atlanticbiomedical/biomedjs
1
0
Fork 0
mirror of https://github.com/atlanticbiomedical/biomedjs.git synced 2025-07-02 00:47:26 -04:00
Code Issues Packages Projects Releases Wiki Activity

More stuff

Browse Source
This commit is contained in:
Dobie Wollert
2015-11-25 02:29:23 -08:00
parent f5bc55b1f5
commit f9c9672818
8 changed files with 786 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
config/auth.js
View File

@ -1,6 +1,85 @@
var log = require('log4node');
var mongoose = require('mongoose');
var User = mongoose.model('User');
var request = require('request');
var jwt = require('jwt-simple');
var moment = require('moment');
var ACCESS_TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
var PEOPLE_API_URL = 'https://www.googleapis.com/plus/v1/people/me/openIdConnect';
module.exports = function(app, passport, config) {
function createJWT(user) {
var payload = {
sub: user._id,
iat: moment().unix(),
exp: moment().add(14, 'days').unix()
};
return jwt.encode(payload, config.auth.jwtSecret);
}
app.post('/auth2', function(req, res) {
var params = {
code: req.body.code,
client_id: req.body.clientId,
client_secret: config.auth.clientSecret,
redirect_uri: req.body.redirectUri,
grant_type: 'authorization_code'
};
request.post(ACCESS_TOKEN_URL, { json: true, form: params }, function(err, response, token) {
console.log(token);
var accessToken = token.access_token;
var headers = {
Authorization: 'Bearer ' + accessToken
};
request.get({ url: PEOPLE_API_URL, headers: headers, json: true }, function(err, response, profile) {
if (profile.error) {
return res.status(500).send({ message: profile.error.message });
}
User.findOne({ email: profile.email.toLowerCase() }, function(err, user) {
if (err) {
return res.status(500).send(err);
}
if (!user || !user.hasPermission('system.login')) {
return res.status(403).send({ message: "You are not authorized to access this portal."});
}
user.accessToken = token.access_token;
if (token.refresh_token) {
user.refreshToken = token.refresh_token;
}
if (profile.given_name) {
user.name.first = profile.given_name;
}
if (profile.family_name) {
user.name.last = profile.family_name;
}
if (profile.picture) {
user.picture = profile.picture.replace('sz=50', 'sz=200');
}
user.save()
.then(function() {
res.send({ token: createJWT(user) });
});
});
});
})
});
module.exports = function(app, passport) {
app.get('/auth', function(req, res, next) {
console.dir(req.headers);
req.session.redirectUrl = req.headers['referer'];
@ -52,15 +131,68 @@ module.exports = function(app, passport) {
})(req, res, next);
});
function createAuthenticator(error) {
return function(req, res, next) {
var onError = function() {
error(req, res, next);
};
var onSuccess = function(user) {
log.setPrefix(function(level) {
return '[' + new Date().toUTCString() + '] ' + level.toUpperCase() + ' ' + user.name.first + ' ' + user.name.last + ' | ';
});
next();
}
if (!req.isAuthenticated()) {
if (!req.headers.authorization) {
return onError();
}
var token = req.headers.authorization.split(' ')[1];
var payload = null;
try {
payload = jwt.decode(token, config.auth.jwtSecret);
} catch (err) {
return onError();
}
if (payload.exp <= moment().unix()) {
return onError();
}
User.findById(payload.sub, function(err, user) {
console.log('Loaded User');
req.user = user;
onSuccess(user);
});
} else {
onSuccess(req.user);
}
}
}
return {
requiresUiLogin: createAuthenticator(function(req, res, next) {
res.redirect('/login');
}),
requiresApiAccess: createAuthenticator(function(req, res, next) {
res.send(403);
})
};
/*
return {
requiresUiLogin: function(req, res, next) {
if (!req.isAuthenticated()) {
return res.redirect('/login');
}
log.setPrefix(function(level) {
return '[' + new Date().toUTCString() + '] ' + level.toUpperCase() + ' ' + req.user.name.first + ' ' + req.user.name.last + ' | ';
});
log.setPrefix(function(level) {
return '[' + new Date().toUTCString() + '] ' + level.toUpperCase() + ' ' + req.user.name.first + ' ' + req.user.name.last + ' | ';
});
next();
},
requiresApiAccess: function(req, res, next) {
@ -68,10 +200,11 @@ module.exports = function(app, passport) {
return res.send(403);
}
log.setPrefix(function(level) {
return '[' + new Date().toUTCString() + '] ' + level.toUpperCase() + ' ' + req.user.name.first + ' ' + req.user.name.last + ' | ';
});
log.setPrefix(function(level) {
return '[' + new Date().toUTCString() + '] ' + level.toUpperCase() + ' ' + req.user.name.first + ' ' + req.user.name.last + ' | ';
});
next();
}
};
*/
};

9
config/config.js
View File

@ -8,7 +8,7 @@ module.exports = {
clientSecret: '8MRNar9E_pRTOGTQonPzYOW_',
callback: 'http://devel.portal.atlanticbiomedical.com/auth/callback',
accessToken: 'ya29.AHES6ZR-vUVEh7CZzsEeGFSHqFfXtU1-LHyEAidi0CKhDGQ',
refreshToken: '1/exRXjTaGNlWEo-HZZWyn4NTwJ4TY3wKb-_npce21c50',
refreshToken: '1/exRXjTaGNlWEo-HZZWyn4NTwJ4TY3wKb-_npce21c50'
},
email: {
user: 'api@atlanticbiomedical.com',
@ -18,7 +18,7 @@ module.exports = {
host: 'biomed.akira.gs',
user: 'biomed_prod',
password: 'wUw3RB8rrXX4HwKj',
database: 'biomed_prod',
database: 'biomed_prod'
}
},
prod: {
@ -28,16 +28,17 @@ module.exports = {
auth: {
clientId: '333768673996-8epedo3je5h59n4l97v4dv8nofs7qnee.apps.googleusercontent.com',
clientSecret: 'afu9KhKxckWJ3Tk6uxzp9Pg6',
callback: 'http://portal.atlanticbiomedical.com/auth/callback',
callback: 'http://localhost:9000/auth/callback',
// accessToken: 'ya29.AHES6ZT1Sj1vpgidR2I_ksLdlV_VeZUjkitnZ01cP6VRrknjUEVbuw',
// refreshToken: '1/XQW9P9FNYm6jikTsV8HOIuPAo1APYhwTH5CLhq9263g'
accessToken: 'ya29.1.AADtN_Xjt0PK6YVs8q5csiQFXQg2ZDtrVhsH6P4a5zm0mHqhGx0Nnjx4Jk68Gw',
refreshToken: '1/_5SkDLYmsi4XNaQyAzld-W5-GEqEqt5byH6VkI-j5QI',
jwtSecret: '97v4dvcsiQFXQg28nofedo3jemsi4XNaQy5h59n4l97m0mHqhGx0Nnjxv4dv8n'
},
email: {
user: 'api@atlanticbiomedical.com',
password: 'success4',
password: 'success4'
},
mysql: {
host: 'localhost',

9
config/express.js
View File

@ -1,4 +1,5 @@
var express = require('express');
var cors = require('cors');
var ClusterStore = require('strong-cluster-connect-store')(express.session);
module.exports = function(app, config, passport, piler) {
@ -23,6 +24,14 @@ module.exports = function(app, config, passport, piler) {
app.use(passport.initialize());
app.use(passport.session());
// allow cors
app.use(cors({
origin: function(origin, callback) {
callback(null, true);
},
credentials: true
}));
// use piler for asset management
piler.bind();

9
config/routes.js
View File

@ -94,6 +94,12 @@ module.exports = function(app, auth, piler, calendar, directory, config) {
app.post('/api/test_runs', testRuns.create);
app.post('/api/test_runs/:test_run_id', testRuns.update);
var timeclock = require('../app/controllers/timeclock')();
app.get('/api/timeclock', timeclock.index);
app.post('/api/timeclock/clock_in', timeclock.clockIn);
app.post('/api/timeclock/clock_out', timeclock.clockOut);
app.get('/api/timeclock/workorder/:id', timeclock.workorderDetails);
var pms = require('../app/controllers/pms');
app.get('/api/pms', pms.index);
@ -107,8 +113,9 @@ module.exports = function(app, auth, piler, calendar, directory, config) {
app.post('/api/users/:user_id', users.update);
app.get('/api/users/:user_id/clocks', users.clocks);
var account = require('../app/controllers/account');
var account = require('../app/controllers/account')(config);
app.get('/api/account', account.profile);
app.post('/api/account/impersonate', account.impersonate);
var messages = require('../app/controllers/messages')(config);
app.post('/api/messages/send', messages.send);