2020-04-22 14:19:25 +00:00
|
|
|
const auth_routes = {
|
|
|
|
prefix: '/api/v1/auth',
|
|
|
|
|
|
|
|
middleware: [
|
|
|
|
|
|
|
|
],
|
|
|
|
|
|
|
|
get: {
|
2020-05-04 01:16:54 +00:00
|
|
|
'/mfa/enable/date': ['middleware::auth:UserOnly', 'controller::api:v1:Auth.get_mfa_enable_date'],
|
2020-05-12 01:26:09 +00:00
|
|
|
|
|
|
|
'/roles': [
|
2020-05-17 04:55:08 +00:00
|
|
|
'middleware::auth:APIRoute',
|
2020-05-12 01:26:09 +00:00
|
|
|
['middleware::api:Permission', { check: 'v1:auth:roles:list' }],
|
|
|
|
'controller::api:v1:Auth.get_roles',
|
|
|
|
],
|
|
|
|
'/users': [
|
2020-05-17 04:55:08 +00:00
|
|
|
'middleware::auth:APIRoute',
|
2020-05-12 01:26:09 +00:00
|
|
|
['middleware::api:Permission', { check: 'v1:auth:users:list' }],
|
|
|
|
'controller::api:v1:Auth.get_users',
|
|
|
|
],
|
2020-05-17 04:55:08 +00:00
|
|
|
'/groups': [
|
|
|
|
'middleware::auth:APIRoute',
|
|
|
|
['middleware::api:Permission', { check: 'v1:auth:groups:list' }],
|
|
|
|
'controller::api:v1:Auth.get_groups',
|
|
|
|
],
|
|
|
|
'/users/:id': [
|
|
|
|
'middleware::auth:APIRoute',
|
|
|
|
['middleware::api:Permission', { check: 'v1:auth:users:get' }],
|
|
|
|
'controller::api:v1:Auth.get_user',
|
|
|
|
],
|
|
|
|
'/groups/:id': [
|
|
|
|
'middleware::auth:APIRoute',
|
|
|
|
['middleware::api:Permission', { check: 'v1:auth:groups:get' }],
|
|
|
|
'controller::api:v1:Auth.get_group',
|
|
|
|
],
|
2020-04-22 14:19:25 +00:00
|
|
|
},
|
|
|
|
|
|
|
|
post: {
|
2020-05-17 04:55:08 +00:00
|
|
|
'/validate/username': [
|
|
|
|
'controller::api:v1:Auth.validate_username'
|
|
|
|
],
|
|
|
|
|
2020-05-20 14:56:03 +00:00
|
|
|
'/validate/user_exists': [
|
|
|
|
'controller::api:v1:Auth.user_exists',
|
|
|
|
],
|
|
|
|
|
|
|
|
'/validate/email': [
|
|
|
|
'controller::api:v1:Auth.validate_email',
|
|
|
|
],
|
|
|
|
|
2020-05-17 04:55:08 +00:00
|
|
|
'/attempt': [
|
|
|
|
'controller::api:v1:Auth.attempt'
|
|
|
|
],
|
|
|
|
|
|
|
|
'/mfa/generate': [
|
|
|
|
'middleware::auth:UserOnly',
|
|
|
|
'controller::api:v1:Auth.generate_mfa_key'
|
|
|
|
],
|
|
|
|
|
|
|
|
'/mfa/attempt': [
|
|
|
|
'middleware::auth:DMZOnly',
|
|
|
|
'controller::api:v1:Auth.attempt_mfa'
|
|
|
|
],
|
|
|
|
|
2020-05-04 01:16:54 +00:00
|
|
|
'/mfa/enable': [
|
|
|
|
'middleware::auth:UserOnly',
|
|
|
|
['middleware::auth:RequireTrust', { scope: 'mfa.enable', deplete: true }],
|
|
|
|
'controller::api:v1:Auth.enable_mfa'
|
|
|
|
],
|
2020-05-17 04:55:08 +00:00
|
|
|
|
2020-05-04 01:16:54 +00:00
|
|
|
'/mfa/disable': [
|
|
|
|
'middleware::auth:UserOnly',
|
|
|
|
['middleware::auth:RequireTrust', { scope: 'mfa.disable', deplete: true }],
|
|
|
|
'controller::api:v1:Auth.disable_mfa',
|
|
|
|
],
|
2020-05-17 04:55:08 +00:00
|
|
|
|
|
|
|
'/groups': [
|
|
|
|
'middleware::auth:APIRoute',
|
|
|
|
['middleware::api:Permission', { check: 'v1:auth:groups:create' }],
|
|
|
|
'controller::api:v1:Auth.create_group',
|
|
|
|
],
|
|
|
|
|
|
|
|
'/users': [
|
|
|
|
'middleware::auth:APIRoute',
|
|
|
|
['middleware::api:Permission', { check: 'v1:auth:users:create' }],
|
|
|
|
'controller::api:v1:Auth.create_user',
|
|
|
|
],
|
2020-05-20 14:56:03 +00:00
|
|
|
|
|
|
|
'/registration': [
|
|
|
|
['middleware::util:Setting', { key: 'auth.allow_registration' }],
|
|
|
|
'middleware::auth:GuestOnly',
|
|
|
|
'controller::api:v1:Auth.registration',
|
|
|
|
],
|
2020-05-17 04:55:08 +00:00
|
|
|
},
|
|
|
|
|
|
|
|
patch: {
|
|
|
|
'/groups/:id': [
|
|
|
|
'middleware::auth:APIRoute',
|
|
|
|
['middleware::api:Permission', { check: 'v1:auth:groups:update' }],
|
|
|
|
'controller::api:v1:Auth.update_group',
|
|
|
|
],
|
|
|
|
'/users/:id': [
|
|
|
|
'middleware::auth:APIRoute',
|
|
|
|
['middleware::api:Permission', { check: 'v1:auth:users:update' }],
|
|
|
|
'controller::api:v1:Auth.update_user',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
|
|
|
|
delete: {
|
|
|
|
'/groups/:id': [
|
|
|
|
'middleware::auth:APIRoute',
|
|
|
|
['middleware::api:Permission', { check: 'v1:auth:groups:delete' }],
|
|
|
|
'controller::api:v1:Auth.delete_group',
|
|
|
|
],
|
|
|
|
'/users/:id': [
|
|
|
|
'middleware::auth:APIRoute',
|
|
|
|
['middleware::api:Permission', { check: 'v1:auth:users:delete' }],
|
|
|
|
'controller::api:v1:Auth.delete_user',
|
|
|
|
],
|
2020-04-22 14:19:25 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
module.exports = exports = auth_routes
|