finalize initial development

b433d67c · Rosanny Sihombing · 0069997b · b433d67c · b433d67c · b433d67c
Commit b433d67c authored Apr 06, 2020 by Rosanny Sihombing
--- a/app.js
+++ b/app.js
 const express = require('express')
-const fileUpload = require('express-fileupload')
+const path = require('path')
+const passport = require('passport')
 const morgan = require('morgan')
 const cookieParser = require('cookie-parser')
 const bodyParser = require('body-parser')
 const session = require('express-session')
 const flash = require('express-flash')
-const path = require('path')
-const passport = require('passport')
+const fileUpload = require('express-fileupload')

 var env = process.env.NODE_ENV || 'development'
 const config = require('./config/config')[env]
@@ -15,21 +15,13 @@ var app = express()

 app.set('port', config.app.port)
 app.set('views', __dirname + '/views')
-app.set('view engine', 'pug')
-
-// enable files upload
-app.use(fileUpload({
-    createParentPath: true,
-    limits: { 
-      fileSize: 1000000 // 1 MB max. file size
-    }
-}))
-  
+app.set('view engine', 'pug')  
 app.use(morgan('combined'))
 app.use(cookieParser())
 app.use(bodyParser.json())
 app.use(bodyParser.urlencoded({extended: false}))
 app.use(express.static(path.join(__dirname, 'public')))
+
 app.use(session(
    {
        resave: true,
@@ -38,15 +30,22 @@ app.use(session(
    }
 ))

+app.use(passport.initialize())
+app.use(passport.session())
+
 app.use(flash())
 app.use((req, res, next) => {
    res.locals.errors = req.flash("error")
    res.locals.successes = req.flash("success")
    next()
 })
-
-app.use(passport.initialize())
-app.use(passport.session())
+// enable files upload
+app.use(fileUpload({
+    createParentPath: true,
+    limits: { 
+      fileSize: 1000000 // 1 MB max. file size
+    }
+}))
  
 // caching disabled for every route
 // NOTE: Works in Firefox and Opera. Does not work in Edge

--- a/config/cert/cert.pem
+++ b/config/cert/cert.pem
+-----BEGIN CERTIFICATE-----
+MIIFzjCCA7agAwIBAgIJAJCf8527e93gMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNV
+BAYTAkRFMQswCQYDVQQIDAJCVzESMBAGA1UEBwwJU3R1dHRnYXJ0MQwwCgYDVQQK
+DANIZlQxDzANBgNVBAsMBk00X0xBQjEtMCsGCSqGSIb3DQEJARYecm9zYW5ueS5z
+aWhvbWJpbmdAc3R1dHRnYXJ0LmRlMB4XDTIwMDQwNjEwMTkzNloXDTIyMDkyMzEw
+MTkzNlowfDELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkJXMRIwEAYDVQQHDAlTdHV0
+dGdhcnQxDDAKBgNVBAoMA0hmVDEPMA0GA1UECwwGTTRfTEFCMS0wKwYJKoZIhvcN
+AQkBFh5yb3Nhbm55LnNpaG9tYmluZ0BzdHV0dGdhcnQuZGUwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQDItceFnc0CMD3thIyRlGHoeaEOD6Zqxnso6DMG
+NrMxZxTDwrDouIEsL7aBMksgrlYSBb98nCOHmy3bzreZ2qSalbxlnudLNWGVNhzH
+JmzhLbvOLVUPDVsMzNb7Yi/3Q95gEhRwCy/uOQ4xlOChLn+maamtOZI1pRU7sRlp
+FAV34VTcfvxCzHPjy6cpUvkco6MBTuAx6zfXmeAhZR7PzDekU8aMvQVNIF2HzMHw
+IDShQsCemXgvQsRplc2+p3CY9IzGSvsXtLc7WJnSweYuGnTj2W/NHDOihzmNcMa8
+wIloDqw0mxhTJUSn2PalxO5h8RDCLWWzuIyhAm1Tbb7SRn7wfLZEtXC7juiZTZKQ
+niGF3Zh9Aotjj9Muq0I4oYSJRKR/DqL3pqn/Zm3CKJ8cdXw8B/0oa6gkwAVTA6j1
+LxYPkshpF0IXEsmsy/BOzHIVVgscYRUrfJqvafcRrFea1MKPrR3PN1ZD1DEEG6cD
+DO1qeL0YZslu7CnSGN5yttXSCRF9rlytvExuxigG9NhQTkNo+7Tm9Froq7RB9z38
+dYbOQrrvvVVdKyxV1X+gXc/osOJeqeVsDLBbAcdw14oGFp8ydyMnRI7YNq6LHu7q
+Nf8wbERInTd8VTjLvQ0XlMGHhNveqD3MLN5KOvlL5o4m/TzCGrGAmuQ+hbUd6L/a
+vEMtMQIDAQABo1MwUTAdBgNVHQ4EFgQUkAaHOiBMs03JOGMj0LDDhhuJnKowHwYD
+VR0jBBgwFoAUkAaHOiBMs03JOGMj0LDDhhuJnKowDwYDVR0TAQH/BAUwAwEB/zAN
+BgkqhkiG9w0BAQsFAAOCAgEAa+Y879QnGd9Sd9YdjcpI6QYxJ4xvvVIY1WNncwjj
+OTPhhlQIhf8krUfSb2logIZQhQuMvBW/oZ3BoLQ18x6gDoAGIlcbBsikRRsltCKG
+z8Yn8HqGJROGyuB7vz5UZXos0OFPOSkC7VDF0DYaauCJlpn4MUI6o+PFtibflWQS
+jSxGpV3b8MPQuiu4dxgmS2tqcFWhyUFoaMz3BZ4BGnAcTWxVuXqcRcp6C9F8a7pk
+QI6n39mofChYuCD0OJQAoqrQHPZ77j/SI9GpX4U1qZJ5b8+bxWHoJ5frfGkXYWRM
+bojAD9r8oEdYhOq/bSo4pn8TyEwTdQlNSRni3ZkfnOER91CDEJNORJWnY0WM6OZI
+iRQ0xLRcYNXuNxKhBfn1jHnY8EyphsZGPMkJiEarcE35jd9b8uPp5TLazy4TH2p
+RisDYT45Q3Q4Z48/Ele5uQej+twOCZRKXDLBnsvom4ee6f6v4kVvB9Oxax2nghYO
+rGIFXr6Khrx7JWCOiaF7/CzUdmUf8ieNqEWo8D0l2BqiUunUDZZuLd11X8cvTvqd
+nvXPvLcIfgMJX9iLUDZxodb+2SGIlO4qnZ0ItSaYSAN58PJ/STpyV6IGlo8DfK//
+kP6e28NsztY1/o01lAT7ymksvAkz4UB7v47u4CXyxioW/RP1R8MR5zT8c1GUpqJo
+uno=
+-----END CERTIFICATE-----
--- a/config/cert/cert_idp.pem
+++ b/config/cert/cert_idp.pem
+MIIEOzCCAyOgAwIBAgIJAOC0MmIzTM7fMA0GCSqGSIb3DQEBCwUAMIGzMQswCQYDVQQGEwJERTEdMBsGA1UECAwUQmFkZW4tV8ODwrxydHRlbWJlcmcxEjAQBgNVBAcMCVN0dXR0Z2FydDEWMBQGA1UECgwNSGZUIFN0dXR0Z2FydDEPMA0GA1UECwwGSVotSVRPMRcwFQYDVQQDDA4xOTMuMTk2LjUyLjIxNzEvMC0GCSqGSIb3DQEJARYgd29sZmdhbmcua25vcGtpQGhmdC1zdHV0dGdhcnQuZGUwHhcNMjAwMTA4MTA0MTUxWhcNMjUwMTA2MTA0MTUxWjCBszELMAkGA1UEBhMCREUxHTAbBgNVBAgMFEJhZGVuLVfDg8K8cnR0ZW1iZXJnMRIwEAYDVQQHDAlTdHV0dGdhcnQxFjAUBgNVBAoMDUhmVCBTdHV0dGdhcnQxDzANBgNVBAsMBklaLUlUTzEXMBUGA1UEAwwOMTkzLjE5Ni41Mi4yMTcxLzAtBgkqhkiG9w0BCQEWIHdvbGZnYW5nLmtub3BraUBoZnQtc3R1dHRnYXJ0LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD4SZ+XT2HRmjGGanHLAPu792pv4GSB8Z8vwz+w7k8W4R4pWG9IH/L0ftroy/BsE/kZbbpIDXk1XbkEX4OGhYguVr5snCZZYZx0aRewrqcXPZNLeRQ7EGfencrcZgnNLMvE+QHAAl52wqNaZlpiEsBlKg21SUyb4o9kgo5clQOwk4wMrrMI+hMWEszR3ehgcyPZkS6cFEjic0dvzDgpCWkHm6TQD8x1W2xiQcOzOjZBziObuR+NmtD/1m37kjwUXLOz6YCgStf0cdoNDxdIrxKiImcqV7cBJ83NAAcIGXXlqLYgNpFVwenUjyKky2hu1N+Qzfs7fk5nDdjny+5LotQIDAQABo1AwTjAdBgNVHQ4EFgQUBiJg3KXaFUobk3xkDsueM4w7jrowHwYDVR0jBBgwFoAUBiJg3KXaFUobk3xkDsueM4w7jrowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAONBKzgy1b5/x0ijp7wZ3i/xlAOZ2Dy702lmsuyhSuQs+1xWFKgb0LkkNziZrq+xa2vAkEoMmqnqxze3VsAT0vek3x4uOo/ejJmxneGzTKMhAF0d/oIpjgJnxwyvF2w7SQNO8ggPNnrVd17+tX3MUb46amljSQnip7vA6Xl6ur5/pUuD2OPP6EQB3ExLB9CZkWSHXR2A7N6Di6PCuLXMPsw3MwXL3tuE2lEKUDjA8WV7NDvfXkFOTzqZZUO9LJ+NLDbnQ/GlkrYQfq3B0bPNXJtVUzSkpkxl8/gogRlvQbXxi+ZOn69yqMFghRcIsw0px0ds9m8wefwypz+O4DEHnrw==
\ No newline at end of file
--- a/config/cert/key.pem
+++ b/config/cert/key.pem
+-----BEGIN PRIVATE KEY-----
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQDItceFnc0CMD3t
+hIyRlGHoeaEOD6Zqxnso6DMGNrMxZxTDwrDouIEsL7aBMksgrlYSBb98nCOHmy3b
+zreZ2qSalbxlnudLNWGVNhzHJmzhLbvOLVUPDVsMzNb7Yi/3Q95gEhRwCy/uOQ4x
+lOChLn+maamtOZI1pRU7sRlpFAV34VTcfvxCzHPjy6cpUvkco6MBTuAx6zfXmeAh
+ZR7PzDekU8aMvQVNIF2HzMHwIDShQsCemXgvQsRplc2+p3CY9IzGSvsXtLc7WJnS
+weYuGnTj2W/NHDOihzmNcMa8wIloDqw0mxhTJUSn2PalxO5h8RDCLWWzuIyhAm1T
+bb7SRn7wfLZEtXC7juiZTZKQniGF3Zh9Aotjj9Muq0I4oYSJRKR/DqL3pqn/Zm3C
+KJ8cdXw8B/0oa6gkwAVTA6j1LxYPkshpF0IXEsmsy/BOzHIVVgscYRUrfJqvafcR
+rFea1MKPrR3PN1ZD1DEEG6cDDO1qeL0YZslu7CnSGN5yttXSCRF9rlytvExuxigG
+9NhQTkNo+7Tm9Froq7RB9z38dYbOQrrvvVVdKyxV1X+gXc/osOJeqeVsDLBbAcdw
+14oGFp8ydyMnRI7YNq6LHu7qNf8wbERInTd8VTjLvQ0XlMGHhNveqD3MLN5KOvlL
+5o4m/TzCGrGAmuQ+hbUd6L/avEMtMQIDAQABAoICADzzZvnep+koOUYt4Ho9M1Zj
+yVL50bHPQIt1qDkU12oDQb0JHKwvi5qdirDFUydDigPDFxmCWQ/PQifkKMFiMmZ3
+XlUF4ntmZJHpcufPdXUUbFn6TkBZ7/J9KjQA50wRojBOjUJRQ2b2kKbh7S1Fb6Jb
+qBlgyFPeJAqSh4Lvf5GeLiUfsv+eEvt0Vvknp1rZHqFBELhYFAc3RWcezDKSc7tF
+baBDrp5zW7PnrGV9gj4OhWwkcuj3P6pIwchKFNl+OlnlX0cdrB8rktr74yjRA/pF
+h7wj+lI6+nFHdDLRzWh6PDVlfAeT47uNGanRmgrIKCyvmJjxTFOA5y5Uv4QfwGBB
+evMJXd1TCUmHkKBMriJyWiDSP1wwUG5o41gta4vbm+47/t6gQmDTAtXQXp5ogdf4
+5EQYeDSJP42+7EgWdubwqTRV2vxesIT83pIUqarF+zuJiVCTn94YeD/neNu8MloR
+l700LhOsyrFvBvsapfETFj63GneQ/fw2YLJ6xRMehuFVhByC0OWnOxbOUQEHNXLp
+XivIO1cJW8pp2Pufcvkwpxcz5OoPnyTgh1XPrlFu9XYmWvD/XrnA/vwr+RUNEkKL
+mVpdmNOnJpd/Ly/Drwqt7PuSn8Nh/fSSonDxVGy2jTrEhjbnkwEUk+CPE3/gPgVd
+KKtdOJGEAkeFr9lL+fQBAoIBAQD2JDMof8fVwpP+SJKPjw7lHU+sK6ulJDCBdSf+
+w9Ro7bM396d3jzrDiqHZ07VU/tj1wW+4pstiSsl/nwKdmVl0eCx9G4hWeVZG5xNj
+Hhn5V0cOHPZ/ilZqRGx1Vpj8W+DFhZOU+JqXwZstoxKjttAbR9ZdnYNqc3MAVJb+
+qRZCpQjV0sHZkGnRO4rowBfWfZpoOJKDiXX2gKurnOgjqvCv25AHHSguTGEpg43U
+/vbaXz4QNSwaenUxddiiGj06ntjSeKoou/e08YUaUEgvlwjIsCH+5i6okALx1OW4
+JkBBfBqolo3ZBETIYovRbOQAy+alnR5/baoejZw4hCFV4fzhAoIBAQDQv8Ba5HdM
+6T+epuQVIG6uOnYCOLzi1EK0zVWSXmqfrBILwOpEwMOxOJPajwOG4FLAXrI7h5Mg
+zuZAiIhPYlmPyglrXRgKLNcUpQRQ6tIt4Ydqa7ctEB6l1Q/g8MIve5HB/FKiZp2Y
+wuNWgmGIgin6/MkN95Wj20xwlkx1Ny4BAHxneth57yGJZ6+pTxpJ2HTvn1qcGcX/
+82dMbzqlYjl41YxiolPaJ6XZ9FMRa34UeYsBdA8jychIp91fsD2t71MPJb4hxt9g
+CLoac8ltGEvmeIcLdMD7Vo59saCQXNc2sR7Danxhqu8mBAu0c13zSKBzyvrlT4s2
+GO0LLtk5rWpRAoIBAGHaRlRFaGZ8smUW6N0VnHBNVM03l0dRuc7diobnx1vnk6Ye
+WH9Ze50dUfbNCXu+zPX2brnT5WswHCcWSe3pdvysgdNCzNLD7h7F4pk28FCF+AOO
+VBikIHKivRNw1+ULibI8xk0lACBwoYZlHBXlqZoO1xPkeMgrGX76IgUfp2/bOEX5
+QYOCu+6oYzLgmxl0WZwxUV3lmfXjdVwGRutXG9RtzzZkywKM7tuYJxyUOALcdknv
+OZdVM530IalgERNq7vvNaKhFAdb3ZVjuraPtwVo3W2yAifANQH5vitvIqSbfdaGs
+KLwrzER1mOwrBAGlDg6tBeDW8hivZ3m4XaBM9UECggEAF8L7/lyrR9H1L/YHWHBM
+qQB2lmIm/hrzTOliqDqfIHXRyAy5ngHjRLUP/3zwBdZbFRKybxxLnxxuEUJ5Ya/s
+SfXRhKsgJWhdQzhVeXCBZD+bzn1caIDBPFc4a358XDNQsCgsr9fGcLEed6Z3u7Y1
+WSCVMkXQfspjtR0mruENF4gaoRzWr2qNArsOv9MFRwqgpPYatlIou63VQFoY7uJz
+cFG+nSulJ9wDgP/SxNTbkTEUpaG0Z3p8leilxlKlcrsfVUYSkn20x5W2uXQcpZJy
+cVWe6arsnK+JoL0rbcNjrBIVUmE4r1Vpy4YCXxQSybKmsQeV76xSSGIl+XPnvi0D
+QQKCAQBZ5Mr0LuDmvk3BG49bIKEqyvfl86wetM1G6mDw1BZbeFceMhzqCl55ja37
+j3BJTTxWfLwu2pyPjGnQCT4RXmkwG53rAhTjV2ezNbhvYY/wMDhj7nThejt/tgdJ
+ObuQPpYMBpUolSKmCxMDp8neZrfDE7bSUok4IslSOC/2UjCn5lSSwjZbh8EOJO8W
+C12cUzsknXx3T4cWhyAzk9JOkaKC/oS4N58L+qpb7B/c++urFtd1zMmrXIdbIFRt
+ecwrM25XHEutULh/h920jnn7w4mtYTTHuQ40bqsIEunfIfwZtufM/NA5oApyconY
+ZRsv9lQ7diIpqcaPLK7OfxLqZahx
+-----END PRIVATE KEY-----
--- a/config/config.js
+++ b/config/config.js
@@ -9,9 +9,7 @@ module.exports = {
      saml: {
        path: process.env.SAML_PATH || '/saml/SSO',
        entryPoint: process.env.SAML_ENTRY_POINT || 'https://m4lab.hft-stuttgart.de/idp/saml2/idp/SSOService.php',
-        issuer: 'sp-project.m4lab.hft-stuttgart.de', //local metadata
-        //issuer: 'sp-project-testing.m4lab.hft-stuttgart.de', //testing metadata
-        //issuer: 'sp-project-prod.m4lab.hft-stuttgart.de', //production metadata
+        issuer: 'sp-project.m4lab.hft-stuttgart.de',
        logoutUrl: 'https://m4lab.hft-stuttgart.de/idp/saml2/idp/SingleLogoutService.php'
      }
    },

--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
 {
-  "name": "project-page",
-  "version": "1.0.0",
-  "description": "To manage Projects' CRUD",
-  "main": "app.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+  "name": "passport-saml-example",
+  "version": "0.0.1",
+  "description": "Example for PassportJS SAML strategy",
+  "author": {
+    "name": "Gerard Braad",
+    "email": "me@gbraad.nl",
+    "url": "http://gbraad.nl"
  },
+  "contributors": [
+    {
+      "name": "Christian Kuster",
+      "email": "git@kusti.ch"
+    }
+  ],
+  "keywords": [
+    "saml",
+    "sso"
+  ],
  "repository": {
    "type": "git",
-    "url": "https://transfer.hft-stuttgart.de/gitlab/m4lab_tv1/project-page.git"
+    "url": "https://github.com/gbraad/passport-saml-example.git"
+  },
+  "scripts": {
+    "start": "nodemon app.js",
+    "test": ""
  },
-  "author": "",
-  "license": "ISC",
  "dependencies": {
-    "async": "^3.2.0",
-    "body-parser": "^1.19.0",
-    "cookie-parser": "^1.4.5",
-    "express": "^4.17.1",
-    "express-fileupload": "^1.1.7-alpha.1",
+    "body-parser": "1.15.1",
+    "cookie-parser": "1.4.3",
+    "errorhandler": "1.4.3",
+    "express": "4.13.4",
+    "express-fileupload": "^1.1.7-alpha.2",
    "express-flash": "0.0.2",
-    "express-session": "^1.17.0",
-    "morgan": "^1.10.0",
+    "express-session": "1.13.0",
+    "fs": "0.0.1-security",
+    "morgan": "1.7.0",
    "mysql": "^2.18.1",
-    "nodemon": "^2.0.2",
-    "passport": "^0.4.1",
-    "path": "^0.12.7",
+    "nodemon": "1.9.2",
+    "passport": "0.3.2",
+    "passport-saml": "0.15.0",
    "pug": "^2.0.4"
-  }
+  },
+  "engines": {
+    "node": ">= 4.0.0"
+  },
+  "license": "MIT"
 }
--- a/routes/routes-project.js
+++ b/routes/routes-project.js
+const fs = require('fs')
+const SamlStrategy = require('passport-saml').Strategy
 const methods = require('./methods')
 const async = require('async')
 const helpers = require('./helpers')

 const pictSizeLimit = 1000000 // 1 MB

-module.exports = function (app) {
- 
-  // ======== APP ROUTES - PROJECT ====================
+module.exports = function (app, config, passport) {
+
  var lang = 'DE'

+  // =========== PASSPORT =======
+  passport.serializeUser(function (user, done) {
+    done(null, user);
+  });
+  passport.deserializeUser(function (user, done) {
+    done(null, user);
+  });
+
+  var samlStrategy = new SamlStrategy({
+    // URL that goes from the Identity Provider -> Service Provider
+    callbackUrl: config.passport.saml.path,
+    // Base address to call logout requests
+    logoutUrl: config.passport.saml.logoutUrl,
+    
+    entryPoint: config.passport.saml.entryPoint,
+    issuer: config.passport.saml.issuer,
+    identifierFormat: null,
+    
+    // Service Provider private key
+    decryptionPvk: fs.readFileSync('./config/cert/key.pem', 'utf8'),
+    // Service Provider Certificate
+    privateCert: fs.readFileSync('./config/cert/key.pem', 'utf8'),
+    // Identity Provider's public key
+    cert: fs.readFileSync('./config/cert/cert_idp.pem', 'utf8'),
+    
+    validateInResponseTo: false,
+    disableRequestedAuthnContext: true
+  },
+  function (profile, done) {
+    return done(null, {
+      id: profile.nameID,
+      idFormat: profile.nameIDFormat,
+      email: profile.email,
+      firstName: profile.givenName,
+      lastName: profile.sn
+    })
+  })
+
+  passport.use(samlStrategy);
+
+  // ============= SAML ==============
+  app.post(config.passport.saml.path,
+    passport.authenticate(config.passport.strategy,
+      {
+        failureRedirect: '/',
+        failureFlash: true
+      }),
+    function (req, res) {
+      res.redirect('/');
+    }
+  )
+
+  // to generate Service Provider's XML metadata
+  app.get('/saml/metadata',
+    function(req, res) {
+      res.type('application/xml');
+
+      var spMetadata = samlStrategy.generateServiceProviderMetadata(
+        fs.readFileSync('./config/cert/cert.pem', 'utf8')
+      );
+      res.status(200).send(spMetadata);
+    }
+  );
+
+  // =========== LOGIN LOGOUT ================
+  app.get('/login', passport.authenticate(config.passport.strategy,
+    {
+      successRedirect: '/',
+      failureRedirect: '/login'
+    })
+  );
+
+  app.get('/logout', function (req, res) {
+    if (req.user == null) {
+      return res.redirect('/');
+    }
+
+    req.user.nameID = req.user.id;
+    req.user.nameIDFormat = req.user.idFormat;
+    return samlStrategy.logout(req, function(err, uri) {
+      req.logout();
+
+      if ( req.session ) {
+        req.session.destroy((err) => {
+          if(err) {
+              return console.log(err);
+          }
+        });
+      }
+
+      return res.redirect(uri);
+    });
+  });
+ 
+  // ======== APP ROUTES  ====================
  app.get('/', function(req, res){
    res.redirect('/project');
  })

--- a/views/DE/project/addProjectOverview.pug
+++ b/views/DE/project/addProjectOverview.pug
@@ -134,7 +134,7 @@ html(lang="de")
    // Bootstrap
    script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
    // Header
-    script(src="/js/headfootLogout.js")
+    script(src="https://m4lab.hft-stuttgart.de/js/headfootLogout.js")
    script.
        $( function() {
            $.datepicker.setDefaults( $.datepicker.regional["de"] );

--- a/views/DE/project/landingpage.pug
+++ b/views/DE/project/landingpage.pug
@@ -42,6 +42,6 @@ html(lang="de")
    script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
    // Header
    if isUserAuthenticated
-        script(src="/js/headfootLogout.js")
+        script(src="https://m4lab.hft-stuttgart.de/js/headfootLogout.js")
    else
-        script(src="/js/headfoot.js")
\ No newline at end of file
+        script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
\ No newline at end of file
--- a/views/DE/project/mailinglists.pug
+++ b/views/DE/project/mailinglists.pug
@@ -56,6 +56,6 @@ html(lang="de")
    script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
    // Header
    if isUserAuthenticated
-        script(src="/js/headfootLogout.js")
+        script(src="https://m4lab.hft-stuttgart.de/js/headfootLogout.js")
    else
-        script(src="/js/headfoot.js")
\ No newline at end of file
+        script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
\ No newline at end of file
--- a/views/DE/project/project-simplified.pug
+++ b/views/DE/project/project-simplified.pug
@@ -42,6 +42,6 @@ html(lang="de")
    script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
    // Header
    if isUserAuthenticated
-        script(src="/js/headfootLogout.js")
+        script(src="https://m4lab.hft-stuttgart.de/js/headfootLogout.js")
    else
-        script(src="/js/headfoot.js")
\ No newline at end of file
+        script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
\ No newline at end of file
--- a/views/DE/project/projectOverview.pug
+++ b/views/DE/project/projectOverview.pug
@@ -163,6 +163,6 @@ html(lang="de")
    script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
    // Header
    if isUserAuthenticated
-        script(src="/js/headfootLogout.js")
+        script(src="https://m4lab.hft-stuttgart.de/js/headfootLogout.js")
    else
-        script(src="/js/headfoot.js")
\ No newline at end of file
+        script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
\ No newline at end of file
--- a/views/DE/project/videoconferences.pug
+++ b/views/DE/project/videoconferences.pug
@@ -65,6 +65,6 @@ html(lang="de")
    script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
    // Header
    if isUserAuthenticated
-        script(src="/js/headfootLogout.js")
+        script(src="https://m4lab.hft-stuttgart.de/js/headfootLogout.js")
    else
-        script(src="/js/headfoot.js")
\ No newline at end of file
+        script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
\ No newline at end of file