Commit c1176749 authored by Johannes Zellner's avatar Johannes Zellner

Add ability to have admin role

parent 0735a658
......@@ -30,7 +30,7 @@
<h2>Login</h2>
<el-form ref="form" :model="loginForm" @submit.native.prevent="login(loginForm.username, loginForm.password)">
<el-form-item label="Username">
<el-input id="loginUsername" v-model="loginForm.username" :disabled="busy" required autofocus></el-input>
<el-input id="loginUsername" v-model="loginForm.username" ref="usernameInput" :disabled="busy" required autofocus></el-input>
</el-form-item>
<el-form-item label="Password">
<el-input id="loginPassword" v-model="loginForm.password" ref="passwordInput" type="password" :disabled="busy" required></el-input>
......
......@@ -59,7 +59,10 @@
.end((error, result) => {
this.busy = false
if (result && result.statusCode === 401) return this.user = null
if (result && result.statusCode === 401) {
this.$nextTick(() => this.$refs.usernameInput.focus())
return this.user = null
}
if (error) return console.error(error)
this.user = result.body.user
......
......@@ -1112,7 +1112,18 @@
"is-path-cwd": "^1.0.0",
"is-path-in-cwd": "^1.0.0",
"p-map": "^1.1.1",
"pify": "^3.0.0"
"pify": "^3.0.0",
"rimraf": "^2.2.8"
},
"dependencies": {
"rimraf": {
"version": "2.7.1",
"resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.7.1.tgz",
"integrity": "sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==",
"requires": {
"glob": "^7.1.3"
}
}
}
},
"delayed-stream": {
......@@ -1914,7 +1925,7 @@
"find-root": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/find-root/-/find-root-1.1.0.tgz",
"integrity": "sha512-NKfW6bec6GfKc0SGx1e07QZY9PE99u0Bft/0rzSD5k3sO/vwkVUpDUKVm5Gpp5Ue3YfShPFTX2070tDs5kB9Ng==",
"integrity": "sha1-q8/Iunb3CMQql7PWhbfpRQv7nOQ=",
"dev": true
},
"find-up": {
......@@ -2260,6 +2271,11 @@
"resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
"integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
},
"ini": {
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/ini/-/ini-1.3.5.tgz",
"integrity": "sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw=="
},
"inquirer": {
"version": "7.3.2",
"resolved": "https://registry.npmjs.org/inquirer/-/inquirer-7.3.2.tgz",
......@@ -4600,7 +4616,7 @@
"uid-safe": {
"version": "2.1.5",
"resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
"integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
"integrity": "sha1-Kz1cckDo/C5Y+Komnl7knAhXvTo=",
"requires": {
"random-bytes": "~1.0.0"
}
......
......@@ -5,6 +5,7 @@ const express = require('express')
const morgan = require('morgan')
const path = require('path')
const compression = require('compression')
const ini = require('ini')
const session = require('express-session')
const lastMile = require('connect-lastmile')
const {HttpSuccess, HttpError} = require('connect-lastmile')
......@@ -22,6 +23,26 @@ const jsonParser = bodyParser.json({strict: true})
const baseDir = process.env.CLOUDRON ? '/app/data' : path.join(__dirname, '.dev/data')
const CONFIG_FILE_PATH = path.join(baseDir, 'config.ini')
console.log(`Using config file at ${CONFIG_FILE_PATH}`)
function reloadConfig() {
let config = {}
try {
config = ini.parse(fs.readFileSync(CONFIG_FILE_PATH, 'utf-8'))
} catch (e) {
console.log('No config file found, creating empty one')
fs.writeFileSync(CONFIG_FILE_PATH, '[roles]\n#admins=username1,username2\n')
}
config.roles = config.roles || {}
config.roles.admins = config.roles.admins || ''
config.roles.admins = config.roles.admins.split(',')
return config
}
let config = reloadConfig()
const isAuthenticated = (req, res, next) => (req.session && req.session.user) ? next() : res.status(401).send({})
app.use('/api/healthcheck', (req, res) => openvpn.isRunning()
......@@ -54,6 +75,11 @@ router.post('/api/login', jsonParser, (req, res, next) => {
} else {
ldap.auth(req.body.username, req.body.password)
.then(profile => {
// on login check for new roles
config = reloadConfig()
profile.isAdmin = config.roles.admins.indexOf(profile.username) !== -1
req.session.user = profile
next(new HttpSuccess(200, {user: req.session.user}))
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment