X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=src%2Fservice.js;h=2a159a9181c7b4d327282035c014a4e87a194e55;hb=baf73afc7f5090dc2bd1d720b5ecbc2b976e414a;hp=5fbf95055b38b964d15f0e0d369f72233c13f6a9;hpb=b0103b0d496262c438b40bc20304081dbfe41e73;p=squeep-indie-auther diff --git a/src/service.js b/src/service.js index 5fbf950..2a159a9 100644 --- a/src/service.js +++ b/src/service.js @@ -17,12 +17,12 @@ const Enum = require('./enum'); const _fileScope = common.fileScope(__filename); class Service extends Dingus { - constructor(logger, db, options) { + constructor(logger, db, options, asyncLocalStorage) { super(logger, { ...options.dingus, ignoreTrailingSlash: false, }); - + this.asyncLocalStorage = asyncLocalStorage; this.staticPath = path.normalize(path.join(__dirname, '..', 'static')); this.manager = new Manager(logger, db, options); this.authenticator = new Authenticator(logger, db, options); @@ -34,10 +34,10 @@ class Service extends Dingus { const route = (r) => `/${options.route[r]}`; // eslint-disable-line security/detect-object-injection // Service discovery - this.on(['GET', 'HEAD'], route('metadata'), this.handlerGetMeta.bind(this)); + this.on(['GET'], route('metadata'), this.handlerGetMeta.bind(this)); // Also respond with metadata on well-known oauth2 endpoint if base has no prefix if ((options?.dingus?.selfBaseUrl?.match(/\//g) || []).length === 3) { - this.on(['GET', 'HEAD'], '/.well-known/oauth-authorization-server', this.handlerGetMeta.bind(this)); + this.on(['GET'], '/.well-known/oauth-authorization-server', this.handlerGetMeta.bind(this)); } // Primary endpoints @@ -53,35 +53,35 @@ class Service extends Dingus { this.on('POST', route('userinfo'), this.handlerPostUserInfo.bind(this)); // Information page about service - this.on(['GET', 'HEAD'], '/', this.handlerGetRoot.bind(this)); + this.on(['GET'], '/', this.handlerGetRoot.bind(this)); // Give load-balancers something to check - this.on(['GET', 'HEAD'], route('healthcheck'), this.handlerGetHealthcheck.bind(this)); + this.on(['GET'], route('healthcheck'), this.handlerGetHealthcheck.bind(this)); // These routes are intended for accessing static content during development. // In production, a proxy server would likely handle these first. - this.on(['GET', 'HEAD'], '/static', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/static/`); - this.on(['GET', 'HEAD'], '/static/', this.handlerGetStaticFile.bind(this), 'index.html'); - this.on(['GET', 'HEAD'], '/static/:file', this.handlerGetStaticFile.bind(this)); - this.on(['GET', 'HEAD'], '/favicon.ico', this.handlerGetStaticFile.bind(this), 'favicon.ico'); - this.on(['GET', 'HEAD'], '/robots.txt', this.handlerGetStaticFile.bind(this), 'robots.txt'); + this.on(['GET'], '/static', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/static/`); + this.on(['GET'], '/static/', this.handlerGetStaticFile.bind(this), 'index.html'); + this.on(['GET'], '/static/:file', this.handlerGetStaticFile.bind(this)); + this.on(['GET'], '/favicon.ico', this.handlerGetStaticFile.bind(this), 'favicon.ico'); + this.on(['GET'], '/robots.txt', this.handlerGetStaticFile.bind(this), 'robots.txt'); // Profile and token management for authenticated sessions - this.on(['GET', 'HEAD'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`); - this.on(['GET', 'HEAD'], '/admin/', this.handlerGetAdmin.bind(this)); + this.on(['GET'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`); + this.on(['GET'], '/admin/', this.handlerGetAdmin.bind(this)); this.on(['POST'], '/admin/', this.handlerPostAdmin.bind(this)); // Ticket-proffering interface for authenticated sessions - this.on(['GET', 'HEAD'], '/admin/ticket', this.handlerGetAdminTicket.bind(this)); + this.on(['GET'], '/admin/ticket', this.handlerGetAdminTicket.bind(this)); this.on(['POST'], '/admin/ticket', this.handlerPostAdminTicket.bind(this)); // User authentication and session establishment - this.on(['GET', 'HEAD'], '/admin/login', this.handlerGetAdminLogin.bind(this)); + this.on(['GET'], '/admin/login', this.handlerGetAdminLogin.bind(this)); this.on(['POST'], '/admin/login', this.handlerPostAdminLogin.bind(this)); this.on(['GET'], '/admin/logout', this.handlerGetAdminLogout.bind(this)); // Page for upkeep info et cetera - this.on(['GET', 'HEAD'], '/admin/maintenance', this.handlerGetAdminMaintenance.bind(this)); + this.on(['GET'], '/admin/maintenance', this.handlerGetAdminMaintenance.bind(this)); } @@ -103,6 +103,10 @@ class Service extends Dingus { async preHandler(req, res, ctx) { await super.preHandler(req, res, ctx); ctx.url = req.url; // Persist this for logout redirect + + const logObject = this.asyncLocalStorage.getStore(); + logObject.requestId = ctx.requestId; + delete ctx.requestId; } @@ -115,10 +119,10 @@ class Service extends Dingus { const _scope = _fileScope('handlerGetAdminLogin'); this.logger.debug(_scope, 'called', { req, ctx }); - Dingus.setHeadHandler(req, res, ctx); - this.setResponseType(this.responseTypes, req, res, ctx); + await this.authenticator.sessionOptionalLocal(req, res, ctx); + await this.sessionManager.getAdminLogin(res, ctx); } @@ -174,8 +178,6 @@ class Service extends Dingus { initContext(ctx); - Dingus.setHeadHandler(req, res, ctx); - this.setResponseType(this.responseTypes, req, res, ctx); if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) { @@ -195,8 +197,6 @@ class Service extends Dingus { initContext(ctx); - Dingus.setHeadHandler(req, res, ctx); - this.setResponseType(this.responseTypes, req, res, ctx); if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) { @@ -217,8 +217,6 @@ class Service extends Dingus { initContext(ctx); - Dingus.setHeadHandler(req, res, ctx); - this.setResponseType(this.responseTypes, req, res, ctx); if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) { @@ -261,8 +259,6 @@ class Service extends Dingus { Enum.ContentType.TextPlain, ]; - Dingus.setHeadHandler(req, res, ctx); - this.setResponseType(responseTypes, req, res, ctx); await this.authenticator.sessionOptionalLocal(req, res, ctx); @@ -462,8 +458,6 @@ class Service extends Dingus { initContext(ctx); - Dingus.setHeadHandler(req, res, ctx); - this.setResponseType(responseTypes, req, res, ctx); await this.authenticator.sessionOptionalLocal(req, res, ctx); @@ -481,8 +475,6 @@ class Service extends Dingus { const _scope = _fileScope('handlerGetHealthcheck'); this.logger.debug(_scope, 'called', { req, ctx }); - Dingus.setHeadHandler(req, res, ctx); - this.setResponseType(this.responseTypes, req, res, ctx); await this.manager.getHealthcheck(res, ctx); @@ -500,8 +492,6 @@ class Service extends Dingus { initContext(ctx); - Dingus.setHeadHandler(req, res, ctx); - this.setResponseType(this.responseTypes, req, res, ctx); if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) { @@ -513,6 +503,7 @@ class Service extends Dingus { /** * FIXME: This doesn't seem to be working as envisioned. Maybe override render error method instead??? * Intercept this and redirect if we have enough information, otherwise default to framework. + * Fixing this will likely have to wait until an e2e test framework is in place. * The redirect attempt should probably be contained in a Manager method, but here it is for now. * @param {http.IncomingMessage} req * @param {http.ServerResponse} res @@ -534,7 +525,7 @@ class Service extends Dingus { return; } - super.handlerInternalServerError(req, res, ctx); + await super.handlerInternalServerError(req, res, ctx); }