UNPKG

akurath

Version:

IDE Frontend for codepsaces.io

www.codespaces.io

codespaces-io/akurath

148 lines (123 loc) 3.76 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
// Requires var http = require('http'); var express = require('express'); var _ = require('lodash'); function setup(options, imports, register) { var workspace = imports.workspace; var logger = imports.logger.namespace("web"); // Expres app var app = express(); if (options.dev) { app.use(function(req, res, next) { logger.log("["+req.method+"]", req.url); next(); }); } // Apply middlewares app.use(express.cookieParser()); app.use(express.cookieSession({ 'key': ['sess', workspace.id].join('.'), 'secret': workspace.secret, })); // Get User and set it to res object app.use(function getUser(req, res, next) { var uid = req.session.userId; if(uid) { // Pause request stream req.pause(); return workspace.getUser(uid) .then(function(user) { // Set user res.user = user; // Activate user res.user.activate(); }, function(err) { res.user = null; }).done(function() { req.resume(); next(); }); } return next(); }); // Client-side app.get('/', function(req, res, next) { var doRedirect = false; var baseToken = options.defaultToken; var baseEmail = options.defaultEmail; if (req.query.email && req.query.token) { // Auth credential: save as cookies and redirect to clean url baseEmail = req.query.email; baseToken = req.query.token; doRedirect = true; } if ((baseToken || baseEmail) && (!req.cookies.autoAuth || doRedirect)) { if (baseEmail) { res.cookie('email', baseEmail, { httpOnly: false }); } if (baseToken) { res.cookie('token', baseToken, { httpOnly: false }) } res.cookie('autoAuth', true, { httpOnly: false }); } if (doRedirect) { return res.redirect("/"); } return next(); }); app.use('/', express.static(__dirname + '/../../client/build')); // Router app.use(app.router); // Error handling app.use(function(err, req, res, next) { if(!err) return next(); logger.error("Error:"); res.send({ 'error': err.message }, 500); logger.error(err.stack); }); // Block queries for unAuthenticated users // var authorizedPaths = []; app.all("*", function(req, res, next) { if(!needAuth(req.path) || res.user) { return next(); } // Unauthorized return res.send(403, { ok: false, data: {}, error: "Could not run API request because user was not authenticated", method: req.path, }); }); // Check if a path need auth var needAuth = function(path) { if (path == "/") return false; return _.find(authorizedPaths, function(authPath) { return path.indexOf(authPath) == 0; }) == null; }; // Disable auth for a path var disableAuth = function(path) { logger.log("disable auth for", path); authorizedPaths.push(path); }; disableAuth("/static"); // Http Server var server = http.createServer(app); // Register register(null, { "server": { "app": app, "http": server, 'disableAuth': disableAuth, 'port': options.port, 'hostname': options.hostname } }); } // Exports module.exports = setup;