Merge branch 'devel' of https://transfer.hft-stuttgart.de/gitlab/m4lab_tv1/user-account into devel

5f14adea · Rosanny Sihombing · 49e5a58d · f129ec55 · 5f14adea · 5f14adea
Commit 5f14adea authored Feb 28, 2020 by Rosanny Sihombing
--- a/config/config.js
+++ b/config/config.js
@@ -8,13 +8,17 @@ module.exports = {
      strategy: 'saml',
      saml: {
        path: process.env.SAML_PATH || '/saml/SSO',
+        //entryPoint: process.env.SAML_ENTRY_POINT || 'https://transfer.hft-stuttgart.de/idp/saml2/idp/SSOService.php',
        entryPoint: process.env.SAML_ENTRY_POINT || 'https://m4lab.hft-stuttgart.de/idp/saml2/idp/SSOService.php',
-        issuer: 'sp-account.m4lab.hft-stuttgart.de',
+        issuer: 'sp-account.m4lab.hft-stuttgart.de', //local metadata
+        //issuer: 'sp-account-test.m4lab.hft-stuttgart.de', //testing metadata
+        //issuer: 'sp-account-prod.m4lab.hft-stuttgart.de', //production metadata
+        //logoutUrl: 'https://transfer.hft-stuttgart.de/idp/saml2/idp/SingleLogoutService.php'
        logoutUrl: 'https://m4lab.hft-stuttgart.de/idp/saml2/idp/SingleLogoutService.php'
      }
    },
    database: {
-      host: 'localhost',      	  // DB host
+      host: 'transfer.hft-stuttgart.de',      	  // DB host
      user: 'DBManager',          // DB username
      password: 'Stuttgart2019',  // DB password
      port: 3306,                 // MySQL port

--- a/routes/routes.js
+++ b/routes/routes.js
@@ -124,14 +124,14 @@ module.exports = function (app, config, passport) {
  app.get('/login',
    passport.authenticate(config.passport.strategy,
      {
-        successRedirect: '/',
-        failureRedirect: '/login'
+        successRedirect: '/account/',
+        failureRedirect: '/account/login'
      })
  );

  app.get('/logout', function (req, res) {
    if (req.user == null) {
-      return res.redirect('/');
+      return res.redirect('/account/');
    }
    
    req.user.nameID = req.user.id;
@@ -162,7 +162,7 @@ module.exports = function (app, config, passport) {
        }
      })
    } else {
-      res.redirect('/login');
+      res.redirect('/account/login');
    }
  });

@@ -226,7 +226,7 @@ module.exports = function (app, config, passport) {
        }
      ])
    } else {
-      res.redirect('/login');
+      res.redirect('/account/login');
    }
  });

@@ -236,7 +236,7 @@ module.exports = function (app, config, passport) {
        user: req.user // useful for view engine, useless for HTML
      });
    } else {
-      res.redirect('/login');
+      res.redirect('/account/login');
    }
  });

@@ -261,11 +261,11 @@ module.exports = function (app, config, passport) {
            else {
              req.flash('success', 'Profile updated!');
            }
-            res.redirect('/profile');
+            res.redirect('/account/profile');
        })
      }
    } else {
-      res.redirect('/login');
+      res.redirect('/account/login');
    }
  });
  
@@ -280,7 +280,7 @@ module.exports = function (app, config, passport) {
          // Load hashed passwd from DB
          dbconn.user.query('SELECT password FROM credential WHERE user_id='+userId, function (err, rows, fields) {
            if (err) {
-              res.redirect('/500')
+              res.redirect('/account/500')
              throw err
            }
            var userPwd = rows[0].password
@@ -288,17 +288,17 @@ module.exports = function (app, config, passport) {
            // check if the password is correct
            bcrypt.compare(currPwd, userPwd, function(err, isMatch) {
              if (err) {
-                res.redirect('/500')
+                res.redirect('/account/500')
                throw err
              }
              else if (!isMatch) {
                req.flash('error', "Sorry, your password was incorrect. Please double-check your password.")
-                res.redirect('/security')
+                res.redirect('/account/security')
              }
              else {
                if ( newPwd != retypePwd ) {
                  req.flash('error', "Passwords do no match. Please make sure you re-type your new password correctly.")
-                  res.redirect('/security')
+                  res.redirect('/account/security')
                }
                else {
                  // update password
@@ -324,7 +324,7 @@ module.exports = function (app, config, passport) {
                            }
                          });
                        }
-                        res.redirect('/security')
+                        res.redirect('/account/security')
                      })
                    });
                  });
@@ -336,7 +336,7 @@ module.exports = function (app, config, passport) {
      })  
    }
    else {
-      res.redirect('/login');
+      res.redirect('/account/login');
    }
  });

@@ -369,7 +369,7 @@ module.exports = function (app, config, passport) {
            var emailSubject = "M4_LAB Password Reset";
            var emailContent = "Hi User,\n\n"+
              "we've received a request to reset your password. If you didn't make the request, just ignore this email.\n\n"+
-              "Otherwise, you can reset your password using this link: http://localhost:9989/reset/" + token + "\n" +
+              "Otherwise, you can reset your password using this link: http://m4lab.hft-stuttgart.de/account/reset/" + token + "\n" +
              "This password reset is only valid for 1 hour.\n\n"+
              "Thanks,\nM4_LAB Team"
            
@@ -412,7 +412,7 @@ module.exports = function (app, config, passport) {
      else {
        req.flash('success', 'If your email is registered, an e-mail has been sent to ' + emailAddress + ' with further instructions.');
      }
-      res.redirect('/forgotPwd');
+      res.redirect('/account/forgotPwd');
    });
  });

@@ -420,7 +420,7 @@ module.exports = function (app, config, passport) {
    methods.getUserByToken(req.params.token, function(err, user){
      if (!user) {
        req.flash('error', 'Password reset token is invalid or has expired.');
-        res.redirect('/forgotPwd');
+        res.redirect('/account/forgotPwd');
      }
      else {
        res.render('reset');
@@ -457,7 +457,7 @@ module.exports = function (app, config, passport) {
                  }
                });
                // redirect to login page
-                res.redirect('/login')
+                res.redirect('/account/login')
              }
            })
          });
@@ -465,7 +465,7 @@ module.exports = function (app, config, passport) {
      }
      else {
        req.flash('error', "User not found.")
-        res.redirect('/login')
+        res.redirect('/account/login')
      }
    });
   
@@ -508,7 +508,7 @@ module.exports = function (app, config, passport) {
          else {
            req.flash('success', 'Your account has been created. Please log in.');
          }
-          res.redirect('/registration');
+          res.redirect('/account/registration');
        })
      });
    });

--- a/views/profile.pug
+++ b/views/profile.pug
@@ -35,8 +35,8 @@ html(lang="en")
                    span #{user.firstname} #{user.lastname}
                div(class="nav flex-column nav-pills", id="v-pills-tab", role="tablist", aria-orientation="vertical")
                    a(class="nav-link" href="#" aria-selected="true") Profile
-                    a(class="nav-link" href="/security" aria-selected="false") Security
-                    a(class="nav-link" href="/services" aria-selected="false") Services
+                    a(class="nav-link" href="/account/security" aria-selected="false") Security
+                    a(class="nav-link" href="/account/services" aria-selected="false") Services
            div(class="col-sm-9")
                if successes
                    for success in successes

--- a/views/security.pug
+++ b/views/security.pug
@@ -37,9 +37,9 @@ html(lang="en")
                h5
                    span #{user.firstName} #{user.lastName}
                div(class="nav flex-column nav-pills", id="v-pills-tab", role="tablist", aria-orientation="vertical")
-                    a(class="nav-link" href="/profile" aria-selected="true") Profile
+                    a(class="nav-link" href="/account/profile" aria-selected="true") Profile
                    a(class="nav-link" href="#" aria-selected="false") Security
-                    a(class="nav-link" href="/services" aria-selected="false") Services
+                    a(class="nav-link" href="/account/services" aria-selected="false") Services
            div(class="col-sm-9")
                if successes
                    for success in successes
@@ -49,7 +49,7 @@ html(lang="en")
                    for error, i in errors
                        div.alert.alert-danger.alert-dismissible.fade.show #{ error }
                            a(class="close", href="#", data-dismiss="alert", aria-label="close") &times;
-                form(class="needs-validation", method="post", action="/changePwd" novalidate)
+                form(class="needs-validation", method="post", action="/account/changePwd" novalidate)
                    div(class="form-group row")
                        label(for="currPwd") Current Password
                        input(id="inputCurrPwd", name="inputCurrPwd", type="password", class="form-control" required)

--- a/views/services.pug
+++ b/views/services.pug
@@ -34,8 +34,8 @@ html(lang="en")
                h5
                    span #{user.firstName} #{user.lastName}
                div(class="nav flex-column nav-pills", id="v-pills-tab", role="tablist", aria-orientation="vertical")
-                    a(class="nav-link" href="/profile" aria-selected="true") Profile
-                    a(class="nav-link" href="/security" aria-selected="false") Security
+                    a(class="nav-link" href="/account/profile" aria-selected="true") Profile
+                    a(class="nav-link" href="/account/security" aria-selected="false") Security
                    a(class="nav-link" href="#" aria-selected="false") Services
            div(class="col-sm-9")
                if successes