Skip to content

GitLab

Switch branch/tag
Find file Normal viewHistoryPermalink
sessions.js 2.18 KB
Newer Older
mntmn's avatar
initial commit.  
mntmn committed
1
2
3
4
5 
"use strict";

var config = require('config');
require('../../models/schema');
Martin Guether's avatar
update packages    
Martin Guether committed
6 
var bcrypt = require('bcryptjs');
mntmn's avatar
initial commit.  
mntmn committed
7 
var crypo = require('crypto');
Lukas F. Hartmann's avatar
basic import functionality; dockerfile fixes; session and cookie handling fixes    
Lukas F. Hartmann committed
8 
var URL = require('url').URL;
mntmn's avatar
initial commit.  
mntmn committed
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43 

var express = require('express');
var router = express.Router();

router.post('/', function(req, res) {
  var data = req.body;
  if (data.email && data.password) {
    var email = req.body.email.toLowerCase();
    var password = req.body["password"];

    User.find({email: email, account_type: "email"}, (function (err, users) {
      if (err) {
        res.status(400).json({"error":"session.users"});
      } else {

        if (users.length == 1) {
          var user = users[0];

          if (bcrypt.compareSync(password, user.password_hash)) {
            crypo.randomBytes(48, function(ex, buf) {
              var token = buf.toString('hex');

              var session = {
                token: token,
                ip: req.ip,
                device: "web",
                created_at: new Date()
              };

              if (!user.sessions)
                user.sessions = [];

              user.sessions.push(session);

              user.save(function(err, result) {
Lukas F. Hartmann's avatar
basic import functionality; dockerfile fixes; session and cookie handling fixes    
Lukas F. Hartmann committed
44
45
46 
                if (err) console.error("Error saving user:",err);
                
                var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : "localhost";
mntmn's avatar
initial commit.  
mntmn committed
47
Lukas F. Hartmann's avatar
basic import functionality; dockerfile fixes; session and cookie handling fixes    
Lukas F. Hartmann committed
48 
                res.cookie('sdsession', token, { domain: domain, httpOnly: true });
mntmn's avatar
initial commit.  
mntmn committed
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72 
                res.status(201).json(session);
              });
            });
          }else{
            res.sendStatus(403);
          }
        } else {
          res.sendStatus(404);
        }
      }
    }));
  } else {
    res.status(400).json({});
  }
});

router.delete('/current', function(req, res, next) {
  if (req.user) {
    var user = req.user;
    var newSessions = user.sessions.filter( function(session){
      return session.token != req.token;
    });
    user.sessions = newSessions;
    user.save(function(err, result) {
Lukas F. Hartmann's avatar
basic import functionality; dockerfile fixes; session and cookie handling fixes    
Lukas F. Hartmann committed
73 
      var domain = new URL(config.get('endpoint')).hostname;
mntmn's avatar
initial commit.  
mntmn committed
74
75
76
77
78
79
80
81
82 
      res.clearCookie('sdsession', { domain: domain });
      res.sendStatus(204);
    });
  } else {
    res.sendStatus(404);
  }
});

module.exports = router;

Dies ist die Gitlab-Instanz des Transferportals der Hochschule für Technik Stuttgart. Hier geht es zurück zum Portal