auth-center
Version:
auth center with TOTP
78 lines (59 loc) • 3.82 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.default = routes;
var _koaRouter = _interopRequireDefault(require("koa-router"));
var _koaCsrf = _interopRequireDefault(require("koa-csrf"));
var _oauth = _interopRequireDefault(require("./oauth"));
var user = _interopRequireWildcard(require("./controllers/user"));
var admin = _interopRequireWildcard(require("./controllers/admin"));
var scan = _interopRequireWildcard(require("./controllers/scan"));
function _getRequireWildcardCache() { if (typeof WeakMap !== "function") return null; var cache = new WeakMap(); _getRequireWildcardCache = function () { return cache; }; return cache; }
function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
function routes(app, config) {
const R = config.routes;
const oauth = (0, _oauth.default)(config);
const authRouter = new _koaRouter.default(); // API: get user info
authRouter.get(R.user, oauth.authenticate, user.getInfo); // OAuth
authRouter.get(R.authorize, user.checkLogin, oauth.authorize);
authRouter.post(R.access_token, oauth.accessToken);
authRouter.post(R.scan_login, oauth.authenticate, scan.login);
const router = new _koaRouter.default();
router.get(R.home, user.checkLogin, user.home);
router.get(R.security, user.checkLogin, user.security);
router.post(R.security_change, user.checkLogin, user.securityChange); // Login & Logout
router.get(R.login, user.login);
router.get(R.logout, user.logout);
router.post(R.login_token, user.checkToken('LOGIN_TOKEN'), user.loginToken);
router.post(R.session, user.session); // Scan Login
router.post(R.qrcode, scan.qrcode);
router.redirect(R.scan, R.login); // Reset password
router.get(R.password_reset, user.passwordResetPage);
router.post(R.resetpwd_token, user.checkToken('RESETPWD_TOKEN'), user.resetpwdToken); // Change password
router.get(R.password_change, user.checkResetToken, user.passwordChangePage);
router.post(R.password_change, user.checkResetToken, user.passwordChange); // Admin
router.get(R.admin.users, admin.checkLogin, admin.userList);
router.post(R.admin.search_user, admin.checkLogin, admin.searchUser);
router.get(R.admin.clients, admin.checkLogin, admin.clientList);
router.post(R.admin.send_totp, admin.checkLogin, admin.sendTotp);
router.post(R.admin.add_client, admin.checkLogin, admin.addClient);
router.post(R.admin.generate_secret, admin.checkLogin, admin.generateSecret);
router.get(R.admin.roles, admin.checkLogin, admin.roleList);
router.post(R.admin.add_role, admin.checkLogin, admin.addRole);
router.post(R.admin.delete_role, admin.checkLogin, admin.deleteRole);
app.use(authRouter.routes());
app.use(authRouter.allowedMethods());
app.use(new _koaCsrf.default());
app.use(async (ctx, next) => {
ctx.state._csrf = ctx.csrf;
ctx.cookies.set('XSRF-TOKEN', ctx.csrf, {
httpOnly: false
});
await next();
});
app.use(router.routes());
app.use(router.allowedMethods());
}
module.exports = exports.default;