diff --git a/config/config.js b/config/config.js
index 16e1a3e6f68787fc95c33a46fbbba22da4234748..077f965e1da4f7d61c6c67d220ad97a64d49da3c 100644
--- a/config/config.js
+++ b/config/config.js
@@ -8,13 +8,17 @@ module.exports = {
strategy: 'saml',
saml: {
path: process.env.SAML_PATH || '/saml/SSO',
+ //entryPoint: process.env.SAML_ENTRY_POINT || 'https://transfer.hft-stuttgart.de/idp/saml2/idp/SSOService.php',
entryPoint: process.env.SAML_ENTRY_POINT || 'https://m4lab.hft-stuttgart.de/idp/saml2/idp/SSOService.php',
- issuer: 'sp-account.m4lab.hft-stuttgart.de',
+ issuer: 'sp-account.m4lab.hft-stuttgart.de', //local metadata
+ //issuer: 'sp-account-test.m4lab.hft-stuttgart.de', //testing metadata
+ //issuer: 'sp-account-prod.m4lab.hft-stuttgart.de', //production metadata
+ //logoutUrl: 'https://transfer.hft-stuttgart.de/idp/saml2/idp/SingleLogoutService.php'
logoutUrl: 'https://m4lab.hft-stuttgart.de/idp/saml2/idp/SingleLogoutService.php'
}
},
database: {
- host: 'localhost', // DB host
+ host: 'transfer.hft-stuttgart.de', // DB host
user: 'DBManager', // DB username
password: 'Stuttgart2019', // DB password
port: 3306, // MySQL port
diff --git a/routes/routes.js b/routes/routes.js
index af04837dfa1302b395261899e9ae9d66b9e6ea41..b0e32625059268f0d2e5ec77087478188f6f001b 100644
--- a/routes/routes.js
+++ b/routes/routes.js
@@ -124,14 +124,14 @@ module.exports = function (app, config, passport) {
app.get('/login',
passport.authenticate(config.passport.strategy,
{
- successRedirect: '/',
- failureRedirect: '/login'
+ successRedirect: '/account/',
+ failureRedirect: '/account/login'
})
);
app.get('/logout', function (req, res) {
if (req.user == null) {
- return res.redirect('/');
+ return res.redirect('/account/');
}
req.user.nameID = req.user.id;
@@ -162,7 +162,7 @@ module.exports = function (app, config, passport) {
}
})
} else {
- res.redirect('/login');
+ res.redirect('/account/login');
}
});
@@ -226,7 +226,7 @@ module.exports = function (app, config, passport) {
}
])
} else {
- res.redirect('/login');
+ res.redirect('/account/login');
}
});
@@ -236,7 +236,7 @@ module.exports = function (app, config, passport) {
user: req.user // useful for view engine, useless for HTML
});
} else {
- res.redirect('/login');
+ res.redirect('/account/login');
}
});
@@ -261,11 +261,11 @@ module.exports = function (app, config, passport) {
else {
req.flash('success', 'Profile updated!');
}
- res.redirect('/profile');
+ res.redirect('/account/profile');
})
}
} else {
- res.redirect('/login');
+ res.redirect('/account/login');
}
});
@@ -280,7 +280,7 @@ module.exports = function (app, config, passport) {
// Load hashed passwd from DB
dbconn.user.query('SELECT password FROM credential WHERE user_id='+userId, function (err, rows, fields) {
if (err) {
- res.redirect('/500')
+ res.redirect('/account/500')
throw err
}
var userPwd = rows[0].password
@@ -288,17 +288,17 @@ module.exports = function (app, config, passport) {
// check if the password is correct
bcrypt.compare(currPwd, userPwd, function(err, isMatch) {
if (err) {
- res.redirect('/500')
+ res.redirect('/account/500')
throw err
}
else if (!isMatch) {
req.flash('error', "Sorry, your password was incorrect. Please double-check your password.")
- res.redirect('/security')
+ res.redirect('/account/security')
}
else {
if ( newPwd != retypePwd ) {
req.flash('error', "Passwords do no match. Please make sure you re-type your new password correctly.")
- res.redirect('/security')
+ res.redirect('/account/security')
}
else {
// update password
@@ -324,7 +324,7 @@ module.exports = function (app, config, passport) {
}
});
}
- res.redirect('/security')
+ res.redirect('/account/security')
})
});
});
@@ -336,7 +336,7 @@ module.exports = function (app, config, passport) {
})
}
else {
- res.redirect('/login');
+ res.redirect('/account/login');
}
});
@@ -369,7 +369,7 @@ module.exports = function (app, config, passport) {
var emailSubject = "M4_LAB Password Reset";
var emailContent = "Hi User,\n\n"+
"we've received a request to reset your password. If you didn't make the request, just ignore this email.\n\n"+
- "Otherwise, you can reset your password using this link: http://localhost:9989/reset/" + token + "\n" +
+ "Otherwise, you can reset your password using this link: http://m4lab.hft-stuttgart.de/account/reset/" + token + "\n" +
"This password reset is only valid for 1 hour.\n\n"+
"Thanks,\nM4_LAB Team"
@@ -412,7 +412,7 @@ module.exports = function (app, config, passport) {
else {
req.flash('success', 'If your email is registered, an e-mail has been sent to ' + emailAddress + ' with further instructions.');
}
- res.redirect('/forgotPwd');
+ res.redirect('/account/forgotPwd');
});
});
@@ -420,7 +420,7 @@ module.exports = function (app, config, passport) {
methods.getUserByToken(req.params.token, function(err, user){
if (!user) {
req.flash('error', 'Password reset token is invalid or has expired.');
- res.redirect('/forgotPwd');
+ res.redirect('/account/forgotPwd');
}
else {
res.render('reset');
@@ -457,7 +457,7 @@ module.exports = function (app, config, passport) {
}
});
// redirect to login page
- res.redirect('/login')
+ res.redirect('/account/login')
}
})
});
@@ -465,7 +465,7 @@ module.exports = function (app, config, passport) {
}
else {
req.flash('error', "User not found.")
- res.redirect('/login')
+ res.redirect('/account/login')
}
});
@@ -508,7 +508,7 @@ module.exports = function (app, config, passport) {
else {
req.flash('success', 'Your account has been created. Please log in.');
}
- res.redirect('/registration');
+ res.redirect('/account/registration');
})
});
});
diff --git a/views/profile.pug b/views/profile.pug
index 47c1f7e8683e370e2fb368337c4fca5d419230fe..d6edd221188c8fe39667cddba1c21006c5f5f292 100644
--- a/views/profile.pug
+++ b/views/profile.pug
@@ -35,8 +35,8 @@ html(lang="en")
span #{user.firstname} #{user.lastname}
div(class="nav flex-column nav-pills", id="v-pills-tab", role="tablist", aria-orientation="vertical")
a(class="nav-link" href="#" aria-selected="true") Profile
- a(class="nav-link" href="/security" aria-selected="false") Security
- a(class="nav-link" href="/services" aria-selected="false") Services
+ a(class="nav-link" href="/account/security" aria-selected="false") Security
+ a(class="nav-link" href="/account/services" aria-selected="false") Services
div(class="col-sm-9")
if successes
for success in successes
diff --git a/views/security.pug b/views/security.pug
index 95cf50eacf526b535ee1dd902372d8648eb31a51..cbe435cdbbd15f03a5f903899bc43ec3c59c035a 100644
--- a/views/security.pug
+++ b/views/security.pug
@@ -37,9 +37,9 @@ html(lang="en")
h5
span #{user.firstName} #{user.lastName}
div(class="nav flex-column nav-pills", id="v-pills-tab", role="tablist", aria-orientation="vertical")
- a(class="nav-link" href="/profile" aria-selected="true") Profile
+ a(class="nav-link" href="/account/profile" aria-selected="true") Profile
a(class="nav-link" href="#" aria-selected="false") Security
- a(class="nav-link" href="/services" aria-selected="false") Services
+ a(class="nav-link" href="/account/services" aria-selected="false") Services
div(class="col-sm-9")
if successes
for success in successes
@@ -49,7 +49,7 @@ html(lang="en")
for error, i in errors
div.alert.alert-danger.alert-dismissible.fade.show #{ error }
a(class="close", href="#", data-dismiss="alert", aria-label="close") ×
- form(class="needs-validation", method="post", action="/changePwd" novalidate)
+ form(class="needs-validation", method="post", action="/account/changePwd" novalidate)
div(class="form-group row")
label(for="currPwd") Current Password
input(id="inputCurrPwd", name="inputCurrPwd", type="password", class="form-control" required)
diff --git a/views/services.pug b/views/services.pug
index f095144beb05de603a741230ae857d11b543b3f9..a62efed6f811ce760acdae761f8a5addb50e2647 100644
--- a/views/services.pug
+++ b/views/services.pug
@@ -34,8 +34,8 @@ html(lang="en")
h5
span #{user.firstName} #{user.lastName}
div(class="nav flex-column nav-pills", id="v-pills-tab", role="tablist", aria-orientation="vertical")
- a(class="nav-link" href="/profile" aria-selected="true") Profile
- a(class="nav-link" href="/security" aria-selected="false") Security
+ a(class="nav-link" href="/account/profile" aria-selected="true") Profile
+ a(class="nav-link" href="/account/security" aria-selected="false") Security
a(class="nav-link" href="#" aria-selected="false") Services
div(class="col-sm-9")
if successes