Skip to content

GitLab

Commit 9fb60ffd authored by Rosanny Sihombing's avatar Rosanny Sihombing
Browse files

Merge branch 'devel' into 'testing' 

Refactoring and codes cleaning

See merge request !144
parents 961ab112 4450156e
Pipeline #6621 failed with stage
in 20 seconds
Hide whitespace changes
Inline Side-by-side
src/public/js/headfootLogout.js 0 → 100644
View file @ 9fb60ffd
const menu = [{ name: 'Informationen', combos: [{ name: 'Projekte', link: '/project' }, { name: 'Über das M4_LAB', link: '/projectoverview?projectID=1' }], type: 'dropdown', link: '#' }, { name: 'Zusammenarbeit', combos: [{ name: 'Mailinglisten', link: '/mailinglists' }, { name: 'Videokonferenzen', link: '/videoconference.html' }/* {'name':'...', 'link':'#'} */], type: 'dropdown', link: '#' }, { name: 'Events', combos: [{ name: 'Veranstaltungen der HfT', link: 'http://www.hft-stuttgart.de/Aktuell/Veranstaltungen/' }/*, {'name':'...', 'link':'#'} */], type: 'dropdown', link: '#' }, /* {'name':'Bürgerbeteiligung', 'combos':[{'name':'...', 'link':'#'}, {'name':'...', 'link':'#'}], 'type':'dropdown', 'link':'#'}, */{ name: 'Logout', combos: [], type: 'logoutbutton', link: '/logout' }]
const hft_links = [{ url: 'http://www.hft-stuttgart.de/Forschung/M4-Lab/Team/index.html/de', name: 'Kontakt' }, { url: 'http://www.hft-stuttgart.de/Hochschule/Impressum.html/de', name: 'Impressum' }, { url: 'http://www.hft-stuttgart.de/Einrichtungen/Datenschutz/Datenschutz-Homepage', name: 'Datenschutz' }]
const socialmedias = [{ url: 'https://twitter.com/InnolabM4', name: 'fa-twitter' }, { url: 'https://www.facebook.com/HfTStuttgart/', name: 'fa-facebook-square' }, { url: 'https://www.instagram.com/m4_lab/', name: 'fa-instagram' }, { url: 'https://de.linkedin.com/school/hochschule-f%C3%BCr-technik-stuttgart-%E2%80%93-university-of-applied-sciences/', name: 'fa-linkedin' }, { url: 'https://www.youtube.com/channel/UCi0_JfF2qMZbOhOnNH5PyHA', name: 'fa-youtube' }]
const footer_images = [{ src: '/images/demo/Innovative_Hochschule_Initiative_BMBF_GWK_RGB.jpg', alt: 'Innovative Hochschule' }]
function prependChild (parent, child) {
parent.insertBefore(child, parent.childNodes[0])
}
function userAuthenticated () {
const params = new URLSearchParams(window.location.search)
if (params.get('isAuthenticatedUser')) {
return true
} else if (document.getElementById('loginswitch')) { // relikt login via OAuth
if (document.getElementById('loginswitch').getAttribute('authenticated') == '1') {
return true
}
} else {
return false
}
}
function readCookie (cname) {
const name = cname + '='
const decodedCookie = decodeURIComponent(document.cookie)
const ca = decodedCookie.split(';')
for (let i = 0; i < ca.length; i++) {
let c = ca[i]
while (c.charAt(0) == ' ') {
c = c.substring(1)
}
if (c.indexOf(name) == 0) {
return c.substring(name.length, c.length)
}
}
return ''
}
function sendRequest (URL) {
console.log(document.cookie)
const xhr = new XMLHttpRequest()
xhr.open('POST', URL, true)
const token = readCookie('XSRF-TOKEN')
// Send the proper header information along with the request
xhr.setRequestHeader('X-CSRF-TOKEN', token)
xhr.send()
}
/* function head()
* creates header and prepends it to the documents body
*/
function head () {
const headerdiv = document.createElement('div')
const alertdiv = document.createElement('div')
headerdiv.classList.add('wrapper', 'row1')
const navheader = document.createElement('header')
navheader.id = 'header'
navheader.classList.add('clear')
const alertbutton = document.createElement('button')
alertbutton.type = 'button'
alertbutton.classList.add('close')
alertbutton.setAttribute('data-dismiss', 'alert')
alertbutton.innerHTML = '&times;'
alertdiv.innerHTML = '<strong>Disclaimer</strong> This website is under construction and in prototype-phase. It is not for public use.'
prependChild(alertdiv, alertbutton)
alertdiv.classList.add('alert', 'alert-danger', 'alert-dismissible', 'fade', 'show', 'text-center')
// alertdiv.style = "text-align:center;";
navheader.appendChild(alertdiv)
const navbar = document.createElement('nav')
navbar.classList.add('navbar', 'navbar-default')
const fluiddiv = document.createElement('div')
fluiddiv.classList.add('container-fluid')
const navbardiv = document.createElement('div')
navbardiv.classList.add('navbar-header')
const navelements = document.createElement('ul')
navelements.id = 'navelemente'
const logos = document.createElement('li')
const link_m4lab = document.createElement('a')
link_m4lab.href = '/'
link_m4lab.innerHTML = "<img src='/images/demo/m4lab_logo.jpg' alt='Logo Innovationslabor M4_LAB'>"
logos.appendChild(link_m4lab)
navelements.appendChild(logos)
for (let j = 0; j < menu.length; j++) {
const headitem = document.createElement('li')
const itemtype = menu[j].type
headitem.classList.add('nav-item')
const headlink = document.createElement('a')
headlink.href = menu[j].link
headlink.id = 'navbarDropdown' + j
headlink.classList.add('nav-link')
headlink.setAttribute('role', 'button')
if (itemtype == 'dropdown') {
headitem.classList.add('dropdown')
headlink.classList.add('dropdown-toggle')
headlink.setAttribute('data-toggle', 'dropdown')
headlink.setAttribute('aria-haspopup', 'true')
headlink.setAttribute('aria-expanded', 'false')
}
headlink.innerHTML = menu[j].name
if (itemtype == 'dropdown') {
const combodiv = document.createElement('div')
combodiv.id = headlink.id + '_par'
combodiv.setAttribute('aria-labelledby', headlink.id)
combodiv.classList.add('dropdown-menu')
for (let k = 0; k < menu[j].combos.length; k++) {
const combolink = document.createElement('a')
combolink.classList.add('dropdown-item')
if (userAuthenticated() || typeof user !== 'undefined') { // either logged in the old way or logged in using SAML
if (menu[j].combos[k].link.includes('?')) {
combolink.href = menu[j].combos[k].link + '&isAuthenticatedUser=true'
} else {
combolink.href = menu[j].combos[k].link + '?isAuthenticatedUser=true'
}
} else {
combolink.href = menu[j].combos[k].link
}
combolink.innerHTML = menu[j].combos[k].name
combodiv.appendChild(combolink)
}
headitem.appendChild(combodiv)
} else if (itemtype == 'logoutbutton') {
/* if(userAuthenticated()){
headlink.innerHTML="Account";
headlink.href="/account/";
} */
headlink.innerHTML = 'Logout'
headlink.href = '/logout'
headlink.classList.remove('nav-link')
headlink.classList.add('btn')
headlink.classList.add('btn-outline-danger')
}
headitem.appendChild(headlink)
navelements.appendChild(headitem)
}
/* let searchitem = document.createElement('li');
searchitem.classList.add("nav-item");
let searchinput = document.createElement('input');
searchinput.value='Suche...'
searchinput.type="text";
searchinput.classList.add("nav-item-suchfeld");
searchinput.setAttribute('onFocus', "this.value=(this.value=='search...')? '' : this.value");
searchitem.appendChild(searchinput);
let magnifier = document.createElement('input');
magnifier.type="image"
magnifier.src="/images/Lupe_grau.png";
magnifier.width="25";
magnifier.height="25";
magnifier.alt="";
magnifier.id="sf_submit";
magnifier.value="search";
searchitem.appendChild(magnifier);
navelements.appendChild(searchitem); */
navbardiv.appendChild(navelements)
fluiddiv.appendChild(navbardiv)
navbar.appendChild(fluiddiv)
navheader.appendChild(navbar)
headerdiv.appendChild(navheader)
prependChild(document.body, headerdiv)
};
/* function foot()
* creates footer and appends it to the documents body
*/
function foot () {
const footerdiv = document.createElement('div')
footerdiv.id = 'homepage'
footerdiv.classList.add('last', 'clear')
footerdiv.innerHTML = '<hr>'
const containerdiv = document.createElement('div')
containerdiv.classList.add('flex-container')
const hftlink = document.createElement('a')
hftlink.classList.add('col-md-3')
hftlink.setAttribute('style', 'flex-basis: 400px;')
hftlink.href = 'https://www.hft-stuttgart.de'
const hftimage = document.createElement('img')
hftimage.src = '/images/demo/hft_logo.jpg'
hftimage.alt = 'Logo der Hochschule für Technik Stuttgart'
hftimage.height = '75'
hftlink.appendChild(hftimage)
containerdiv.appendChild(hftlink)
const contactdiv = document.createElement('div')
contactdiv.classList.add('col-md-3', 'footer-unten')
contactdiv.setAttribute('style', 'flex-basis:400px')
contactdiv.innerHTML = 'Hochschule für Technik Stuttgart'
const rowdiv = document.createElement('div')
rowdiv.classList.add('row')
for (let i = 0; i < hft_links.length; i++) {
const coldiv = document.createElement('div')
coldiv.classList.add('contactrow', 'footer-unten')
const collink = document.createElement('a')
collink.innerHTML = hft_links[i].name
collink.classList.add('contact-lower')
collink.href = hft_links[i].url
coldiv.appendChild(collink)
rowdiv.appendChild(coldiv)
}
contactdiv.appendChild(rowdiv)
containerdiv.appendChild(contactdiv)
const socialdiv = document.createElement('div')
socialdiv.classList.add('col-md-3')
socialdiv.setAttribute('style', 'flex-basis: 400px;')
const socialrow = document.createElement('div')
socialrow.id = 'socialmediabuttons'
for (let j = 0; j < socialmedias.length; j++) {
const sociallink = document.createElement('a')
sociallink.href = socialmedias[j].url
const socialcontent = document.createElement('i')
socialcontent.classList.add('fab', socialmedias[j].name)
sociallink.appendChild(socialcontent)
socialrow.appendChild(sociallink)
socialrow.innerHTML += '&nbsp;'
}
socialdiv.appendChild(socialrow)
containerdiv.appendChild(socialdiv)
const imagediv = document.createElement('div')
imagediv.classList.add('col-md-3')
imagediv.setAttribute('style', 'flex-basis:400px;')
for (let k = 0; k < footer_images.length; k++) {
const image = document.createElement('img')
image.src = footer_images[k].src
image.width = '300'
image.height = '73'
image.alt = footer_images[k].alt
imagediv.appendChild(image)
}
containerdiv.appendChild(imagediv)
footerdiv.appendChild(containerdiv)
document.body.appendChild(footerdiv)
};
head()
foot()
src/public/js/registration.js 0 → 100644
View file @ 9fb60ffd
let isEmailValid = false
let isPasswordValid = false
// check if email already exist
$('#inputEmail').change(function () {
const email = $('#inputEmail').val()
$.get('email/' + email, function (data) {
$('#emailWarning').empty()
isEmailValid = data
if (!isEmailValid) {
$('#emailWarning').html('Mit dieser E-Mail-Adresse existiert bereits ein Benutzerkonto in unserem Transferportal.')
}
switchSubmitButton()
})
.fail(function () {
console.log('cannot check email')
})
})
// check password
$('#inputPassword').on('keyup', function () {
isPasswordValid = checkPasswordReq($('#inputPassword').val())
$('#passwordWarning').empty()
if (!isPasswordValid) {
// $('#passwordWarning').html('Must be at least 8 characters')
$('#passwordWarning').html('Das Passwort muss mindestens 8 Zeichen haben')
}
switchSubmitButton()
})
function switchSubmitButton () {
if (isEmailValid && isPasswordValid) {
$('#submitBtn').prop('disabled', false)
} else {
$('#submitBtn').prop('disabled', true)
}
}
src/public/js/security.js 0 → 100644
View file @ 9fb60ffd
// check password and password confirmation input fields
// used in Security and Reset Password
$('#inputNewPwd, #inputConfirm').on('keyup', function () {
let isBest, isMatch
isBest = checkPasswordReq($('#inputNewPwd').val())
$('#recommendation').empty()
if (!isBest) {
// $('#recommendation').html('Must be at least 8 characters').css('color', 'red');
$('#recommendation').html('Das Passwort muss mindestens 8 Zeichen haben').css('color', 'red')
}
// match or not?
if ($('#inputNewPwd').val() === $('#inputConfirm').val()) {
// $('#message').html('Matching').css('color', 'green');
$('#message').html('Übereinstimmend').css('color', 'green')
isMatch = true
} else {
// $('#message').html('Not Matching').css('color', 'red');
$('#message').html('Nicht übereinstimmend').css('color', 'red')
isMatch = false
}
// enable/disable update button
if (isBest && isMatch) {
$('#updateBtn').prop('disabled', false)
} else {
$('#updateBtn').prop('disabled', true)
}
})
routes/account.ts src/routes/account.ts
View file @ 9fb60ffd
......@@ -2,63 +2,62 @@ import fs from 'fs'
import async from 'async'
import bcrypt from 'bcryptjs'
import * as passportSaml from 'passport-saml'
import dbconn from '../config/dbconn'
import methods from '../functions/methods'
import gitlab from '../functions/gitlab'
import constants from '../config/const'
import mailer from '../config/mailer'
import portalUser from '../classes/user'
import projectInformation from '../classes/website'
import projectRepo from '../classes/repo'
import { dbConnection } from '../config/dbconn'
import { dbController } from '../controller/dbController'
import { gitlabController } from '../controller/gitlabController'
import { miscConst } from '../config/const'
import { mailer } from '../config/mailer'
import { User } from '../classes/user'
import { Website } from '../classes/website'
import { Repo } from '../classes/repo'
const SamlStrategy = passportSaml.Strategy
const saltRounds = 10;
const salt = 64; // salt length
const saltRounds = 10
const salt = 64 // salt length
const logoDir = 'public/upload/'
const defaultLogo:any = 'public/default/logo.png'
export = function (app:any, config:any, passport:any, lang:string) {
const defaultLogo: any = 'public/default/logo.png'
module.exports = function (app: any, config: any, passport: any, lang: string) {
// =========== PASSPORT =======
passport.serializeUser(function (user:any, done:any) {
done(null, user);
});
passport.deserializeUser(function (user:any, done:any) {
done(null, user);
});
var samlStrategy = new SamlStrategy({
// URL that goes from the Identity Provider -> Service Provider
callbackUrl: config.passport.saml.path,
// Base address to call logout requests
logoutUrl: config.passport.saml.logoutUrl,
entryPoint: config.passport.saml.entryPoint,
issuer: config.passport.saml.issuer,
identifierFormat: undefined,
// Service Provider private key
decryptionPvk: fs.readFileSync(__dirname + '/cert/key.pem', 'utf8'),
// Service Provider Certificate
privateKey: fs.readFileSync(__dirname + '/cert/key.pem', 'utf8'),
// Identity Provider's public key
cert: fs.readFileSync(__dirname + '/cert/cert_idp.pem', 'utf8'),
validateInResponseTo: false,
disableRequestedAuthnContext: true
passport.serializeUser(function (user: any, done: any) {
done(null, user)
})
passport.deserializeUser(function (user: any, done: any) {
done(null, user)
})
const samlStrategy = new SamlStrategy({
// URL that goes from the Identity Provider -> Service Provider
callbackUrl: config.passport.saml.path,
// Base address to call logout requests
logoutUrl: config.passport.saml.logoutUrl,
entryPoint: config.passport.saml.entryPoint,
issuer: config.passport.saml.issuer,
identifierFormat: undefined,
// Service Provider private key
decryptionPvk: fs.readFileSync(__dirname + '/cert/key.pem', 'utf8'),
// Service Provider Certificate
privateKey: fs.readFileSync(__dirname + '/cert/key.pem', 'utf8'),
// Identity Provider's public key
cert: fs.readFileSync(__dirname + '/cert/cert_idp.pem', 'utf8'),
validateInResponseTo: false,
disableRequestedAuthnContext: true
},
function (profile:any, done:any) {
function (profile: any, done: any) {
return done(null, {
id: profile.nameID,
idFormat: profile.nameIDFormat,
email: profile.email,
firstName: profile.givenName,
lastName: profile.sn
});
});
passport.use(samlStrategy);
})
})
passport.use(samlStrategy)
// ============= SAML ==============
app.post(config.passport.saml.path,
......@@ -67,33 +66,33 @@ export = function (app:any, config:any, passport:any, lang:string) {
failureRedirect: '/account/',
failureFlash: true
}),
function (req:any, res:any) {
res.redirect('/account/');
function (req: any, res: any) {
res.redirect('/account/')
}
);
)
// to generate Service Provider's XML metadata
app.get('/saml/metadata',
function(req:any, res:any) {
res.type('application/xml');
var spMetadata = samlStrategy.generateServiceProviderMetadata(fs.readFileSync(__dirname + '/cert/cert.pem', 'utf8'));
res.status(200).send(spMetadata);
function (req: any, res: any) {
res.type('application/xml')
const spMetadata = samlStrategy.generateServiceProviderMetadata(fs.readFileSync(__dirname + '/cert/cert.pem', 'utf8'))
res.status(200).send(spMetadata)
}
);
)
// ======== APP ROUTES - ACCOUNT ====================
async function getLoggedInUserData(email:string) {
let user = await methods.getUserByEmail(email)
async function getLoggedInUserData (email: string) {
const user = await dbController.getUserByEmail(email)
if (!user) {
console.log('no user found')
return null
} else {
let loggedInUser = new portalUser(
const loggedInUser = new User(
user.id, email, user.salutation, user.title, user.firstname, user.lastname, user.industry, user.organisation, user.speciality, user.m4lab_idp, user.verificationStatus
)
let userGitlabId = await methods.getGitlabId(loggedInUser.id)
const userGitlabId = await dbController.getGitlabId(loggedInUser.id)
if (userGitlabId) {
loggedInUser.setGitlabUserId(userGitlabId)
}
......@@ -101,21 +100,21 @@ export = function (app:any, config:any, passport:any, lang:string) {
}
}
app.get('/', async function (req:any, res:any) {
if ( !req.isAuthenticated() ) {
app.get('/', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) {
console.error("user data is not found")
res.status(500).render(lang+'/500', { error: "Your data is not found. Please try again." })
const loggedInUser = await getLoggedInUserData(req.user.email)
if (loggedInUser == null) {
console.error('user data is not found')
res.status(500).render(lang + '/500', { error: 'Your data is not found. Please try again.' })
} else {
res.render(lang+'/account/home', {
res.render(lang + '/account/home', {
user: loggedInUser
});
})
}
}
});
})
app.get('/login',
passport.authenticate(config.passport.strategy, {
......@@ -124,106 +123,102 @@ export = function (app:any, config:any, passport:any, lang:string) {
})
)
app.get('/logout', function (req:any, res:any) {
app.get('/logout', function (req: any, res: any) {
if (req.user == null) {
return res.redirect('/');
return res.redirect('/')
}
req.user.nameID = req.user.id;
req.user.nameIDFormat = req.user.idFormat;
return samlStrategy.logout(req, function(err:any, uri:any) {
req.logout();
req.user.nameID = req.user.id
req.user.nameIDFormat = req.user.idFormat
return samlStrategy.logout(req, function (err: any, uri: any) {
req.logout()
if ( req.session ) {
req.session.destroy((err:any) => {
if(err) {
return console.log(err);
if (req.session) {
req.session.destroy((err: any) => {
if (err) {
return console.log(err)
}
});
})
}
return res.redirect(uri);
});
});
return res.redirect(uri)
})
})
app.get('/profile', async function (req:any, res:any) {
if ( !req.isAuthenticated() ) {
app.get('/profile', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) { // null user
const loggedInUser = await getLoggedInUserData(req.user.email)
if (loggedInUser == null) { // null user
res.redirect('/account/')
} else {
if(loggedInUser.getVerificationStatus() != 1) {
if (loggedInUser.getVerificationStatus() !== 1) {
res.redirect('/account/')
} else {
res.render(lang+'/account/profile', {
res.render(lang + '/account/profile', {
user: loggedInUser
})
}
}
}
})
app.get('/services', async function(req:any, res:any){
if( !req.isAuthenticated() ) {
app.get('/services', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) { // null user
const loggedInUser = await getLoggedInUserData(req.user.email)
if (loggedInUser == null) { // null user
res.redirect('/account/')
} else {
if(loggedInUser.getVerificationStatus() != 1) { // unverified users
if (loggedInUser.getVerificationStatus() !== 1) { // unverified users
res.redirect('/account/')
} else {
let gitlabReposArr = []
let gitlabPagesArr = []
if(loggedInUser.getGitlabUserId()) { // for users who have activated their gitlab account
let userProjects = await gitlab.getUserProjects(loggedInUser.getGitlabUserId()!)
if (!userProjects) {
console.error("something went wrong")
res.status(500).render(lang+'/500', { error: "something went wrong" })
}
let project:any
for (project in userProjects) {
if (userProjects[project].tag_list.includes('website')) {
let page = {
projectInformation: new projectInformation(loggedInUser.getGitlabUserId()!, userProjects[project].name, userProjects[project].description,
userProjects[project].id, userProjects[project].avatar_url, userProjects[project].path_with_namespace),
pipelineStatus: await gitlab.getProjectPipelineLatestStatus(userProjects[project].id)
const gitlabReposArr = []
const gitlabPagesArr = []
if (loggedInUser.getGitlabUserId()) { // for users who have activated their gitlab account
const userProjects = await gitlabController.getUserProjects(loggedInUser.getGitlabUserId()!)
if (userProjects) {
let project: any
for (project in userProjects) {
if (userProjects[project].tag_list.includes('website')) {
const page = {
projectInformation: new Website(loggedInUser.getGitlabUserId()!, userProjects[project].name, userProjects[project].description,
userProjects[project].id, userProjects[project].avatar_url, userProjects[project].path_with_namespace),
pipelineStatus: await gitlabController.getProjectPipelineLatestStatus(userProjects[project].id)
}
gitlabPagesArr.push(page)
} else {
const repo = new Repo(loggedInUser.getGitlabUserId()!, userProjects[project].name, userProjects[project].description,
userProjects[project].id, userProjects[project].avatar_url, userProjects[project].path_with_namespace)
gitlabReposArr.push(repo)
}
gitlabPagesArr.push(page)
} else {
let repo = new projectRepo(loggedInUser.getGitlabUserId()!, userProjects[project].name, userProjects[project].description,
userProjects[project].id, userProjects[project].avatar_url, userProjects[project].path_with_namespace)
gitlabReposArr.push(repo)
}
}
res.render(lang+'/account/services', {
res.render(lang + '/account/services', {
user: loggedInUser,
gitlabRepos: gitlabReposArr,
gitlabPages: gitlabPagesArr
})
} else { // for users who have not activated their gitlab account yet
let gitlabUser = await gitlab.getUserByEmail(loggedInUser.getEmail())
const gitlabUser = await gitlabController.getUserByEmail(loggedInUser.getEmail())
if (!gitlabUser) {
res.render(lang+'/account/services', {
res.render(lang + '/account/services', {
user: loggedInUser,
gitlabRepos: null,
gitlabPages: null
})
} else {
let gitlabActivationData = {
const gitlabActivationData = {
user_id: loggedInUser.getId(),
gitlab_userId: gitlabUser.id}
gitlab_userId: gitlabUser.id
}
methods.addGitlabUser(gitlabActivationData, function(err:any){
if(err) {
res.status(500).render(lang+'/500', { error: err })
dbController.addGitlabUser(gitlabActivationData, function (err: any) {
if (err) {
res.status(500).render(lang + '/500', { error: err })
} else {
res.redirect('/account/services')
}
......@@ -235,16 +230,16 @@ export = function (app:any, config:any, passport:any, lang:string) {
}
})
app.get('/security', async function (req:any, res:any) {
if ( !req.isAuthenticated() ) {
app.get('/security', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) { // null user
const loggedInUser = await getLoggedInUserData(req.user.email)
if (loggedInUser == null) { // null user
res.redirect('/account/')
} else {
if(loggedInUser.getVerificationStatus() == 1 && loggedInUser.getIdpStatus() == 1) {
res.render(lang+'/account/security', {
if (loggedInUser.getVerificationStatus() === 1 && loggedInUser.getIdpStatus() === 1) {
res.render(lang + '/account/security', {
user: loggedInUser
})
} else {
......@@ -254,15 +249,15 @@ export = function (app:any, config:any, passport:any, lang:string) {
}
})
app.post('/updateProfile', async function (req:any, res:any) {
if ( !req.isAuthenticated() ) {
app.post('/updateProfile', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) { // null user
const loggedInUser = await getLoggedInUserData(req.user.email)
if (loggedInUser == null) { // null user
res.redirect('/account/')
} else {
let userData = {
const userData = {
salutation: req.body.inputSalutation,
title: req.body.inputTitle,
firstname: req.body.inputFirstname,
......@@ -270,11 +265,11 @@ export = function (app:any, config:any, passport:any, lang:string) {
email: req.body.inputEmail,
organisation: req.body.inputOrganisation,
industry: req.body.inputIndustry,
speciality: req.body.inputSpeciality,
speciality: req.body.inputSpeciality
}
let result = await methods.updateUserById(loggedInUser.getId(), userData)
const result = await dbController.updateUserById(loggedInUser.getId(), userData)
if (!result) {
res.flash('error', "Failed")
res.flash('error', 'Failed')
} else {
loggedInUser.updateProfile(userData.salutation, userData.title, userData.firstname, userData.lastname, userData.email,
userData.organisation, userData.industry, userData.speciality)
......@@ -282,101 +277,99 @@ export = function (app:any, config:any, passport:any, lang:string) {
}
res.redirect('/account/profile')
}
}
});
})
app.post('/changePwd', async function (req:any, res:any) {
if( !req.isAuthenticated() ) {
app.post('/changePwd', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
const loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) { // null user
if (loggedInUser == null) { // null user
res.redirect('/account/')
} else {
let currPwd = req.body.inputCurrPwd
let newPwd = req.body.inputNewPwd
let retypePwd = req.body.inputConfirm
const currPwd = req.body.inputCurrPwd
const newPwd = req.body.inputNewPwd
const retypePwd = req.body.inputConfirm
dbconn.user.query('SELECT password FROM credential WHERE user_id='+loggedInUser.getId(), function (err:any, rows:any) {
dbConnection.user.query('SELECT password FROM credential WHERE user_id=' + loggedInUser.getId(), function (err: any, rows: any) {
if (err) {
console.error(err)
res.status(500).render(lang+'/500', { error: err })
res.status(500).render(lang + '/500', { error: err })
}
let userPwd = rows[0].password
const userPwd = rows[0].password
// check if the password is correct
bcrypt.compare(currPwd, userPwd, function(err, isMatch) {
bcrypt.compare(currPwd, userPwd, function (err, isMatch) {
if (err) {
console.error(err)
res.status(500).render(lang+'/500', { error: err })
res.status(500).render(lang + '/500', { error: err })
} else if (!isMatch) {
res.flash('error', "Das Passwort ist leider falsch. Bitte überprüfen Sie Ihre Eingabe.")
res.flash('error', 'Das Passwort ist leider falsch. Bitte überprüfen Sie Ihre Eingabe.')
res.redirect('/account/security')
} else {
if ( newPwd != retypePwd ) {
if (newPwd !== retypePwd) {
res.flash('error', 'Passwörter stimmen nicht überein. Bitte stellen Sie sicher, dass Sie das Passwort beide Male genau gleich eingeben.')
res.redirect('/account/security')
} else {
// update password
bcrypt.genSalt(saltRounds, function(err, salt) {
bcrypt.hash(newPwd, salt, async function(err, hash) {
var credentialData = {
bcrypt.genSalt(saltRounds, function (err, salt) {
bcrypt.hash(newPwd, salt, async function (err, hash) {
const credentialData = {
password: hash,
user_id: loggedInUser!.getId()
user_id: loggedInUser.getId()
}
let result = await methods.updateCredential(credentialData)
const result = await dbController.updateCredential(credentialData)
if (!result) {
console.log('Failed to reset password')
res.flash('error', "Datenbankfehler: Passwort kann nicht geändert werden.")
res.flash('error', 'Datenbankfehler: Passwort kann nicht geändert werden.')
} else {
res.flash('success', "Passwort aktualisiert!")
res.flash('success', 'Passwort aktualisiert!')
// send notifiaction email
mailer.options.to = loggedInUser!.getEmail()
mailer.options.subject = constants.updatePasswordMailSubject
mailer.options.html = constants.updatePasswordMailContent+'<div>'+constants.mailSignature+'</div>'
mailer.transporter.sendMail(mailer.options, function(err:any) {
mailer.options.to = loggedInUser.getEmail()
mailer.options.subject = miscConst.updatePasswordMailSubject
mailer.options.html = miscConst.updatePasswordMailContent + '<div>' + miscConst.mailSignature + '</div>'
mailer.transporter.sendMail(mailer.options, function (err: any) {
if (err) { console.log(err) }
})
}
res.redirect('/account/security')
});
});
})
})
}
}
})
})
}
}
});
app.get('/resendVerificationEmail', async function(req:any, res:any){
})
app.get('/resendVerificationEmail', async function (req: any, res: any) {
if (!req.isAuthenticated) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) {
const loggedInUser = await getLoggedInUserData(req.user.email)
if (loggedInUser == null) {
res.redirect('/login')
} else {
let token = await methods.getVerificationTokenByUserId(loggedInUser.id)
const token = await dbController.getVerificationTokenByUserId(loggedInUser.id)
if (!token) {
res.send(false)
} else {
// send email
var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto"
var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
const emailSubject = 'Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto'
const emailContent = '<div>Lieber Nutzer,<br/><br/>' +
'<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' +
'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: ' + config.app.host + '/verifyAccount?token=' + token +
'<br/><br/>' +
'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + constants.mailSignature +
'</div>';
mailer.options.to = loggedInUser.email;
mailer.options.subject = emailSubject;
mailer.options.html = emailContent;
mailer.transport.sendMail(mailer.options, function(err:any) {
'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + miscConst.mailSignature +
'</div>'
mailer.options.to = loggedInUser.email
mailer.options.subject = emailSubject
mailer.options.html = emailContent
mailer.transport.sendMail(mailer.options, function (err: any) {
if (err) {
console.log('cannot send email')
throw err
......@@ -389,20 +382,20 @@ export = function (app:any, config:any, passport:any, lang:string) {
})
// ============= NEW GITLAB PAGES ===========================
app.get('/newInformation', async function(req:any, res:any){
if ( !req.isAuthenticated() ) {
app.get('/newInformation', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) {
const loggedInUser = await getLoggedInUserData(req.user.email)
if (loggedInUser == null) {
res.redirect('/login')
} else {
let gitlabUser = await gitlab.getUserByEmail(loggedInUser.getEmail())
const gitlabUser = await gitlabController.getUserByEmail(loggedInUser.getEmail())
if (!gitlabUser) { // no user found
res.redirect('/account/services')
} else {
res.render(lang+'/account/newInformation', {
res.render(lang + '/account/newInformation', {
user: loggedInUser,
gitlabUsername: gitlabUser.username
})
......@@ -410,58 +403,58 @@ export = function (app:any, config:any, passport:any, lang:string) {
}
}
})
app.post('/newInformation', async function(req:any, res:any) {
if( !req.isAuthenticated() ) {
app.post('/newInformation', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) {
const loggedInUser = await getLoggedInUserData(req.user.email)
if (loggedInUser == null) {
res.redirect('/login')
} else {
if (!req.body.name && !req.body.description) {
res.flash('error', 'Bitte geben Sie die benötigten Daten ein')
res.redirect('/account/newInformation')
} else {
let projectName = req.body.name.toLowerCase().replace(/\s/g, '-')
let projectDesc = req.body.description
let projectTemplate = req.body.template
let newInformation = new projectInformation(loggedInUser.getGitlabUserId()!, projectName, projectDesc)
const projectName = req.body.name.toLowerCase().replace(/\s/g, '-')
const projectDesc = req.body.description
const projectTemplate = req.body.template
const newInformation = new Website(loggedInUser.getGitlabUserId()!, projectName, projectDesc)
let newLogoFile = defaultLogo
if (req.files) { newLogoFile = req.files.logo }
async.waterfall([
function(callback:any){ // upload logo
function (callback: any) { // upload logo
if (!req.files) {
callback(null, newLogoFile)
} else {
newLogoFile.mv(logoDir + newLogoFile.name, function(err:any) {
newLogoFile = logoDir+newLogoFile.name
newLogoFile.mv(logoDir + newLogoFile.name, function (err: any) {
newLogoFile = logoDir + newLogoFile.name
callback(err, newLogoFile)
})
}
},
async function(newLogoFile:any){ // create a new GitLab Page
let newPages = await gitlab.createNewPages(newInformation, newLogoFile, projectTemplate)
async function (newLogoFile: any) { // create a new GitLab Page
const newPages = await gitlabController.createNewPages(newInformation, newLogoFile, projectTemplate)
if (newPages.status) {
if(newPages.data.message.name == "has already been taken") {
res.flash("error", "Der Projektname '"+newInformation.getName()+"' ist bereits vergeben, bitte wählen Sie einen anderen Namen.")
if (newPages.data.message.name === 'has already been taken') {
res.flash('error', "Der Projektname '" + newInformation.getName() + "' ist bereits vergeben, bitte wählen Sie einen anderen Namen.")
} else {
res.flash("error", "Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut. ")
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut. ')
}
res.redirect('/account/newInformation')
} else {
res.flash("success", "Ihre Webseite wurde erstellt, aber noch nicht veröffentlicht. Um Ihre Webseite endgültig zu veröffentlichen, "+
"schließen Sie die Einrichtung gemäß unten stehender Anleitung ab.")
res.redirect('/account/updateInformation?id='+newPages.id)
res.flash('success', 'Ihre Webseite wurde erstellt, aber noch nicht veröffentlicht. Um Ihre Webseite endgültig zu veröffentlichen, ' +
'schließen Sie die Einrichtung gemäß unten stehender Anleitung ab.')
res.redirect('/account/updateInformation?id=' + String(newPages.id))
}
}
], function (err) {
if(err) console.log(err)
if (err != null) console.log(err)
// remove logo
if (req.files) {
fs.unlink(newLogoFile, (err) => {
if(err) console.log(err)
if (err != null) console.log(err)
})
}
})
......@@ -470,33 +463,33 @@ export = function (app:any, config:any, passport:any, lang:string) {
}
})
app.get('/updateInformation', async function(req:any, res:any){
if( !req.isAuthenticated() ) {
app.get('/updateInformation', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
const loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) {
if (loggedInUser == null) {
res.redirect('/login')
} else {
if(!req.query.id) {
if (!req.query.id) {
res.redirect('/account/services')
} else {
let project = await gitlab.getProjectById(req.query.id)
const project = await gitlabController.getProjectById(req.query.id)
if (!project) {
console.log(" ========= Error or no project found")
console.log(' ========= Error or no project found')
res.redirect('/account/services')
} else if (!project.owner) {
console.log(" ========= Project cannot be accessed, since it does not have an owner")
console.log(' ========= Project cannot be accessed, since it does not have an owner')
res.redirect('/account/services')
} else if (project.owner.id != loggedInUser.getGitlabUserId()) {
console.log(" ========= Access denied: Not your project")
} else if (project.owner.id !== loggedInUser.getGitlabUserId()) {
console.log(' ========= Access denied: Not your project')
res.redirect('/account/services')
} else {
let curInformation = new projectInformation(loggedInUser.getGitlabUserId()!, project.name, project.description,
const curInformation = new Website(loggedInUser.getGitlabUserId()!, project.name, project.description,
req.query.id, project.avatar_url, project.path_with_namespace)
res.render(lang+'/account/updateInformation', {
res.render(lang + '/account/updateInformation', {
user: loggedInUser,
information: curInformation
})
......@@ -506,58 +499,58 @@ export = function (app:any, config:any, passport:any, lang:string) {
}
})
// update a website
app.post('/updateInformation', async function(req:any, res:any){
if( !req.isAuthenticated() ) {
app.post('/updateInformation', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
const loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) {
if (loggedInUser == null) {
res.redirect('/login')
} else {
if (!req.body.name && !req.body.description) {
res.flash('error', 'Bitte geben Sie die benötigten Daten ein')
res.redirect('/account/updateInformation')
} else {
let projectName = req.body.name.toLowerCase().replace(/\s/g, '-')
let projectDesc = req.body.description
let updatedInformation = new projectInformation(loggedInUser.getGitlabUserId()!, projectName, projectDesc, req.query.id)
let newLogoFile:any
const projectName = req.body.name.toLowerCase().replace(/\s/g, '-')
const projectDesc = req.body.description
const updatedInformation = new Website(loggedInUser.getGitlabUserId()!, projectName, projectDesc, req.query.id)
let newLogoFile: any
async.waterfall([
function(callback:any){ // upload logo
if(!req.files) {
function (callback: any) { // upload logo
if (!req.files) {
callback(null, newLogoFile)
} else {
newLogoFile = req.files.logo
newLogoFile.mv(logoDir + newLogoFile.name, function(err:any) {
newLogoFile = logoDir + newLogoFile.name
newLogoFile.mv(logoDir + String(newLogoFile.name), function (err: any) {
newLogoFile = logoDir + String(newLogoFile.name)
callback(err, newLogoFile)
})
}
},
async function(newLogoFile:any){ // update gitlab page
let updatedPages = await gitlab.updateProject(updatedInformation, newLogoFile)
async function (newLogoFile: any) { // update gitlab page
const updatedPages = await gitlabController.updateProject(updatedInformation, newLogoFile)
if (updatedPages.status) {
if(updatedPages.data.message.name == "has already been taken") {
res.flash("error", "Der Projektname '"+projectName+"' ist bereits vergeben, bitte wählen Sie einen anderen Namen.")
if (updatedPages.data.message.name === 'has already been taken') {
res.flash('error', "Der Projektname '" + String(projectName) + "' ist bereits vergeben, bitte wählen Sie einen anderen Namen.")
} else {
res.flash("error", "Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut. ")
res.flash('error', 'Ein Fehler ist aufgetreten. Bitte versuchen Sie es erneut. ')
}
} else {
updatedInformation.setLogo(updatedPages.avatar_url)
updatedInformation.setPath(updatedPages.path)
res.flash("success", "Ihre Website wurde aktualisiert")
res.flash('success', 'Ihre Website wurde aktualisiert')
}
res.redirect('/account/updateInformation?id='+updatedInformation.getId())
res.redirect('/account/updateInformation?id=' + String(updatedInformation.getId()))
}
], function (err) {
if(err) console.log(err)
if(newLogoFile){ // remove logo
if (err != null) console.log(err)
if (newLogoFile) { // remove logo
fs.unlink(newLogoFile, (err) => {
if(err) console.log(err)
if (err != null) console.log(err)
})
}
})
......@@ -566,29 +559,29 @@ export = function (app:any, config:any, passport:any, lang:string) {
}
})
app.delete('/deleteProject', async function(req:any, res:any){
if( !req.isAuthenticated() ) {
app.delete('/deleteProject', async function (req: any, res: any) {
if (!req.isAuthenticated()) {
res.redirect('/login')
} else {
let loggedInUser = await getLoggedInUserData(req.user.email)
if (!loggedInUser) {
const loggedInUser = await getLoggedInUserData(req.user.email)
if (loggedInUser == null) {
res.redirect('/login')
} else {
let projectId = req.body.id
const projectId = req.body.id
if (projectId) {
// check if the owner is valid
let project = await gitlab.getProjectById(projectId)
const project = await gitlabController.getProjectById(projectId)
if (!project) {
console.log(" ========= Error or no project found")
console.log(' ========= Error or no project found')
} else if (!project.owner) {
console.log(" ========= Project cannot be accessed, since it does not have an owner")
} else if (project.owner.id != loggedInUser.getGitlabUserId()) {
console.log(" ========= Access denied: Not your project")
console.log(' ========= Project cannot be accessed, since it does not have an owner')
} else if (project.owner.id !== loggedInUser.getGitlabUserId()) {
console.log(' ========= Access denied: Not your project')
} else {
let isDeleted = await gitlab.deleteProjectById(projectId)
const isDeleted = await gitlabController.deleteProjectById(projectId)
if (!isDeleted) {
res.flash("error", "Project cannot be deleted. Please try again.")
res.flash('error', 'Project cannot be deleted. Please try again.')
}
}
}
......@@ -596,5 +589,4 @@ export = function (app:any, config:any, passport:any, lang:string) {
}
}
})
}
\ No newline at end of file
}
src/routes/public.ts 0 → 100644
View file @ 9fb60ffd
import { publicController } from '../controller/publicController'
module.exports = function (app: any, config: any, lang: any) {
// ================== NEW USERS REGISTRATION ======================
app.get('/registration', function (req: any, res: any) {
publicController.showRegistrationPage(res, lang)
})
app.post('/registration', function (req: any, res: any) {
publicController.registerUser(req, res, config)
})
// to check whether or not an account is already exist
app.get('/email/:email', async function (req: any, res: any) {
publicController.checkUserEmail(req, res)
})
// =================== USERS VERIFICATION =========================
app.get('/verifyAccount', async function (req: any, res: any) {
publicController.verifyAccount(req, res, lang)
})
// ==================== FORGOT PASSWORD ===========================
app.get('/forgotPwd', function (req: any, res: any) {
publicController.showForgotPwdPage(req, res, lang)
})
app.post('/forgotPwd', function (req: any, res: any) {
publicController.generateNewToken(req, res, config)
})
// reset
app.get('/reset/:token', async function (req: any, res: any) {
publicController.showResetPassword(req, res, lang)
})
app.post('/reset/:token', async function (req: any, res: any) {
publicController.resetPassword(req, res)
})
// ======================= CONTACT FORM ===========================
app.get('/contact', function (req: any, res: any) {
publicController.showContactPage(req, res, lang)
})
app.post('/contact', function (req: any, res: any) {
publicController.sendContactMessage(req, res)
})
}
views/DE/account/profile.pug src/views/DE/account/profile.pug
View file @ 9fb60ffd
......@@ -28,7 +28,7 @@ html(lang="de")
i(class="fa fa-lock fa-fw")
span(class="d-none d-md-inline") Sicherheitseinstellungen
li(class="nav-item")
a(class="nav-link pl-0" href="/account/services")
a(class="nav-link pl-0" href="/services")
i(class="fa fa-tasks fa-fw")
span(class="d-none d-md-inline") Projekte und Dienste
li(class="nav-item")
......
views/DE/account/security.pug src/views/DE/account/security.pug
View file @ 9fb60ffd
......@@ -23,7 +23,7 @@ html(lang="de")
a(class="nav-link pl-0 text-nowrap" href="/account/")
span(class="font-weight-bold color_black") #{user.firstName} #{user.lastName}
li(class="nav-item")
a(class="nav-link pl-0" href="/account/profile")
a(class="nav-link pl-0" href="/profile")
i(class="fa fa-user fa-fw")
span(class="d-none d-md-inline") Benutzerprofil
li(class="nav-item")
......@@ -31,7 +31,7 @@ html(lang="de")
i(class="fa fa-lock fa-fw color_black")
span(class="d-none d-md-inline color_black") Sicherheitseinstellungen
li(class="nav-item")
a(class="nav-link pl-0" href="/account/services")
a(class="nav-link pl-0" href="/services")
i(class="fa fa-tasks fa-fw")
span(class="d-none d-md-inline") Projekte und Dienste
li(class="nav-item")
......
views/DE/account/services.pug src/views/DE/account/services.pug
View file @ 9fb60ffd
......@@ -19,7 +19,7 @@ html(lang="de")
a(class="nav-link pl-0 text-nowrap" href="/")
span(class="font-weight-bold color_black") #{user.firstName} #{user.lastName}
li(class="nav-item")
a(class="nav-link pl-0" href="/account/profile")
a(class="nav-link pl-0" href="/profile")
i(class="fa fa-user fa-fw")
span(class="d-none d-md-inline") Benutzerprofil
if user.is_m4lab_idp
......@@ -78,6 +78,9 @@ html(lang="de")
div(class="col text-right")
button(type="button", class="btn btn-sm btn-success" disabled) Neuer Projektdatensatz
table(class="table")
if gitlabRepos.length == 0
tr
td Currently you have no project codes/data
for item in gitlabRepos
- let img = item.logo
tr
......@@ -95,4 +98,4 @@ html(lang="de")
script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
// M4_LAB
script(src="/js/headfoot.js")
script(src="/js/mobile.js")
\ No newline at end of file
script(src="/js/mobile.js")
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Dies ist die Gitlab-Instanz des Transferportals der Hochschule für Technik Stuttgart. Hier geht es zurück zum Portal