From c3b6596dcbd654212743ca8e38dc39cc4883bf4c Mon Sep 17 00:00:00 2001 From: sizzlemctwizzle Date: Wed, 13 Nov 2013 20:12:16 -0600 Subject: [PATCH] Manage the authentication strategy keys for OAuth via a webpage. --- app.js | 22 +++++--- controllers/admin.js | 86 +++++++++++++++++++++++++++++++ controllers/index.js | 5 +- controllers/prettyStrategies.json | 5 -- controllers/strategies.json | 20 +++++-- controllers/strategiesFinal.json | 11 ---- models/strategies.js | 13 +++++ models/userRoles.json | 8 +++ views/apiAdmin.html | 17 ++++++ 9 files changed, 157 insertions(+), 30 deletions(-) create mode 100644 controllers/admin.js delete mode 100644 controllers/prettyStrategies.json delete mode 100644 controllers/strategiesFinal.json create mode 100644 models/strategies.js create mode 100644 models/userRoles.json create mode 100644 views/apiAdmin.html diff --git a/app.js b/app.js index 6080f5ff3..c8f0b974b 100644 --- a/app.js +++ b/app.js @@ -3,7 +3,8 @@ var mongoose = require('mongoose'); var passport = require('passport'); var app = express(); var controllers = require('./controllers'); -var authentication = require('./controllers/auth'); +//var authentication = require('./controllers/auth'); +var admin = require('./controllers/admin'); var settings = require('./models/settings.json'); app.configure(function(){ @@ -17,6 +18,11 @@ app.configure(function(){ app.use(express.session()); app.use(passport.initialize()); app.use(app.router); + + // Set up the views + app.engine('html', require('./libs/muExpress').renderFile); + app.set('view engine', 'html'); + app.set('views', __dirname + '/views'); }); if (process.env.NODE_ENV === 'production') { @@ -31,22 +37,22 @@ db.once('open', function callback () { app.listen(8080); }); -app.engine('html', require('./libs/muExpress').renderFile); -app.set('view engine', 'html'); -app.set('views', __dirname + '/views'); - app.get('/', controllers.home); -app.get('/auth/:strategy?', authentication.auth); +/*app.get('/auth/:strategy?', authentication.auth); app.post('/auth/', function(req, res) { req.session.username = req.body.username; res.redirect('/auth/' + req.body.auth); }); +app.get('/auth/:strategy/callback/', authentication.callback); app.get('/logout', function(req, res) { delete req.session.user; res.redirect('/'); -}); +});*/ -app.get('/auth/:strategy/callback/', authentication.callback); +app.get('/admin/user', admin.userAdmin); +app.get('/admin/api', admin.apiAdmin); +app.post('/admin/user/update', admin.userAdminUpdate); +app.post('/admin/api/update', admin.apiAdminUpdate); app.use(express.static(__dirname + '/public')); app.use(function(req, res, next){ diff --git a/controllers/admin.js b/controllers/admin.js new file mode 100644 index 000000000..de63b0f82 --- /dev/null +++ b/controllers/admin.js @@ -0,0 +1,86 @@ +var Strategy = require('../models/strategies.js').Strategy; +var User = require('../models/user.js').User; +var strategies = require('./strategies.json'); + +function userIsAdmin(req) { + return req.session.user && req.session.user.role < 3; +} + +function getOAuthStrategies(stored) { + var oAuthStrats = []; + for (var i in strategies) { + var strategy = strategies[i]; + if (strategy.oauth) { + oAuthStrats.push(stored[i] || { 'strat' : i, 'id' : '', 'key' : ''}); + } + } + + return oAuthStrats; +} + +exports.userAdmin = function(req, res) { + if (!userIsAdmin(req)) res.redirect('/'); + + res.render('index', options, res); +}; + +exports.apiAdmin = function(req, res) { + //if (!userIsAdmin(req)) res.redirect('/'); + + Strategy.find({}, function(err, strats) { + var stored = {}; + strats.forEach(function(strat) { + //strat.remove(function (err, product) {}); + stored[strat.name] = { 'strat' : strat.name, + 'id' : strat.id, 'key' : strat.key }; + }); + + var strategies = getOAuthStrategies(stored); + var options = { 'strategies' : strategies }; + + res.render('apiAdmin', options, res); + }); +}; + +exports.apiAdminUpdate = function(req, res) { + var postStrats = req.body; + var doneCount = 0; + function done() { + if (!(--doneCount)) res.redirect('/admin/api'); + } + + Strategy.find({}, function(err, strats) { + var stored = {}; + strats.forEach(function(strat) { + stored[strat.name] = strat; + }); + + for (var i in postStrats) { + var postStrat = postStrats[i]; + var strategy = null; + if (postStrat[0] && postStrat[1]) { + if (stored[i]) { + strategy = stored[i]; + strategy.id = postStrat[0] + strategy.key = postStrat[1]; + } else { + strategy = new Strategy({ + 'id' : postStrat[0], + 'key' : postStrat[1], + 'name' : i, + 'display' : strategies[i].name + }); + } + + ++doneCount; + strategy.save(function() { return done(); }); + } + } + + ++doneCount; + done(); + }); +}; + +exports.userAdminUpdate = function(req, res) { +}; diff --git a/controllers/index.js b/controllers/index.js index 3ad5ce08a..22be83ba2 100644 --- a/controllers/index.js +++ b/controllers/index.js @@ -1,17 +1,16 @@ var User = require('../models/user').User; var strategies = require('./strategies.json'); -var prettystrategies = require('./prettyStrategies.json'); exports.home = function(req, res) { var options = { 'title': 'Home page' }; var user = req.session.user; if (!user) { - options.strategies = [{'strat' : '', 'pretty' : ''}]; + /*options.strategies = [{'strat' : '', 'pretty' : ''}]; strategies.forEach(function(strat, index) { options.strategies.push({ 'strat' : strat, 'pretty' : prettystrategies[index]}); - }); + });*/ } else { options.username = user.name; } diff --git a/controllers/prettyStrategies.json b/controllers/prettyStrategies.json deleted file mode 100644 index 51d84e376..000000000 --- a/controllers/prettyStrategies.json +++ /dev/null @@ -1,5 +0,0 @@ -[ - "GitHub", "Facebook", "Google", "PayPal", "Yahoo!", "AOL", - "Twitter", "Flickr", "LinkedIn", "Netflix", "Reddit", - "Imgur", "Amazon", "Windows Live", "OpenID" -] diff --git a/controllers/strategies.json b/controllers/strategies.json index a4843b73e..e0f37d9a1 100644 --- a/controllers/strategies.json +++ b/controllers/strategies.json @@ -1,3 +1,17 @@ -[ - "github", "facebook", "google", "paypal", "yahoo", "aol" -] +{ + "github" : { "name" : "GitHub", "oauth" : true }, + "facebook" : { "name" : "Facebook", "oauth" : true }, + "google" : { "name" : "Google", "oauth" : false }, + "paypal" : { "name" : "PayPal", "oauth" : false }, + "yahoo" : { "name" : "Yahoo!", "oauth" : false }, + "aol" : { "name" : "AOL", "oauth" : false }, + "twitter" : { "name" : "Twitter", "oauth" : true }, + "flickr" : { "name" : "Flickr", "oauth" : true }, + "linkedin" : { "name" : "LinkedIn", "oauth" : true }, + "netflix" : { "name" : "Netflix", "oauth" : true }, + "reddit" : { "name" : "Reddit", "oauth" : true }, + "imgur" : { "name" : "Imgur", "oauth" : true }, + "amazon" : { "name" : "Amazon", "oauth" : true }, + "windowslive" : { "name" : "Windows Live", "oauth" : true }, + "openid" : { "name" : "OpenID", "oauth" : false } +} diff --git a/controllers/strategiesFinal.json b/controllers/strategiesFinal.json deleted file mode 100644 index 491d7eb4e..000000000 --- a/controllers/strategiesFinal.json +++ /dev/null @@ -1,11 +0,0 @@ -[ - // OAuth 1.0 - // "google", "twitter", "yahoo", "flickr", "linkedin", "netflix", - - // OAuth 2.0 - "github", "facebook", //"reddit", "imgur", "amazon", "paypal", - //"windowslive", "google", - - // OpenID - "aol", "openid" -] diff --git a/models/strategies.js b/models/strategies.js new file mode 100644 index 000000000..a2e1e4fa7 --- /dev/null +++ b/models/strategies.js @@ -0,0 +1,13 @@ +var mongoose = require('mongoose'); +var Schema = mongoose.Schema; + +var strategySchema = new Schema({ + id: String, + key: String, + name: String, + display: String +}); + +var Strategy = mongoose.model('Strategy', strategySchema); + +exports.Strategy = Strategy; diff --git a/models/userRoles.json b/models/userRoles.json new file mode 100644 index 000000000..cfad92910 --- /dev/null +++ b/models/userRoles.json @@ -0,0 +1,8 @@ +[ + "Root", + "Founding Father", + "Admin", + "Moderator", + "Script Writer", + "User" +] diff --git a/views/apiAdmin.html b/views/apiAdmin.html new file mode 100644 index 000000000..3d6acfdaa --- /dev/null +++ b/views/apiAdmin.html @@ -0,0 +1,17 @@ + + +Edit Authenticator Settings + + +
+{{#strategies}} + {{strat}}
+ id: +
+ key: +

+{{/strategies}} + +
+ +