SAML; Dashboard

2020-05-03 20:16:54 -05:00
parent e3ecfb0d37
commit c389e151b5
1778 changed files with 148410 additions and 82 deletions
--- a/app/routing/routers/api/v1/auth.routes.js
+++ b/app/routing/routers/api/v1/auth.routes.js
@@ -6,7 +6,7 @@ const auth_routes = {
    ],

    get: {
-
+        '/mfa/enable/date': ['middleware::auth:UserOnly', 'controller::api:v1:Auth.get_mfa_enable_date'],
    },

    post: {
@@ -14,7 +14,16 @@ const auth_routes = {
        '/attempt': [ 'controller::api:v1:Auth.attempt' ],
        '/mfa/generate': ['middleware::auth:UserOnly', 'controller::api:v1:Auth.generate_mfa_key'],
        '/mfa/attempt': ['middleware::auth:DMZOnly', 'controller::api:v1:Auth.attempt_mfa'],
-        '/mfa/enable': ['middleware::auth:UserOnly', 'controller::api:v1:Auth.enable_mfa'],
+        '/mfa/enable': [
+            'middleware::auth:UserOnly',
+            ['middleware::auth:RequireTrust', { scope: 'mfa.enable', deplete: true }],
+            'controller::api:v1:Auth.enable_mfa'
+        ],
+        '/mfa/disable': [
+            'middleware::auth:UserOnly',
+            ['middleware::auth:RequireTrust', { scope: 'mfa.disable', deplete: true }],
+            'controller::api:v1:Auth.disable_mfa',
+        ],
    },
 }

--- a/app/routing/routers/api/v1/message.routes.js
+++ b/app/routing/routers/api/v1/message.routes.js
@@ -0,0 +1,17 @@
+const message_routes = {
+    prefix: '/api/v1/message',
+
+    middleware: [
+        'auth:UserOnly',
+    ],
+
+    get: {
+        '/banners': ['controller::api:v1:Message.get_banners'],
+    },
+
+    post: {
+        '/banners/read/:banner_id': ['controller::api:v1:Message.read_banner'],
+    },
+}
+
+module.exports = exports = message_routes
--- a/app/routing/routers/api/v1/password.routes.js
+++ b/app/routing/routers/api/v1/password.routes.js
@@ -0,0 +1,26 @@
+const password_routes = {
+    prefix: '/api/v1/password',
+
+    middleware: [
+        'auth:UserOnly',
+    ],
+
+    get: {
+        '/resets': ['controller::api:v1:Password.get_resets'],
+        '/app_passwords': ['controller::api:v1:Password.get_app_passwords'],
+    },
+
+    post: {
+        '/app_passwords': ['controller::api:v1:Password.create_app_password'],
+        '/resets': [
+            ['middleware::auth:RequireTrust', { scope: 'password.reset' }],
+            'controller::api:v1:Password.reset_password',
+        ],
+    },
+
+    delete: {
+        '/app_passwords/:uuid': ['controller::api:v1:Password.delete_app_password'],
+    }
+}
+
+module.exports = exports = password_routes
--- a/app/routing/routers/api/v1/profile.routes.js
+++ b/app/routing/routers/api/v1/profile.routes.js
@@ -0,0 +1,21 @@
+const profile_routes = {
+    prefix: '/api/v1/profile',
+
+    middleware: [
+        'auth:UserOnly',
+    ],
+
+    get: {
+        '/:user_id': [ // user_id | 'me'
+            'controller::api:v1:Profile.fetch',
+        ],
+    },
+
+    patch: {
+        '/:user_id': [ // user_id | 'me'
+            'controller::api:v1:Profile.update',
+        ],
+    },
+}
+
+module.exports = exports = profile_routes