UNPKG

openhab-multiuser-proxy

Version:

Multi-User support for openHAB REST API with NGINX.

github.com/Davek145/openhab-multiuser-proxy

Davek145/openhab-multiuser-proxy

98 lines (92 loc) 2.51 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
import items from './items/routes.js'; import pages from './pages/routes.js'; import sitemaps from './sitemaps/routes.js'; import { requireHeader } from './middleware.js'; import { adminAllowedForClient } from './admin/security.js'; import { ADMIN_OU } from '../server.js'; /** * Routes namespace. Providing routes. * * @namespace routes */ /** * Main router. * * @memberof routes * @param {*} app expressjs app */ export default (app) => { /** * @swagger * /: * get: * summary: Retrieve server information. * responses: * 200: * description: Server information. * content: * application/json: * schema: * type: object */ app.get('/', (req, res) => { res.send({ name: process.env.npm_package_name, description: 'Multi-User support for openHAB REST API with NGINX.', purpose: 'This NodeJS application provides filters and access control mechanisms.', author: 'Florian Hotze, David Kesl', version: process.env.npm_package_version, license: 'GNU GPL-3.0', links: [ { type: 'swagger-doc', path: '/swagger/' }, { type: 'rest-api', path: '/rest' } ] }); }); /** * @swagger * /auth/admin: * get: * summary: Authorization endpoint whether client has admin privileges. * description: Used by nginx auth_request. * tags: [Auth] * parameters: * - in: header * name: X-OPENHAB-USER * required: true * description: Name of user * schema: * type: string * style: form * - in: header * name: X-OPENHAB-ORG * required: false * description: Organisations the user is member of * schema: * type: string * style: form * responses: * 200: * description: Allowed * 403: * description: Forbidden */ app.get('/auth/admin', requireHeader('X-OPENHAB-USER'), async (req, res) => { const user = req.headers['x-openhab-user']; const org = req.headers['x-openhab-org'] || ''; try { const allowed = await adminAllowedForClient(user, org); if (allowed === true) { res.status(200).send(); } else { res.status(403).send(); } } catch { res.status(500).send(); } }); // Other routes items(app); pages(app); sitemaps(app); };