Settings resource; oauth2 app authorization model; UI cleanup

2020-05-17 21:13:38 -05:00
parent d558f21375
commit 2b2e7d2ebe
19 changed files with 393 additions and 2 deletions
--- a/app/controllers/auth/Oauth2.controller.js
+++ b/app/controllers/auth/Oauth2.controller.js
@@ -7,6 +7,67 @@ const Oauth2Controller = require('flitter-auth/controllers/Oauth2')
 * as you need.
 */
 class Oauth2 extends Oauth2Controller {
+    static get services() {
+        return [...super.services, 'Vue', 'configs', 'models']
+    }
+
+    async authorize_post(req, res, next) {
+        const client = await this._get_authorize_client({query: req.body})
+        if ( !client ) return this._uniform(res, 'Unable to authorize client application. The application config is invalid. Please check the client ID and redirect URI and try again.')
+
+        const StarshipClient = this.models.get('oauth:Client')
+        const starship_client = await StarshipClient.findOne({ active: true, uuid: client.clientID })
+
+        req.user.authorize(starship_client)
+        await req.user.save()
+        return super.authorize_post(req, res, next)
+    }
+
+    async authorize_get(req, res, next) {
+        const client = await this._get_authorize_client(req)
+        if ( !client ) return this._uniform(res, 'Unable to authorize client application. The application config is invalid. Please check the client ID and redirect URI and try again.')
+        const uri = new URL(req.query.redirect_uri)
+
+        const StarshipClient = this.models.get('oauth:Client')
+        const starship_client = await StarshipClient.findOne({ active: true, uuid: client.clientID })
+
+        if ( req.user.has_authorized(starship_client) ) {
+            return this.Vue.invoke_action(res, {
+                text: 'Grant Access',
+                action: 'post',
+                params: {
+                    redirect_uri: uri.toString(),
+                    client_id: client.clientID,
+                },
+            })
+        }
+
+        return res.page('public:message', {
+            ...this.Vue.data({
+                message: `<h3 class="font-weight-light">Authorize ${client.name}?</h3>
+<br>
+${client.name} is requesting access to your ${this.configs.get('app.name')} account. Once you grant it, you may not be prompted for permission again.
+<br><br><br>
+<i><small>You will be redirected to: ${uri.host}</small></i>`,
+
+                actions: [
+                    {
+                        text: 'Deny',
+                        action: 'redirect',
+                        next: '/dash',
+                    },
+                    {
+                        text: 'Grant Access',
+                        action: 'post',
+                        params: {
+                            redirect_uri: uri.toString(),
+                            client_id: client.clientID,
+                        },
+                    },
+                ],
+            })
+        })
+    }

 }