CoreID/app/controllers/auth/Oauth2.controller.js
2020-05-30 20:16:10 -05:00

75 lines
2.6 KiB
JavaScript

const Oauth2Controller = require('flitter-auth/controllers/Oauth2')
/*
* Handles views, processing, and data retrieval for flitter-auth's
* built-in OAuth2 server, if it is enabled. Most handlers are inherited
* from flitter-auth/controllers/Oauth2, but you can override them here
* as you need.
*/
class Oauth2 extends Oauth2Controller {
static get services() {
return [...super.services, 'Vue', 'configs', 'models']
}
async authorize_post(req, res, next) {
const client = await this._get_authorize_client({query: req.body})
if ( !client ) return this._uniform(res, req.T('unable_to_authorize'))
const StarshipClient = this.models.get('oauth:Client')
const starship_client = await StarshipClient.findOne({ active: true, uuid: client.clientID })
req.user.authorize(starship_client)
await req.user.save()
return super.authorize_post(req, res, next)
}
async authorize_get(req, res, next) {
const client = await this._get_authorize_client(req)
if ( !client ) return this._uniform(res, req.T('unable_to_authorize'))
const uri = new URL(req.query.redirect_uri)
const StarshipClient = this.models.get('oauth:Client')
const starship_client = await StarshipClient.findOne({ active: true, uuid: client.clientID })
if ( req.user.has_authorized(starship_client) ) {
return this.Vue.invoke_action(res, {
text: 'Grant Access',
action: 'post',
params: {
redirect_uri: uri.toString(),
client_id: client.clientID,
},
})
}
return res.page('public:message', {
...this.Vue.data({
message: `<h3 class="font-weight-light">Authorize ${client.name}?</h3>
<br>
${req.T('auth.oauth_prompt').replace('CLIENT_NAME', client.name).replace('APP_NAME', this.configs.get('app.name'))}
<br><br><br>
<i><small>${req.T('auth.will_redirect')} ${uri.host}</small></i>`,
actions: [
{
text: req.T('common.deny'),
action: 'redirect',
next: '/dash',
},
{
text: req.T('common.grant'),
action: 'post',
params: {
redirect_uri: uri.toString(),
client_id: client.clientID,
},
},
],
})
})
}
}
module.exports = exports = Oauth2