
|
|
|
|
|
* @param {Object} res - Response object supplied by Express.
|
|
|
|
|
* @param {Function} next - Next function supplied by Express.
|
|
|
|
|
*/
|
2015-07-21 15:01:11 +02:00
|
|
|
function is(req, res, next) {
|
2016-06-18 15:06:51 +02:00
|
|
|
let cookies = qs.parse((req.headers.cookie || '').replace(/\s/g, ''), ';', '=');
|
2015-07-21 15:01:11 +02:00
|
|
|
if (!cookies.username || !cookies.password) {next(); return;}
|
|
|
|
|
|
2016-06-18 15:06:51 +02:00
|
|
|
let username = crypt.decrypt(cookies.username),
|
2015-07-21 15:01:11 +02:00
|
|
|
password = crypt.decrypt(cookies.password);
|
|
|
|
|
|
2016-06-18 15:26:06 +02:00
|
|
|
getLogin(username, password, (legit) => {
|
2015-07-21 15:01:11 +02:00
|
|
|
if (legit) {
|
2015-07-21 17:01:45 +02:00
|
|
|
req.query.name = username;
|
2016-06-18 15:26:06 +02:00
|
|
|
lookup.api(req, (databaseEntry) => {
|
2015-08-15 21:07:22 +02:00
|
|
|
req.headers.user = databaseEntry.data[0];
|
2015-07-21 17:01:45 +02:00
|
|
|
next();
|
|
|
|
|
});
|
2015-07-21 15:01:11 +02:00
|
|
|
}
|
2015-07-21 17:01:45 +02:00
|
|
|
else {
|
|
|
|
|
next();
|
|
|
|
|
}
|
2015-07-21 15:01:11 +02:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-16 01:37:27 +02:00
|
|
|
//Exporting the functions as a module.
|
2015-07-21 15:01:11 +02:00
|
|
|
module.exports = {
|
|
|
|
|
'login' : login,
|
|
|
|
|
'logout' : logout,
|
|
|
|
|
'is' : is
|
|
|
|
|
}
|
