X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=src%2Fservice.js;h=df894011dc84f7cad424467b9e62720d4890f9d4;hb=737fbd003d5c4dfea81b667ef906f1c106a60612;hp=a0043f7d24caa49a71c85341dc4fadca6ea563d2;hpb=3b791da2fe22568f567d4796895f223cdf212b9a;p=websub-hub

diff --git a/src/service.js b/src/service.js
index a0043f7..df89401 100644
--- a/src/service.js
+++ b/src/service.js
@@ -9,8 +9,7 @@ const { Dingus } = require('@squeep/api-dingus');
 const common = require('./common');
 const Enum = require('./enum');
 const Manager = require('./manager');
-const SessionManager = require('./session-manager');
-const Authenticator = require('./authenticator');
+const { Authenticator, SessionManager } = require('@squeep/authentication-module');
 const path = require('path');
 
 const _fileScope = common.fileScope(__filename);
@@ -53,6 +52,7 @@ class Service extends Dingus {
     this.on(['GET', 'HEAD'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`);
     this.on(['GET', 'HEAD'], '/admin/', this.handlerGetAdminOverview.bind(this));
     this.on(['GET', 'HEAD'], '/admin/topic/:topicId', this.handlerGetAdminTopicDetails.bind(this));
+    this.on(['GET', 'HEAD'], '/admin/topic/:topicId/history.svg', this.handlerGetHistorySVG.bind(this));
 
     // Private data-editing endpoints
     this.on(['PATCH', 'DELETE'], '/admin/topic/:topicId', this.handlerUpdateTopic.bind(this));
@@ -69,6 +69,24 @@ class Service extends Dingus {
 
   }
 
+  /**
+   * Wrap the Dingus head handler, to remove the response body from the context,
+   * lest it be logged.
+   * @param {http.ClientRequest} req
+   * @param {http.ServerResponse} res
+   * @param {object} ctx
+   */
+  static setHeadHandler(req, res, ctx) {
+    if (req.method === 'HEAD') {
+      Dingus.setHeadHandler(req, res, ctx);
+      const origEnd = res.end.bind(res);
+      res.end = function (data, encoding, ...rest) {
+        const origResult = origEnd(data, encoding, ...rest);
+        delete ctx.responseBody;
+        return origResult;
+      };
+    }
+  }
 
   /**
    * @param {http.ClientRequest} req
@@ -98,10 +116,12 @@ class Service extends Dingus {
     ];
     this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx });
 
-    Dingus.setHeadHandler(req, res, ctx);
+    Service.setHeadHandler(req, res, ctx);
 
     this.setResponseType(responseTypes, req, res, ctx);
 
+    await this.authenticator.sessionOptional(req, res, ctx, this.loginPath);
+
     await this.manager.getRoot(req, res, ctx);
   }
 
@@ -115,7 +135,7 @@ class Service extends Dingus {
     const _scope = _fileScope('handlerGetHealthcheck');
     this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx });
   
-    Dingus.setHeadHandler(req, res, ctx);
+    Service.setHeadHandler(req, res, ctx);
 
     this.setResponseType(this.responseTypes, req, res, ctx);
 
@@ -134,7 +154,7 @@ class Service extends Dingus {
 
     const responseTypes = [...this.responseTypes, Enum.ContentType.ImageSVG];
 
-    Dingus.setHeadHandler(req, res, ctx);
+    Service.setHeadHandler(req, res, ctx);
 
     this.setResponseType(responseTypes, req, res, ctx);
 
@@ -142,6 +162,20 @@ class Service extends Dingus {
   }
 
 
+  async handlerGetHistorySVG(req, res, ctx) {
+    const _scope = _fileScope('handlerGetHist');
+    this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx });
+
+    const responseTypes = [Enum.ContentType.ImageSVG];
+
+    Service.setHeadHandler(req, res, ctx);
+
+    this.setResponseType(responseTypes, req, res, ctx);
+
+    await this.manager.getHistorySVG(res, ctx);
+  }
+
+
   /**
    * @param {http.ClientRequest} req
    * @param {http.ServerResponse} res
@@ -151,11 +185,11 @@ class Service extends Dingus {
     const _scope = _fileScope('handlerGetAdminOverview');
     this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx });
 
-    Dingus.setHeadHandler(req, res, ctx);
+    Service.setHeadHandler(req, res, ctx);
 
     this.setResponseType(this.responseTypes, req, res, ctx);
 
-    await this.authenticator.required(req, res, ctx, this.loginPath);
+    await this.authenticator.sessionRequired(req, res, ctx, this.loginPath);
 
     await this.manager.getAdminOverview(res, ctx);
   }
@@ -170,11 +204,11 @@ class Service extends Dingus {
     const _scope = _fileScope('handlerGetAdminTopicDetails');
     this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx });
 
-    Dingus.setHeadHandler(req, res, ctx);
+    Service.setHeadHandler(req, res, ctx);
 
     this.setResponseType(this.responseTypes, req, res, ctx);
 
-    await this.authenticator.required(req, res, ctx, this.loginPath);
+    await this.authenticator.sessionRequired(req, res, ctx, this.loginPath);
 
     await this.manager.getTopicDetails(res, ctx);
   }
@@ -209,7 +243,7 @@ class Service extends Dingus {
 
     this.setResponseType(this.responseTypes, req, res, ctx);
 
-    await this.authenticator.requiredLocal(req, res, ctx, this.loginPath);
+    await this.authenticator.apiRequiredLocal(req, res, ctx);
 
     await this.maybeIngestBody(req, res, ctx);
     ctx.method = req.method;
@@ -228,7 +262,7 @@ class Service extends Dingus {
 
     this.setResponseType(this.responseTypes, req, res, ctx);
 
-    await this.authenticator.requiredLocal(req, res, ctx, this.loginPath);
+    await this.authenticator.apiRequiredLocal(req, res, ctx);
 
     await this.maybeIngestBody(req, res, ctx);
     ctx.method = req.method;
@@ -247,13 +281,14 @@ class Service extends Dingus {
 
     this.setResponseType(this.responseTypes, req, res, ctx);
 
-    await this.authenticator.requiredLocal(req, res, ctx, this.loginPath);
+    await this.authenticator.apiRequiredLocal(req, res, ctx);
 
     await this.manager.processTasks(res, ctx);
   }
 
 
   /**
+   * Delegate login to authentication module.
    * @param {http.ClientRequest} req
    * @param {http.ServerResponse} res
    * @param {Object} ctx
@@ -262,7 +297,7 @@ class Service extends Dingus {
     const _scope = _fileScope('handlerGetAdminLogin');
     this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx });
 
-    Dingus.setHeadHandler(req, res, ctx);
+    Service.setHeadHandler(req, res, ctx);
 
     this.setResponseType(this.responseTypes, req, res, ctx);
 
@@ -271,6 +306,7 @@ class Service extends Dingus {
 
 
   /**
+   * Delegate login to authentication module.
    * @param {http.ClientRequest} req
    * @param {http.ServerResponse} res
    * @param {Object} ctx
@@ -281,6 +317,8 @@ class Service extends Dingus {
 
     this.setResponseType(this.responseTypes, req, res, ctx);
 
+    await this.authenticator.sessionOptionalLocal(req, res, ctx);
+
     await this.maybeIngestBody(req, res, ctx);
 
     await this.sessionManager.postAdminLogin(res, ctx);
@@ -288,6 +326,7 @@ class Service extends Dingus {
 
 
   /**
+   * Delegate login to authentication module.
    * @param {http.ClientRequest} req
    * @param {http.ServerResponse} res
    * @param {Object} ctx
@@ -298,11 +337,14 @@ class Service extends Dingus {
 
     this.setResponseType(this.responseTypes, req, res, ctx);
 
+    await this.authenticator.sessionOptionalLocal(req, res, ctx);
+
     await this.sessionManager.getAdminLogout(res, ctx);
   }
 
 
   /**
+   * Delegate login to authentication module.
    * @param {http.ClientRequest} req
    * @param {http.ServerResponse} res
    * @param {Object} ctx