admportal/server/router/routes/csp.js

   1 var exec = require('child_process').exec;
   2 var dbRoutes = require('./dbRoutes');
   3 var fs = require('fs.extra');
   4 var properties = require(process.env.SDNC_CONFIG_DIR + '/admportal.json');
   5
   6 var retURL = "";
   7 var noCookieUrl = "";
   8 var logoutUrl = "";
   9
  10 function logout(req,res){
  11         console.log("logout");
  12         req.session.loggedInAdmin = undefined;
  13         res.redirect('/login');
  14 }
  15
  16 function login (req,res) {
  17
  18         var tkn = req.sanitize(req.body._csrf);
  19
  20         var loggedInAdmin={};
  21         var email = req.sanitize(req.body.email);
  22         var pswd = req.sanitize(req.body.password);
  23         dbRoutes.findAdminUser(email,res,function(adminUser)
  24         {
  25                 // make sure correct password is provided
  26                 if (pswd != adminUser.password) {
  27                         res.render("pages/err", { result: { code:'error', msg:'Invalid password entered.' }, header:process.env.MAIN_MENU });
  28                         return;
  29                 }
  30                 var loggedInAdmin = {
  31                                 email:adminUser.email,
  32                                 csrfToken: tkn,
  33                                 password:adminUser.password,
  34                                 privilege:adminUser.privilege
  35                 }
  36                 req.session.loggedInAdmin = loggedInAdmin;
  37
  38                 console.log("Login Success"+JSON.stringify(loggedInAdmin));
  39                 res.redirect('sla/listSLA');
  40                 return;
  41         });
  42 }
  43
  44 function checkAuth(req,res,next){
  45
  46         var host = req.get('host');
  47         var url = req.url;
  48         var originalUrl = req.originalUrl;
  49
  50         console.log("checkAuth");
  51
  52         var host = req.headers['host'];
  53         console.log('host=' + host);
  54         if(req.session == null || req.session == undefined
  55                 || req.session.loggedInAdmin == null || req.session.loggedInAdmin == undefined)
  56         {
  57                 console.log("loggedInAdmin not found.session timed out.");
  58                 res.redirect('/login');
  59                 //res.render('pages/login');
  60                 return;
  61         }
  62         console.log("cookie is:  " + JSON.stringify(req.session.loggedInAdmin));
  63         next();
  64         return;
  65 }
  66
  67 function checkPriv(req,res,next)
  68 {
  69   var priv = req.session.loggedInAdmin;
  70   if(req.session == null || req.session == undefined
  71                 || req.session.loggedInAdmin == null || req.session.loggedInAdmin == undefined)
  72   {
  73     res.render("pages/err",
  74                 {
  75                         result: {code:'error', msg:'Unexpected null session.'},
  76                         header: process.env.MAIN_MENU
  77                 });
  78     return;
  79   }
  80   else
  81   {
  82     if (priv.privilege == 'A')
  83     {
  84       next();
  85       return;
  86     }
  87     else
  88     {
  89       res.render("pages/err",
  90                         {
  91                                 result: { code:'error', msg:'User does not have permission to run operation.'},
  92                                 header: process.env.MAIN_MENU
  93                         });
  94       return;
  95     }
  96   }
  97 }
  98
  99
 100 exports.login = login;
 101 exports.logout = logout;
 102 exports.checkAuth = checkAuth;
 103 exports.checkPriv = checkPriv;