X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=src%2Fservice.js;h=e76959978eddab7a554dbe80eb4d31ffa9c10d8a;hb=HEAD;hp=a0043f7d24caa49a71c85341dc4fadca6ea563d2;hpb=3b791da2fe22568f567d4796895f223cdf212b9a;p=websub-hub diff --git a/src/service.js b/src/service.js index a0043f7..e769599 100644 --- a/src/service.js +++ b/src/service.js @@ -9,8 +9,7 @@ const { Dingus } = require('@squeep/api-dingus'); const common = require('./common'); const Enum = require('./enum'); const Manager = require('./manager'); -const SessionManager = require('./session-manager'); -const Authenticator = require('./authenticator'); +const { Authenticator, SessionManager } = require('@squeep/authentication-module'); const path = require('path'); const _fileScope = common.fileScope(__filename); @@ -53,6 +52,7 @@ class Service extends Dingus { this.on(['GET', 'HEAD'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`); this.on(['GET', 'HEAD'], '/admin/', this.handlerGetAdminOverview.bind(this)); this.on(['GET', 'HEAD'], '/admin/topic/:topicId', this.handlerGetAdminTopicDetails.bind(this)); + this.on(['GET', 'HEAD'], '/admin/topic/:topicId/history.svg', this.handlerGetHistorySVG.bind(this)); // Private data-editing endpoints this.on(['PATCH', 'DELETE'], '/admin/topic/:topicId', this.handlerUpdateTopic.bind(this)); @@ -77,7 +77,7 @@ class Service extends Dingus { */ async handlerPostRoot(req, res, ctx) { const _scope = _fileScope('handlerPostRoot'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); this.setResponseType(this.responseTypes, req, res, ctx); await this.ingestBody(req, res, ctx); @@ -96,12 +96,14 @@ class Service extends Dingus { const responseTypes = [ Enum.ContentType.TextHTML, ]; - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); Dingus.setHeadHandler(req, res, ctx); this.setResponseType(responseTypes, req, res, ctx); + await this.authenticator.sessionOptional(req, res, ctx, this.loginPath); + await this.manager.getRoot(req, res, ctx); } @@ -113,7 +115,7 @@ class Service extends Dingus { */ async handlerGetHealthcheck(req, res, ctx) { const _scope = _fileScope('handlerGetHealthcheck'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); Dingus.setHeadHandler(req, res, ctx); @@ -130,7 +132,7 @@ class Service extends Dingus { */ async handlerGetInfo(req, res, ctx) { const _scope = _fileScope('handlerGetInfo'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); const responseTypes = [...this.responseTypes, Enum.ContentType.ImageSVG]; @@ -142,6 +144,20 @@ class Service extends Dingus { } + async handlerGetHistorySVG(req, res, ctx) { + const _scope = _fileScope('handlerGetHist'); + this.logger.debug(_scope, 'called', { req, ctx }); + + const responseTypes = [Enum.ContentType.ImageSVG]; + + Dingus.setHeadHandler(req, res, ctx); + + this.setResponseType(responseTypes, req, res, ctx); + + await this.manager.getHistorySVG(res, ctx); + } + + /** * @param {http.ClientRequest} req * @param {http.ServerResponse} res @@ -149,15 +165,15 @@ class Service extends Dingus { */ async handlerGetAdminOverview(req, res, ctx) { const _scope = _fileScope('handlerGetAdminOverview'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); Dingus.setHeadHandler(req, res, ctx); this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.required(req, res, ctx, this.loginPath); - - await this.manager.getAdminOverview(res, ctx); + if (await this.authenticator.sessionRequired(req, res, ctx, this.loginPath)) { + await this.manager.getAdminOverview(res, ctx); + } } @@ -168,33 +184,28 @@ class Service extends Dingus { */ async handlerGetAdminTopicDetails(req, res, ctx) { const _scope = _fileScope('handlerGetAdminTopicDetails'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); Dingus.setHeadHandler(req, res, ctx); this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.required(req, res, ctx, this.loginPath); - - await this.manager.getTopicDetails(res, ctx); + if (await this.authenticator.sessionRequired(req, res, ctx, this.loginPath)) { + await this.manager.getTopicDetails(res, ctx); + } } /** - * Similar to super.ingestBody, but if no body was sent, do not parse (and - * thus avoid possible unsupported media type error). - * Also removes raw body from context, to simplify scrubbing sensitive data from logs. + * If no body was sent, do not parse (and thus avoid possible unsupported media type error). * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx */ async maybeIngestBody(req, res, ctx) { - ctx.rawBody = await this.bodyData(req); - const contentType = Dingus.getRequestContentType(req); - if (ctx.rawBody) { - this.parseBody(contentType, ctx); - delete ctx.rawBody; - } + return super.ingestBody(req, res, ctx, { + parseEmptyBody: false, + }); } @@ -205,11 +216,11 @@ class Service extends Dingus { */ async handlerUpdateTopic(req, res, ctx) { const _scope = _fileScope('handlerUpdateTopic'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.requiredLocal(req, res, ctx, this.loginPath); + await this.authenticator.apiRequiredLocal(req, res, ctx); await this.maybeIngestBody(req, res, ctx); ctx.method = req.method; @@ -224,11 +235,11 @@ class Service extends Dingus { */ async handlerUpdateSubscription(req, res, ctx) { const _scope = _fileScope('handlerUpdateSubscription'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.requiredLocal(req, res, ctx, this.loginPath); + await this.authenticator.apiRequiredLocal(req, res, ctx); await this.maybeIngestBody(req, res, ctx); ctx.method = req.method; @@ -243,24 +254,25 @@ class Service extends Dingus { */ async handlerPostAdminProcess(req, res, ctx) { const _scope = _fileScope('handlerPostAdminProcess'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.requiredLocal(req, res, ctx, this.loginPath); + await this.authenticator.apiRequiredLocal(req, res, ctx); await this.manager.processTasks(res, ctx); } /** + * Delegate login to authentication module. * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx */ async handlerGetAdminLogin(req, res, ctx) { const _scope = _fileScope('handlerGetAdminLogin'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); Dingus.setHeadHandler(req, res, ctx); @@ -271,16 +283,19 @@ class Service extends Dingus { /** + * Delegate login to authentication module. * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx */ async handlerPostAdminLogin(req, res, ctx) { const _scope = _fileScope('handlerPostAdminLogin'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); this.setResponseType(this.responseTypes, req, res, ctx); + await this.authenticator.sessionOptionalLocal(req, res, ctx); + await this.maybeIngestBody(req, res, ctx); await this.sessionManager.postAdminLogin(res, ctx); @@ -288,28 +303,32 @@ class Service extends Dingus { /** + * Delegate login to authentication module. * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx */ async handlerGetAdminLogout(req, res, ctx) { const _scope = _fileScope('handlerGetAdminLogout'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); this.setResponseType(this.responseTypes, req, res, ctx); + await this.authenticator.sessionOptionalLocal(req, res, ctx); + await this.sessionManager.getAdminLogout(res, ctx); } /** + * Delegate login to authentication module. * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx */ async handlerGetAdminIA(req, res, ctx) { const _scope = _fileScope('handlerGetAdminIA'); - this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); + this.logger.debug(_scope, 'called', { req, ctx }); this.setResponseType(this.responseTypes, req, res, ctx);