albert/mrfrys-node-server
1
0
Fork 0
mirror of https://gitlab.com/MrFry/mrfrys-node-server synced 2025-04-01 20:24:18 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

cookies and login fix

Browse source
This commit is contained in:
mrfry 2023-04-02 10:30:20 +02:00
parent 885198d357
commit 57aea151f4
7 changed files with 19 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/middlewares/auth.middleware.ts
View file

@ -27,7 +27,6 @@ import dbtools from '../utils/dbtools'
interface Options {
userDB: Database
jsonResponse: boolean
exceptions: Array<string>
}
@ -43,9 +42,9 @@ export const testUser: User = {
createdBy: 1,
}
function renderLogin(_req: Request, res: Response, jsonResponse: boolean) {
function renderLogin(req: Request, res: Response) {
res.status(401) // Unauthorized
if (jsonResponse) {
if (req.is('application/json')) {
res.json({
result: 'nouser',
msg: 'You are not logged in',
@ -60,18 +59,16 @@ function renderLogin(_req: Request, res: Response, jsonResponse: boolean) {
export default function (options: Options): RequestHandler {
const {
userDB,
jsonResponse,
exceptions,
}: {
userDB: Database
jsonResponse: boolean
exceptions: string[]
} = options
return function (req: Request, res: Response, next: NextFunction) {
const sessionID = req.cookies.sessionID
const isException = exceptions.some((exc) => {
return req.url.split('?')[0] === exc
return req.originalUrl.split('?')[0] === exc
})
if (process.env.NS_NOUSER) {
@ -102,7 +99,7 @@ export default function (options: Options): RequestHandler {
return
}
logger.DebugLog(`No session ID: ${req.url}`, 'auth', 1)
renderLogin(req, res, jsonResponse)
renderLogin(req, res)
return
}
@ -116,7 +113,7 @@ export default function (options: Options): RequestHandler {
return
}
logger.DebugLog(`No user:${req.url}`, 'auth', 1)
renderLogin(req, res, jsonResponse)
renderLogin(req, res)
return
}

11
src/modules/api/api.ts
View file

@ -83,14 +83,13 @@ function GetApp(): ModuleType {
app.use(
auth({
userDB: userDB,
jsonResponse: true,
exceptions: [
'/register',
'/favicon.ico',
'/login',
'/postfeedback',
'/fosuploader',
'/badtestsender',
'/api/register',
'/api/login',
'/api/postfeedback',
'/api/fosuploader',
'/api/badtestsender',
],
})
)

4
src/modules/api/submodules/userManagement.ts
View file

@ -91,9 +91,7 @@ const validationTokenName = 'qmining' // readValidationTokenName()
function setup(data: SubmoduleData): Submodule {
const { app, userDB, url /* publicdirs, moduleSpecificData */ } = data
let domain: any = url.split('.') // [ "https://api", "frylabs", "net" ]
domain.shift() // [ "frylabs", "net" ]
domain = domain.join('.') // "frylabs.net"
const domain: any = url
logger.DebugLog(`Cookie domain: ${domain}`, 'cookie', 1)
const userCount = dbtools

1
src/modules/dataEditor/dataEditor.ts
View file

@ -52,7 +52,6 @@ function GetApp(): ModuleType {
app.use(
auth({
userDB: userDB,
jsonResponse: false,
exceptions: ['/favicon.ico'],
})
)

6
src/modules/qmining/qmining.ts
View file

@ -53,10 +53,14 @@ function GetApp(): ModuleType {
app.use(
auth({
userDB: userDB,
jsonResponse: false,
exceptions: [
'/favicon.ico',
'/img/frylabs-logo_large_transparent.png',
'/api/register',
'/api/login',
'/api/postfeedback',
'/api/fosuploader',
'/api/badtestsender',
],
})
)

2
src/server.ts
View file

@ -226,7 +226,7 @@ app.use(
})
)
const domain = utils.ReadFile(paths.domainFile)
const domain = utils.ReadFile(paths.domainFile).trim()
Object.keys(modules).forEach(function (key) {
const module = modules[key]

3
src/sharedViews/login.ejs
View file

@ -122,7 +122,8 @@
button.innerText = '...'
button.classList.add('disabledButton')
button.disabled = true
const rawResponse = await fetch('<%= devel ? 'http' : 'https' %>://frylabs.net/api/login', {
// TODO: get url from controller
const rawResponse = await fetch('<%= devel ? 'http://localhost:8080/api/login' : 'https://frylabs.net/api/login' %>', {
method: 'POST',
credentials: 'include',
headers: {