diff --git a/mong.js b/mong.js index fa512f3..34e8da9 100644 --- a/mong.js +++ b/mong.js @@ -1,13 +1,16 @@ var db = db.getSiblingDB('omdb'); +// Delete all collections + all records +db.messages.deleteMany({}); +db.tags.deleteMany({}); +db.users.deleteMany({}); +db.sessions.deleteMany({}); + // Insert data in collections load('mong_msg.js'); load('mong_tag.js'); load('mong_usr.js'); -// Delete all collections + all records -//db.messages.drop(); db.tags.drop(); db.user.drop(); db.sessions.drop() - // Print all collections + records count var collections = db.getCollectionNames(); print('Collections inside the db:'); diff --git a/mong_usr.js b/mong_usr.js index 2a3bcbc..59985bd 100644 --- a/mong_usr.js +++ b/mong_usr.js @@ -1,8 +1,8 @@ db.users.insert([ // author,OHMNEWS2019 - {"_id":"author","name":"Test Author","type":"author","roles":["user","author"],"hash":"sha256","salt":"cy5CkPrplcEze6o4psURhw==","pwd":"Gc8ozlxjEGITkS+fW9tz2xLROzws44s04EOCWuP04qE=","tags":["wichtig","th"],"bookmarks":["th"],}, + {"_id":"author","name":"Test Author","type":"author","roles":["user","author"],"hash":"sha256","salt":"cy5CkPrplcEze6o4psURhw==","pwd":"Gc8ozlxjEGITkS+fW9tz2xLROzws44s04EOCWuP04qE=","abos":["wichtig","th"],"bookmarks":["th"],}, // admin,oZuse1 - {"_id":"admin","name":"Test Admin","type":"admin","roles":["user","author","admin"],"hash":"sha256","salt":"PoIUHbDp7tP34ji31iQ0zw==","pwd":"mJpIfIksYs6LJJwYRBemFKqR6TacsSl2E0ZtpO1GMuk=","tags":["wichtig","th"],"bookmarks":["wichtig"],}, + {"_id":"admin","name":"Test Admin","type":"admin","roles":["user","author","admin"],"hash":"sha256","salt":"PoIUHbDp7tP34ji31iQ0zw==","pwd":"mJpIfIksYs6LJJwYRBemFKqR6TacsSl2E0ZtpO1GMuk=","abos":["wichtig","th"],"bookmarks":["wichtig"],}, ]) db.users.insert({"name":"mustermannmax", "roles":["user"],"abos":[],"bookmarks":[]}) diff --git a/public/routes/auth.js b/public/routes/auth.js index afc0fc1..273d925 100644 --- a/public/routes/auth.js +++ b/public/routes/auth.js @@ -5,8 +5,8 @@ function clearAuthState() { auth.mail = ''; // Full mail address auth.roles = {}; // Role authorizations e.g. {user: true} auth.gender = ''; // Gender (e.g. Frau) - auth.bookmarks = []; // Ids of bookmarks - auth.abos = []; // Abos + auth.abos = []; // Followed tags + auth.bookmarks = []; // Ids of bookmarks } clearAuthState(); @@ -20,6 +20,32 @@ function fillAuthState(state) { } } +function updateUserInDB() { + $.ajax({ + url: "api/usr", + data: { + abos: JSON.stringify(auth.abos), + bookmarks: JSON.stringify(auth.bookmarks), + mail: auth.mail, + name: auth.name, + _id: auth.user, + roles: JSON.stringify(auth.roles), + type: auth.type, + }, + method: "POST" + }).done(successful_save).fail(failed_save); + + function successful_save(res) { + console.info("User-save: Successful."); + console.info(res); + } + + function failed_save(err) { + console.info("User-save: Failed."); + console.error(err); + } +} + // Login component: Login panel (if not logged in) or Logout element (if logged in) Vue.component('login-panel', { template: ` @@ -57,13 +83,13 @@ Vue.component('login-panel', { `, data: function () { return { - auth: auth, user: '', pwd: '', error: false, }; }, // TODO: Check if enough for session cookie re-login; checkbox +// Doesn't work // mounted: function() { // this.checkData(); // }, @@ -94,6 +120,7 @@ Vue.component('login-panel', { function successful_login(resData) { fillAuthState(resData); + updateUserInDB(); console.info("Correct credentials"); this.closeLoginPanel; @@ -103,7 +130,7 @@ Vue.component('login-panel', { function failed_login(err) { console.info("Wrong credentials"); - this.showError=true; + this.error=true; this.showLoginPanel; console.log("error: " + err.responseText); @@ -129,10 +156,9 @@ Vue.component('login-panel', { function failed_login(err) { console.info("Re-Auth: Wrong credentials"); - this.showError=true; + this.error=true; this.showLoginPanel; - console.log("error: " + err.responseText); console.log(err); } }, @@ -140,6 +166,6 @@ Vue.component('login-panel', { clearAuthState(); $.ajax({ url: "api/logout", method: "POST" }); this.closeLoginPanel; - } + }, }, }); diff --git a/server.js b/server.js index 305ce44..d96c84f 100644 --- a/server.js +++ b/server.js @@ -53,8 +53,8 @@ app.disable('x-powered-by'); app.set('trust proxy', 1) // trust first proxy, neccessary for cookie secure: true flag app.use(session({ secret: 'ahhgylhuvh', // caesar(3) 2 letter surname - resave: false, - saveUninitialized: false, + saveUninitialized: false, // don't create session until something stored + resave: false, //don't save session if unmodified cookie: { maxAge: 30 * 24 * 3600 * 1000, // TODO: ttl for session as well (Store) secure: true, // true for https only (since our app works only with https) diff --git a/server/authorization.js b/server/authorization.js index 2bfe759..1035f3f 100644 --- a/server/authorization.js +++ b/server/authorization.js @@ -17,18 +17,61 @@ const clientVisibleSession = { user: true, name: true, type: true, mail: true, r function fillSession (req, user, roles, cb) { if (req.session === undefined) next (common.genError (500, "Error")); + // regenerate a new session-id with clean instance req.session.regenerate (function (err) { if (user !== undefined && ! err) { common.shallowCopy (user, serverVisibleSession, {roles: true}, req.session); + console.info(req.session); if (user._id) { req.session.user = user._id; } req.session.roles = roles; + } else if (user === undefined && roles === undefined) { + // User logged out + req.session.destroy(function(err) { + if (err) { + console.error(err); + } + }); } return cb (err); }); } +// Save found user into DB, if not already exists +function saveFoundToDB(found) { + console.info(found); + Users.findById(found.user) + .exec(function(err, result){ + if (err) { + console.error("Error: Users collection."); + console.error(err); + } + // User doesn't exist + if (found !== undefined && !result) { + Users.create({ + _id: found.user, + name: found.name, + mail: found.mail, + type: found.type, + abos: '', + bookmarks: '', + roles: '', + }, function(err, done) { + if (err) { + console.error("User creation: Failed"); + console.error(err); + } else { + console.info("New User created!"); + } + if (done == null) { + console.error("Can not create user."); + } + }); + } + }); +} + const authorization = { // Generate Error object suitible for throwing or next()ing genCheckAuthorized: function (group) { @@ -62,7 +105,7 @@ const authorization = { // Check whether to just validate current session ID if (user === '' && pwd === '') { - console.log ("auth revalidate: " + req.session.user); + console.log ("auth revalidate: " + req.session._id); if (req.session.user === undefined) return returnError(); return returnSession (); @@ -71,12 +114,12 @@ const authorization = { // check local database, then ldap Users.findById (req.body.user) .exec (function (err, entry) { // If there is a local user AND it has a password associated, test against this, and only this - if (entry != null && entry.pwd) { - if (crypto.checkLocalAuth (entry, req.body.pwd)) { - return fillSession (req, entry, common.arrayToHash(entry.roles), returnSession); - } - return returnError (); - } +// if (entry != null && entry.pwd) { +// if (crypto.checkLocalAuth (entry, req.body.pwd)) { +// return fillSession (req, entry, common.arrayToHash(entry.roles), returnSession); +// } +// return returnError (); +// } // check ldap ldap.authorize (user.toLowerCase(), pwd, function (found) { @@ -98,6 +141,7 @@ const authorization = { return fillSession (req, entry, entry.roles.length > 0 ? common.arrayToHash(entry.roles) : {user:true}, returnSession); } // Otherwise create standard user entry + saveFoundToDB(found); return fillSession (req, found, {user:true}, returnSession); }); }); diff --git a/server/dbs.js b/server/dbs.js index 707fc9c..8599419 100644 --- a/server/dbs.js +++ b/server/dbs.js @@ -217,25 +217,22 @@ const dbs = { * -> User schema * Create a new user */ - post: function (req, res) { + post: function(req, res) { +// console.info(req.body); model.Users.create({ - _id: req.body.id, + _id: req.body._id, name: req.body.name, + mail: req.body.mail, type: req.body.type, - roles: req.body.roles, - hash: req.body.hash, - salt: req.body.salt, - pwd: req.body.pwd, abos: req.body.abos, bookmarks: req.body.bookmarks, - }, function (err, result) { + roles: req.body.roles, + }, function(err, result) { if (err) { console.log(err); return res.status(401).json(err.message); } else { - res.json({ - message: "User created!!" - }); + res.json({message: "User created!", user: req.body}); } if (result == null) { return res.status(500).json("Can not create user.") @@ -365,42 +362,24 @@ const dbs = { model.Tags._list = [""]; var userSchema = common.mongoose.Schema({ - /*_id: { - type: String - },*/ - name: { - type: String, - required: true, - _comment: "" - }, - pwd: { - type: String, - _comment: "" - }, - hash: { - type: String - }, - salt: { - type: String - }, - type: { - type: String - }, - roles: { - type: [String], - required: true, - _comment: "" - }, - abos: { - type: [String], - _comment: "" - }, + _id: { type: String, required: true }, + name: { type: String, + _comment: "" }, + mail: { type: String }, + type: { type: String }, + pwd: { type: String, + _comment: "" }, + hash: { type: String }, + salt: { type: String }, + abos: { type: [String], + _comment: "" }, //deactivated: { type: Boolean }, //host: { type: Boolean }, - bookmarks: { - type: [String], - _comment: "" - }, + bookmarks: { type: [String], + _comment: "" }, + sessionid: { type: String }, + roles: { type: [String], required: true, + _comment: "" }, }); model.Users = common.mongoose.model('users', userSchema); model.Users._list = [""];