Big Bang

2019-06-21 17:01:34 -05:00
commit 487f0c4eeb
56 changed files with 5037 additions and 0 deletions
--- a/app/routing/middleware/HomeLogger.middleware.js
+++ b/app/routing/middleware/HomeLogger.middleware.js
@@ -0,0 +1,27 @@
+/*
+ * HomeLogger Middleware
+ * -------------------------------------------------------------
+ * This is a sample middleware. It simply prints a console message when
+ * the route that it is tied to is accessed. By default, it is called if
+ * the '/' route is accessed. It can be injected in routes globally using
+ * the global mw() function.
+ */
+class HomeLogger {
+
+    /*
+     * Run the middleware test.
+     * This method is required by all Flitter middleware.
+     * It should either call the next function in the stack,
+     * or it should handle the response accordingly.
+     */
+    test(req, res, next){
+        console.log("Home was accessed!")
+
+        /*
+         * Call the next function in the stack.
+         */
+        next()
+    }
+}
+
+module.exports = HomeLogger
--- a/app/routing/middleware/auth/Permission.middleware.js
+++ b/app/routing/middleware/auth/Permission.middleware.js
@@ -0,0 +1,49 @@
+/**
+ * @module flitter-auth/deploy/routing/middleware/RequireAuth
+ */
+
+/**
+ * This middleware is provided by Flitter-auth. It will redirect the user
+ * back to their previous location if the does not have the specified permission.
+ *
+ * @class
+ */
+class Permission {
+
+    /**
+     * Run the middleware's check. If an authenticated session exists and the user has the specified permission,
+     * let the request continue. If an authenticated session doesn't exist, write the destination to the
+     * session and redirect the user to the login page. If the permission doesn't exist, show a 401.
+     * @param {Express/Request} req - the incoming Express request
+     * @param {Express/Response} res - the corresponding Express response
+     * @param {Function} next - Express handler stack callback. This should be called if the middleware check passed to allow the request to continue.
+     * @param {string} permission - Name of the permission to require
+     */
+    async test(req, res, next, permission){
+        if ( req.session && req.session.auth && (req.session.auth.authenticated === true || req.session.auth.user) ){
+            if ( req.session.auth.user.permissions && req.session.auth.user.permissions.includes(permission) ){
+                next()
+            }
+            else if ( req.session.auth.user.role ){
+                const Role = _flitter.model('auth:Role')
+                const role = await Role.findOne({name: req.session.auth.user.role})
+
+                if ( role.permissions.includes(permission) ){
+                    next()
+                }
+                else {
+                    return _flitter.error(res, 401, {reason: 'Insufficient user permissions.'})
+                }
+            }
+            else {
+                return _flitter.error(res, 401, {reason: 'Insufficient user permissions.'})
+            }
+        }
+        else {
+            req.session.destination = req.originalUrl
+            return res.redirect('/auth/login')
+        }
+    }
+}
+
+module.exports = Permission
--- a/app/routing/middleware/auth/RequireAuth.middleware.js
+++ b/app/routing/middleware/auth/RequireAuth.middleware.js
@@ -0,0 +1,35 @@
+/**
+ * @module flitter-auth/deploy/routing/middleware/RequireAuth
+ */
+
+/**
+ * This middleware is provided by Flitter-auth. It will redirect the user
+ * back to their previous location if the does not contain a user object.
+ * 
+ * @class
+ */
+class RequireAuth {
+
+    /**
+     * Run the middleware's check. If an authenticated session exists, let the request continue.
+     * If an authenticated session doesn't exist, write the destination to the session and redirect
+     * the user to the login page.
+     * @param {Express/Request} req - the incoming Express request
+     * @param {Express/Response} res - the corresponding Express response
+     * @param {Function} next - Express handler stack callback. This should be called if the middleware check passed to allow the request to continue.
+     */
+    test(req, res, next){
+        if ( req.session && req.session.auth && (req.session.auth.authenticated === true || req.session.auth.user) ){
+            /*
+             * Call the next function in the stack.
+             */
+            next()
+        }
+        else {
+            req.session.destination = req.originalUrl
+            return res.redirect('/auth/login')
+        }
+    }
+}
+
+module.exports = RequireAuth
--- a/app/routing/middleware/auth/RequireGuest.middleware.js
+++ b/app/routing/middleware/auth/RequireGuest.middleware.js
@@ -0,0 +1,32 @@
+/**
+ * @module flitter-auth/deploy/routing/middleware/RequireGuest
+ */
+
+/**
+ * This middleware is provided by Flitter-auth. It will redirect the user
+ * back to their previous location if the session contains the user object.
+ * 
+ * @class
+ */
+class RequireGuest {
+
+    /**
+     * Run the middleware test. If an authenticated session exists, redirect the user to an error page.
+     * Otherwise, allow the request to continue.
+     * @param {Express/Request} req - the incoming Express request
+     * @param {Express/Response} res - the corresponding Express response
+     * @param {Function} next - The callback to continue the Express request handling stack. This is called if the middleware check passes.
+     */
+    test(req, res, next){
+        if ( req.session && req.session.auth && (req.session.auth.authenticated === true || req.session.auth.user) ){
+            return _flitter.view(res, 'errors/requires_guest')
+        }
+
+        /*
+         * Call the next function in the stack.
+         */
+        next()
+    }
+}
+
+module.exports = RequireGuest
--- a/app/routing/middleware/auth/Role.middleware.js
+++ b/app/routing/middleware/auth/Role.middleware.js
@@ -0,0 +1,38 @@
+/**
+ * @module flitter-auth/deploy/routing/middleware/RequireAuth
+ */
+
+/**
+ * This middleware is provided by Flitter-auth. It will redirect the user
+ * back to their previous location if the does not have the specified role.
+ *
+ * @class
+ */
+class Role {
+
+    /**
+     * Run the middleware's check. If an authenticated session exists and the user has the specified role,
+     * let the request continue. If an authenticated session doesn't exist, write the destination to the
+     * session and redirect the user to the login page. If the role doesn't exist, show a 401.
+     * @param {Express/Request} req - the incoming Express request
+     * @param {Express/Response} res - the corresponding Express response
+     * @param {Function} next - Express handler stack callback. This should be called if the middleware check passed to allow the request to continue.
+     * @param {string} role - Name of the role to require
+     */
+    test(req, res, next, role){
+        if ( req.session && req.session.auth && (req.session.auth.authenticated === true || req.session.auth.user) ){
+            if ( req.session.auth.user.role && req.session.auth.user.role === role ){
+                next()
+            }
+            else {
+                return _flitter.error(res, 401, {reason: 'Insufficient user permissions.'})
+            }
+        }
+        else {
+            req.session.destination = req.originalUrl
+            return res.redirect('/auth/login')
+        }
+    }
+}
+
+module.exports = Role