const { Dingus } = require('@squeep/api-dingus');
const common = require('./common');
const Manager = require('./manager');
-const { Authenticator, SessionManager } = require('@squeep/authentication-module');
-const { ResourceAuthenticator } = require('@squeep/resource-authentication-module');
-const { TemplateHelper: { initContext } } = require('@squeep/html-template-helper');
+const { Authenticator, ResourceAuthenticator, SessionManager } = require('@squeep/authentication-module');
+const { initContext, navLinks } = require('./template/template-helper');
const Enum = require('./enum');
+const { ResponseError } = require('./errors');
const _fileScope = common.fileScope(__filename);
+/**
+ * @typedef {import('node:http')} http
+ */
+
class Service extends Dingus {
constructor(logger, db, options, asyncLocalStorage) {
super(logger, {
...options.dingus,
ignoreTrailingSlash: false,
});
+ this.options = options;
this.asyncLocalStorage = asyncLocalStorage;
this.staticPath = path.normalize(path.join(__dirname, '..', 'static'));
this.manager = new Manager(logger, db, options);
// Information page about service
this.on(['GET'], '/', this.handlerGetRoot.bind(this));
+ // Temmporary to see what rando payload someone is sending us unsolicited
+ this.on(['POST'], '/', this.handlerWhaGwan.bind(this));
+
// Give load-balancers something to check
this.on(['GET'], route('healthcheck'), this.handlerGetHealthcheck.bind(this));
this.on(['GET'], '/admin/login', this.handlerGetAdminLogin.bind(this));
this.on(['POST'], '/admin/login', this.handlerPostAdminLogin.bind(this));
this.on(['GET'], '/admin/logout', this.handlerGetAdminLogout.bind(this));
+ this.on(['GET'], '/admin/settings', this.handlerGetAdminSettings.bind(this));
+ this.on(['POST'], '/admin/settings', this.handlerPostAdminSettings.bind(this));
// Page for upkeep info et cetera
this.on(['GET'], '/admin/maintenance', this.handlerGetAdminMaintenance.bind(this));
/**
* Do a little more on each request.
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async preHandler(req, res, ctx) {
+ const _scope = _fileScope('preHandler');
+
await super.preHandler(req, res, ctx);
ctx.url = req.url; // Persist this for logout redirect
const logObject = this.asyncLocalStorage.getStore();
- logObject.requestId = ctx.requestId;
- delete ctx.requestId;
+ // istanbul ignore else
+ if (logObject) { // Debugging in vscode seems to kill ALS, work around
+ logObject.requestId = ctx.requestId;
+ delete ctx.requestId;
+ } else {
+ this.logger.debug(_scope, 'no async local store');
+ }
}
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdminLogin(req, res, ctx) {
const _scope = _fileScope('handlerGetAdminLogin');
await this.authenticator.sessionOptionalLocal(req, res, ctx);
- await this.sessionManager.getAdminLogin(res, ctx);
+ await this.sessionManager.getAdminLogin(res, ctx, navLinks);
}
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostAdminLogin(req, res, ctx) {
const _scope = _fileScope('handlerPostAdminLogin');
await this.ingestBody(req, res, ctx);
- await this.sessionManager.postAdminLogin(res, ctx);
+ await this.sessionManager.postAdminLogin(res, ctx, navLinks);
}
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
+ */
+ async handlerGetAdminSettings(req, res, ctx) {
+ const _scope = _fileScope('handlerGetAdminSettings');
+ this.logger.debug(_scope, 'called', { req, ctx });
+
+ initContext(ctx);
+
+ this.setResponseType(this.responseTypes, req, res, ctx);
+
+ if (await this.authenticator.sessionRequiredLocal(req, res, ctx)) {
+ await this.sessionManager.getAdminSettings(res, ctx, navLinks);
+ }
+ }
+
+
+ /**
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
+ */
+ async handlerPostAdminSettings(req, res, ctx) {
+ const _scope = _fileScope('handlerPostAdminSettings');
+ this.logger.debug(_scope, 'called', { req, ctx });
+
+ initContext(ctx);
+
+ this.setResponseType(this.responseTypes, req, res, ctx);
+
+ if (await this.authenticator.sessionRequiredLocal(req, res, ctx)) {
+ await this.ingestBody(req, res, ctx);
+ await this.sessionManager.postAdminSettings(res, ctx, navLinks);
+ }
+ }
+
+
+ /**
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdminLogout(req, res, ctx) {
const _scope = _fileScope('handlerGetAdminLogout');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdmin(req, res, ctx) {
const _scope = _fileScope('handlerGetAdmin');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostAdmin(req, res, ctx) {
const _scope = _fileScope('handlerPostAdmin');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdminTicket(req, res, ctx) {
const _scope = _fileScope('handlerGetAdminTicket');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostAdminTicket(req, res, ctx) {
const _scope = _fileScope('handlerPostAdminTicket');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetMeta(req, res, ctx) {
const _scope = _fileScope('handlerGetMeta');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAuthorization(req, res, ctx) {
const _scope = _fileScope('handlerGetAuthorization');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostAuthorization(req, res, ctx) {
const _scope = _fileScope('handlerPostAuthorization');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostConsent(req, res, ctx) {
const _scope = _fileScope('handlerPostConsent');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostTicket(req, res, ctx) {
const _scope = _fileScope('handlerPostTicket');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostToken(req, res, ctx) {
const _scope = _fileScope('handlerPostToken');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostRevocation(req, res, ctx) {
const _scope = _fileScope('handlerPostRevocation');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostIntrospection(req, res, ctx) {
const _scope = _fileScope('handlerPostIntrospection');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerPostUserInfo(req, res, ctx) {
const _scope = _fileScope('handlerPostUserInfo');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetRoot(req, res, ctx) {
const _scope = _fileScope('handlerGetRoot');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * Temporary to see what an unsolicited payload contains.
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
+ */
+ async handlerWhaGwan(req, res, ctx) {
+ this.setResponseType(this.responseTypes, req, res, ctx);
+ await this.ingestBody(req, res, ctx);
+ throw new ResponseError(Enum.ErrorResponse.MethodNotAllowed);
+ }
+
+ /**
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetHealthcheck(req, res, ctx) {
const _scope = _fileScope('handlerGetHealthcheck');
/**
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerGetAdminMaintenance(req, res, ctx) {
const _scope = _fileScope('handlerGetAdminMaintenance');
* Intercept this and redirect if we have enough information, otherwise default to framework.
* Fixing this will likely have to wait until an e2e test framework is in place.
* The redirect attempt should probably be contained in a Manager method, but here it is for now.
- * @param {http.IncomingMessage} req
- * @param {http.ServerResponse} res
- * @param {Object} ctx
+ * @param {http.IncomingMessage} req request
+ * @param {http.ServerResponse} res response
+ * @param {object} ctx context
*/
async handlerInternalServerError(req, res, ctx) {
const _scope = _fileScope('handlerInternalServerError');