albert/mrfrys-node-server
1
0
Fork 0
mirror of https://gitlab.com/MrFry/mrfrys-node-server synced 2025-04-01 20:24:18 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

cookies and login fix

Browse source
This commit is contained in:
mrfry 2023-04-02 10:30:20 +02:00
parent 885198d357
commit 57aea151f4
7 changed files with 19 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/middlewares/auth.middleware.ts
View file

@ -27,7 +27,6 @@ import dbtools from '../utils/dbtools'
interface Options { interface Options {
userDB: Database userDB: Database
jsonResponse: boolean
exceptions: Array<string> exceptions: Array<string>
} }
@ -43,9 +42,9 @@ export const testUser: User = {
createdBy: 1, createdBy: 1,
} }
function renderLogin(_req: Request, res: Response, jsonResponse: boolean) { function renderLogin(req: Request, res: Response) {
res.status(401) // Unauthorized res.status(401) // Unauthorized
if (jsonResponse) { if (req.is('application/json')) {
res.json({ res.json({
result: 'nouser', result: 'nouser',
msg: 'You are not logged in', msg: 'You are not logged in',
@ -60,18 +59,16 @@ function renderLogin(_req: Request, res: Response, jsonResponse: boolean) {
export default function (options: Options): RequestHandler { export default function (options: Options): RequestHandler {
const { const {
userDB, userDB,
jsonResponse,
exceptions, exceptions,
}: { }: {
userDB: Database userDB: Database
jsonResponse: boolean
exceptions: string[] exceptions: string[]
} = options } = options
return function (req: Request, res: Response, next: NextFunction) { return function (req: Request, res: Response, next: NextFunction) {
const sessionID = req.cookies.sessionID const sessionID = req.cookies.sessionID
const isException = exceptions.some((exc) => { const isException = exceptions.some((exc) => {
return req.url.split('?')[0] === exc return req.originalUrl.split('?')[0] === exc
}) })
if (process.env.NS_NOUSER) { if (process.env.NS_NOUSER) {
@ -102,7 +99,7 @@ export default function (options: Options): RequestHandler {
return return
} }
logger.DebugLog(`No session ID: ${req.url}`, 'auth', 1) logger.DebugLog(`No session ID: ${req.url}`, 'auth', 1)
renderLogin(req, res, jsonResponse) renderLogin(req, res)
return return
} }
@ -116,7 +113,7 @@ export default function (options: Options): RequestHandler {
return return
} }
logger.DebugLog(`No user:${req.url}`, 'auth', 1) logger.DebugLog(`No user:${req.url}`, 'auth', 1)
renderLogin(req, res, jsonResponse) renderLogin(req, res)
return return
} }

11
src/modules/api/api.ts
View file

@ -83,14 +83,13 @@ function GetApp(): ModuleType {
app.use( app.use(
auth({ auth({
userDB: userDB, userDB: userDB,
jsonResponse: true,
exceptions: [ exceptions: [
'/register',
'/favicon.ico', '/favicon.ico',
'/login', '/api/register',
'/postfeedback', '/api/login',
'/fosuploader', '/api/postfeedback',
'/badtestsender', '/api/fosuploader',
'/api/badtestsender',
], ],
}) })
) )

4
src/modules/api/submodules/userManagement.ts
View file

@ -91,9 +91,7 @@ const validationTokenName = 'qmining' // readValidationTokenName()
function setup(data: SubmoduleData): Submodule { function setup(data: SubmoduleData): Submodule {
const { app, userDB, url /* publicdirs, moduleSpecificData */ } = data const { app, userDB, url /* publicdirs, moduleSpecificData */ } = data
let domain: any = url.split('.') // [ "https://api", "frylabs", "net" ] const domain: any = url
domain.shift() // [ "frylabs", "net" ]
domain = domain.join('.') // "frylabs.net"
logger.DebugLog(`Cookie domain: ${domain}`, 'cookie', 1) logger.DebugLog(`Cookie domain: ${domain}`, 'cookie', 1)
const userCount = dbtools const userCount = dbtools

1
src/modules/dataEditor/dataEditor.ts
View file

@ -52,7 +52,6 @@ function GetApp(): ModuleType {
app.use( app.use(
auth({ auth({
userDB: userDB, userDB: userDB,
jsonResponse: false,
exceptions: ['/favicon.ico'], exceptions: ['/favicon.ico'],
}) })
) )

6
src/modules/qmining/qmining.ts
View file

@ -53,10 +53,14 @@ function GetApp(): ModuleType {
app.use( app.use(
auth({ auth({
userDB: userDB, userDB: userDB,
jsonResponse: false,
exceptions: [ exceptions: [
'/favicon.ico', '/favicon.ico',
'/img/frylabs-logo_large_transparent.png', '/img/frylabs-logo_large_transparent.png',
'/api/register',
'/api/login',
'/api/postfeedback',
'/api/fosuploader',
'/api/badtestsender',
], ],
}) })
) )

2
src/server.ts
View file

@ -226,7 +226,7 @@ app.use(
}) })
) )
const domain = utils.ReadFile(paths.domainFile) const domain = utils.ReadFile(paths.domainFile).trim()
Object.keys(modules).forEach(function (key) { Object.keys(modules).forEach(function (key) {
const module = modules[key] const module = modules[key]

3
src/sharedViews/login.ejs
View file

@ -122,7 +122,8 @@
button.innerText = '...' button.innerText = '...'
button.classList.add('disabledButton') button.classList.add('disabledButton')
button.disabled = true button.disabled = true
const rawResponse = await fetch('<%= devel ? 'http' : 'https' %>://frylabs.net/api/login', { // TODO: get url from controller
const rawResponse = await fetch('<%= devel ? 'http://localhost:8080/api/login' : 'https://frylabs.net/api/login' %>', {
method: 'POST', method: 'POST',
credentials: 'include', credentials: 'include',
headers: { headers: {