const Manager = require('./manager');
const { Authenticator, SessionManager } = require('@squeep/authentication-module');
const { ResourceAuthenticator } = require('@squeep/resource-authentication-module');
-const { TemplateHelper: { initContext } } = require('@squeep/html-template-helper');
+const { initContext, navLinks } = require('./template/template-helper');
const Enum = require('./enum');
+const { ResponseError } = require('./errors');
const _fileScope = common.fileScope(__filename);
class Service extends Dingus {
- constructor(logger, db, options) {
+ constructor(logger, db, options, asyncLocalStorage) {
super(logger, {
...options.dingus,
ignoreTrailingSlash: false,
});
-
+ this.options = options;
+ this.asyncLocalStorage = asyncLocalStorage;
this.staticPath = path.normalize(path.join(__dirname, '..', 'static'));
this.manager = new Manager(logger, db, options);
this.authenticator = new Authenticator(logger, db, options);
const route = (r) => `/${options.route[r]}`; // eslint-disable-line security/detect-object-injection
// Service discovery
- this.on(['GET', 'HEAD'], route('metadata'), this.handlerGetMeta.bind(this));
+ this.on(['GET'], route('metadata'), this.handlerGetMeta.bind(this));
// Also respond with metadata on well-known oauth2 endpoint if base has no prefix
if ((options?.dingus?.selfBaseUrl?.match(/\//g) || []).length === 3) {
- this.on(['GET', 'HEAD'], '/.well-known/oauth-authorization-server', this.handlerGetMeta.bind(this));
+ this.on(['GET'], '/.well-known/oauth-authorization-server', this.handlerGetMeta.bind(this));
}
// Primary endpoints
this.on('POST', route('userinfo'), this.handlerPostUserInfo.bind(this));
// Information page about service
- this.on(['GET', 'HEAD'], '/', this.handlerGetRoot.bind(this));
+ this.on(['GET'], '/', this.handlerGetRoot.bind(this));
+
+ // Temmporary to see what rando payload someone is sending us unsolicited
+ this.on(['POST'], '/', this.handlerWhaGwan.bind(this));
// Give load-balancers something to check
- this.on(['GET', 'HEAD'], route('healthcheck'), this.handlerGetHealthcheck.bind(this));
+ this.on(['GET'], route('healthcheck'), this.handlerGetHealthcheck.bind(this));
// These routes are intended for accessing static content during development.
// In production, a proxy server would likely handle these first.
- this.on(['GET', 'HEAD'], '/static', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/static/`);
- this.on(['GET', 'HEAD'], '/static/', this.handlerGetStaticFile.bind(this), 'index.html');
- this.on(['GET', 'HEAD'], '/static/:file', this.handlerGetStaticFile.bind(this));
- this.on(['GET', 'HEAD'], '/favicon.ico', this.handlerGetStaticFile.bind(this), 'favicon.ico');
- this.on(['GET', 'HEAD'], '/robots.txt', this.handlerGetStaticFile.bind(this), 'robots.txt');
+ this.on(['GET'], '/static', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/static/`);
+ this.on(['GET'], '/static/', this.handlerGetStaticFile.bind(this), 'index.html');
+ this.on(['GET'], '/static/:file', this.handlerGetStaticFile.bind(this));
+ this.on(['GET'], '/favicon.ico', this.handlerGetStaticFile.bind(this), 'favicon.ico');
+ this.on(['GET'], '/robots.txt', this.handlerGetStaticFile.bind(this), 'robots.txt');
// Profile and token management for authenticated sessions
- this.on(['GET', 'HEAD'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`);
- this.on(['GET', 'HEAD'], '/admin/', this.handlerGetAdmin.bind(this));
+ this.on(['GET'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`);
+ this.on(['GET'], '/admin/', this.handlerGetAdmin.bind(this));
this.on(['POST'], '/admin/', this.handlerPostAdmin.bind(this));
// Ticket-proffering interface for authenticated sessions
- this.on(['GET', 'HEAD'], '/admin/ticket', this.handlerGetAdminTicket.bind(this));
+ this.on(['GET'], '/admin/ticket', this.handlerGetAdminTicket.bind(this));
this.on(['POST'], '/admin/ticket', this.handlerPostAdminTicket.bind(this));
// User authentication and session establishment
- this.on(['GET', 'HEAD'], '/admin/login', this.handlerGetAdminLogin.bind(this));
+ this.on(['GET'], '/admin/login', this.handlerGetAdminLogin.bind(this));
this.on(['POST'], '/admin/login', this.handlerPostAdminLogin.bind(this));
this.on(['GET'], '/admin/logout', this.handlerGetAdminLogout.bind(this));
+ this.on(['GET'], '/admin/settings', this.handlerGetAdminSettings.bind(this));
+ this.on(['POST'], '/admin/settings', this.handlerPostAdminSettings.bind(this));
// Page for upkeep info et cetera
- this.on(['GET', 'HEAD'], '/admin/maintenance', this.handlerGetAdminMaintenance.bind(this));
+ this.on(['GET'], '/admin/maintenance', this.handlerGetAdminMaintenance.bind(this));
}
* @param {Object} ctx
*/
async preHandler(req, res, ctx) {
+ const _scope = _fileScope('preHandler');
+
await super.preHandler(req, res, ctx);
ctx.url = req.url; // Persist this for logout redirect
+
+ const logObject = this.asyncLocalStorage.getStore();
+ // istanbul ignore else
+ if (logObject) { // Debugging in vscode seems to kill ALS, work around
+ logObject.requestId = ctx.requestId;
+ delete ctx.requestId;
+ } else {
+ this.logger.debug(_scope, 'no async local store');
+ }
}
const _scope = _fileScope('handlerGetAdminLogin');
this.logger.debug(_scope, 'called', { req, ctx });
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
- await this.sessionManager.getAdminLogin(res, ctx);
+ await this.authenticator.sessionOptionalLocal(req, res, ctx);
+
+ await this.sessionManager.getAdminLogin(res, ctx, navLinks);
}
await this.ingestBody(req, res, ctx);
- await this.sessionManager.postAdminLogin(res, ctx);
+ await this.sessionManager.postAdminLogin(res, ctx, navLinks);
+ }
+
+
+ /**
+ * @param {http.IncomingMessage} req
+ * @param {http.ServerResponse} res
+ * @param {Object} ctx
+ */
+ async handlerGetAdminSettings(req, res, ctx) {
+ const _scope = _fileScope('handlerGetAdminSettings');
+ this.logger.debug(_scope, 'called', { req, ctx });
+
+ initContext(ctx);
+
+ this.setResponseType(this.responseTypes, req, res, ctx);
+
+ if (await this.authenticator.sessionRequiredLocal(req, res, ctx)) {
+ await this.sessionManager.getAdminSettings(res, ctx, navLinks);
+ }
+ }
+
+
+ /**
+ * @param {http.IncomingMessage} req
+ * @param {http.ServerResponse} res
+ * @param {Object} ctx
+ */
+ async handlerPostAdminSettings(req, res, ctx) {
+ const _scope = _fileScope('handlerPostAdminSettings');
+ this.logger.debug(_scope, 'called', { req, ctx });
+
+ initContext(ctx);
+
+ this.setResponseType(this.responseTypes, req, res, ctx);
+
+ if (await this.authenticator.sessionRequiredLocal(req, res, ctx)) {
+ await this.ingestBody(req, res, ctx);
+ await this.sessionManager.postAdminSettings(res, ctx, navLinks);
+ }
}
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
Enum.ContentType.TextPlain,
];
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(responseTypes, req, res, ctx);
await this.authenticator.sessionOptionalLocal(req, res, ctx);
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(responseTypes, req, res, ctx);
await this.authenticator.sessionOptionalLocal(req, res, ctx);
}
+ /**
+ * Temporary to see what an unsolicited payload contains.
+ */
+ async handlerWhaGwan(req, res, ctx) {
+ this.setResponseType(this.responseTypes, req, res, ctx);
+ await this.ingestBody(req, res, ctx);
+ throw new ResponseError(Enum.ErrorResponse.MethodNotAllowed);
+ }
+
/**
* @param {http.IncomingMessage} req
* @param {http.ServerResponse} res
const _scope = _fileScope('handlerGetHealthcheck');
this.logger.debug(_scope, 'called', { req, ctx });
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
await this.manager.getHealthcheck(res, ctx);
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
/**
* FIXME: This doesn't seem to be working as envisioned. Maybe override render error method instead???
* Intercept this and redirect if we have enough information, otherwise default to framework.
+ * Fixing this will likely have to wait until an e2e test framework is in place.
* The redirect attempt should probably be contained in a Manager method, but here it is for now.
* @param {http.IncomingMessage} req
* @param {http.ServerResponse} res
return;
}
- super.handlerInternalServerError(req, res, ctx);
+ await super.handlerInternalServerError(req, res, ctx);
}