Starship/CoreID
1
0
Fork 0
Code Issues 8 Pull Requests Releases 34 Wiki Activity

Settings resource; oauth2 app authorization model; UI cleanup

Browse Source
This commit is contained in:
garrettmills
2020-05-17 21:13:38 -05:00
parent d558f21375
commit 2b2e7d2ebe
19 changed files with 393 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
app/controllers/api/v1/Settings.controller.js Normal file
View File

@@ -0,0 +1,47 @@
const { Controller } = require('libflitter')
class SettingsController extends Controller {
static get services() {
return [...super.services, 'models']
}
async get_settings(req, res, next) {
const Setting = this.models.get('Setting')
const settings = await Setting.find()
const data = []
for ( const setting of settings ) {
data.push(await setting.to_api())
}
return res.api(data)
}
async get_setting(req, res, next) {
const Setting = this.models.get('Setting')
const setting = await Setting.findOne({ key: req.params.key })
if ( !setting )
return res.status(404)
.message('No setting exists with that key.')
.api()
return res.api(await setting.to_api())
}
async update_setting(req, res, next) {
const Setting = this.models.get('Setting')
const setting = await Setting.findOne({ key: req.params.key })
if ( !setting )
return res.status(404)
.message('No setting exists with that key.')
.api()
setting.set(req.body.value)
await setting.save()
return res.api()
}
}
module.exports = exports = SettingsController

61
app/controllers/auth/Oauth2.controller.js
View File

@@ -7,6 +7,67 @@ const Oauth2Controller = require('flitter-auth/controllers/Oauth2')
* as you need.
*/
class Oauth2 extends Oauth2Controller {
static get services() {
return [...super.services, 'Vue', 'configs', 'models']
}
async authorize_post(req, res, next) {
const client = await this._get_authorize_client({query: req.body})
if ( !client ) return this._uniform(res, 'Unable to authorize client application. The application config is invalid. Please check the client ID and redirect URI and try again.')
const StarshipClient = this.models.get('oauth:Client')
const starship_client = await StarshipClient.findOne({ active: true, uuid: client.clientID })
req.user.authorize(starship_client)
await req.user.save()
return super.authorize_post(req, res, next)
}
async authorize_get(req, res, next) {
const client = await this._get_authorize_client(req)
if ( !client ) return this._uniform(res, 'Unable to authorize client application. The application config is invalid. Please check the client ID and redirect URI and try again.')
const uri = new URL(req.query.redirect_uri)
const StarshipClient = this.models.get('oauth:Client')
const starship_client = await StarshipClient.findOne({ active: true, uuid: client.clientID })
if ( req.user.has_authorized(starship_client) ) {
return this.Vue.invoke_action(res, {
text: 'Grant Access',
action: 'post',
params: {
redirect_uri: uri.toString(),
client_id: client.clientID,
},
})
}
return res.page('public:message', {
...this.Vue.data({
message: `<h3 class="font-weight-light">Authorize ${client.name}?</h3>
<br>
${client.name} is requesting access to your ${this.configs.get('app.name')} account. Once you grant it, you may not be prompted for permission again.
<br><br><br>
<i><small>You will be redirected to: ${uri.host}</small></i>`,
actions: [
{
text: 'Deny',
action: 'redirect',
next: '/dash',
},
{
text: 'Grant Access',
action: 'post',
params: {
redirect_uri: uri.toString(),
client_id: client.clientID,
},
},
],
})
})
}
}