From fe5ef0dc835458bea5d91338bef14ce00a526439 Mon Sep 17 00:00:00 2001
From: Guillaume WANG <guillaume.wang@polytechnique.edu>
Date: Mon, 7 May 2018 14:23:08 +0200
Subject: [PATCH] minor changes (mostly logs)
---
src/admin_view/admin_router.js | 14 +++++------
src/server.js | 44 ++++++++++++++++++++++++++--------
2 files changed, 41 insertions(+), 17 deletions(-)
diff --git a/src/admin_view/admin_router.js b/src/admin_view/admin_router.js
index 9248f12..7b0f3d9 100644
--- a/src/admin_view/admin_router.js
+++ b/src/admin_view/admin_router.js
@@ -23,14 +23,14 @@ let port = process.env.PORT || 3000;
*/
router.get('/', function (req, res) {
- console.log("GET handler for /adminview route");
- console.log('Connecting to ' + req.url);
- console.log('Trying to go to admin page...');
+ console.log("adminview: GET handler for /adminview route");
+ console.log('adminview: Connecting to ' + req.url);
+ console.log('adminview: Trying to go to admin page...');
res.redirect('/adminview/admin');
});
router.get('/avlogin', function (req, res) {
- console.log('Connecting to ' + req.url);
+ console.log('adminview: Connecting to ' + req.url);
res.render('login', {
title: 'Login', port: port,
errorMessage: req.flash('error')
@@ -40,7 +40,7 @@ router.get('/avlogin', function (req, res) {
router.get('/admin',
ensureLoggedIn('/adminview/avlogin'),
function (req, res) {
- console.log('Connecting to ' + req.url);
+ console.log('adminview: Connecting to ' + req.url);
let userName;
// Une erreur a ce stade peut etre triggered si req.user n'existe pas
// mais pour autant on est assures que la personne est bien authentifiee
@@ -48,7 +48,7 @@ router.get('/admin',
try {
let user = req.user;
//let user = req.user;
- console.log('Welcome,', user.uid);
+ console.log('adminview: Welcome,', user.uid);
userName = user.uid;
} catch (err) {
console.log("Warning: in admin_router router.get('/admin')");
@@ -152,7 +152,7 @@ router.use((req, res, next) => {
* @summary Gère les erreurs 404
*/
router.use((err, req, res, next) => {
- console.log("Entering error handler");
+ console.log("adminview: Entering error handler");
res.locals.message = err.message;
console.log(err.message);
diff --git a/src/server.js b/src/server.js
index 61a71ed..259e649 100644
--- a/src/server.js
+++ b/src/server.js
@@ -41,6 +41,12 @@ app.use(bodyParser.json()); //parses bodies of media type "application/json"
app.use(bodyParser.urlencoded({ //parses bodies of media type "application/x-www-form-urlencoded"
extended: true //use qs library (quoi que ca veuille dire o.O)
}));
+app.use(cookieParser()); //parses Cookie header and populate req.cookies with an object keyed by the cookie names. was necessary for express-session before its v1.5.0. on peut probablement l'enlever desormais.
+
+//GHETTO
+// Config de passport pour l'authentification ldap.
+// Ne fait que *configurer* passport pour la strategie 'ldap' (pas d'incidence sur la strategie 'session' normalement)
+import './config_passport.js';
@@ -74,8 +80,6 @@ const configPath = path.resolve('./', 'ldap_config.json');
const config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
// WTF??? why is sessionSecret in ldap_config.json? it has nothing to do with ldap. TODO
-//app.use(cookieParser()); //parses Cookie header and populate req.cookies with an object keyed by the cookie names. was necessary for express-session before its v1.5.0. on peut probablement l'enlever desormais.
-
// defines parameters for *session store*. (adds field req.session and do some magic stuff)
// basically, searches for a session matching the received cookie and, if found, adds field req.blasomethingbla containing serialized object representing user (i.e. similar to what passport.serializeUser() could produce)
// TODO: it is important to configure this right!!! please check out https://www.npmjs.com/package/express-session and make sure you understand the way session is stored. (en vrai c'est vraiment important...)
@@ -86,9 +90,23 @@ app.use(session({
//store: // TODO: change this. express-session doc warns that default value is ok to use for development only
}));
app.use(passport.initialize()); //initialize Passport. (adds hidden field req._passport and do some magic stuff)
-app.use(passport.session()); //this is equivalent to app.use(passport.authenticate('session'))
+//GHETTO
+//app.use(passport.session()); //this is equivalent to app.use(passport.authenticate('session'))
+app.use(passport.session(), (req, res, next)=>{
+ console.log("Used passport.session()");
+ console.log(`passport.session() found user: ${req.user ? req.user.uid : "none"}`);
+ console.log("passport.session() user is authenticated:", req.isAuthenticated());
+ next();
+}); //this is equivalent to app.use(passport.authenticate('session'))
// *aucun* effet sur les requetes n'ayant pas ete reconnues par app.use(session(...)) (e.g. les requetes sans cookie ou les requetes avec cookie expired). source: lecture directe du code passport/lib/strategies/session.js sur github... :/
+/*
+app.use((req, res, next) => {
+ console.log("Finished trying to authentify request as an existing session");
+ console.log("req.user: "+req.user);
+});
+*/
+
/**
* FIN AUTHENTIFICATION POUR LES REQUETES POSSEDANT UN COOKIE ET PROVENANT D'UN UTILISATEUR DEJA AUTHENTIFIE
*/
@@ -114,7 +132,8 @@ const corsOptions = {
credentials: true // Configures the Access-Control-Allow-Credentials CORS header. i.e. allows cookies to be included on cross-origin requests
};
app.use(cors(corsOptions));
-
+
+//GHETTO
// Config de passport pour l'authentification ldap. Ne fait que *configurer* passport (aucun passport.authenticate() n'est appele, par exemple)
import './config_passport.js';
@@ -123,9 +142,12 @@ import './config_passport.js';
//http://www.passportjs.org/docs/authenticate/#custom-callback
// http://toon.io/understanding-passportjs-authentication-flow/
app.post('/login', (req, res, next) => {
+ console.log("Received an authentication request to /login");
passport.authenticate('ldapauth', (err, user, info) => {
+ console.log("| Entering passport.authenticate('ldapauth', - ) callback");
// If an exception occurred
if (err) {
+ console.log("| Error when trying to passport.authenticate with ldapauth");
console.log(err);
return res.status(err.status).json({
message: "Exception raised in backend process during authentication: " + err,
@@ -135,6 +157,7 @@ app.post('/login', (req, res, next) => {
}
// If authentication failed, user will be set to false
if (!user) {
+ console.log("| Authentication failed, passport.authenticate did not return a user. ");
return res.status(401).json({
message: "Authentication failed: " + info.message,
authSucceeded: false
@@ -144,6 +167,7 @@ app.post('/login', (req, res, next) => {
req.login(user, (err) => {
// If an exception occurred at login
if (err) {
+ console.log("| Error when trying to req.login in callback in passport.authenticate('ldapauth', - )");
console.log(err);
return res.status(err.status).json({
message: "Exception raised in backend process during login: " + err,
@@ -152,7 +176,9 @@ app.post('/login', (req, res, next) => {
// return next(err); // handle error? or drop request and answer with res.json()?
}
// If all went well
- res.json({
+ console.log("| Authentication succeeded! :-)");
+ // passport.authenticate automatically includes a Set-Cookie HTTP header in the response. The JSON body is just to signal the frontend that all went well
+ return res.status(200).json({
message: 'Authentication succeeded',
authSucceeded: true
});
@@ -192,17 +218,17 @@ app.post('/login',
import { dn, passwd } from "../ldap_connexion_config.json"; // default user
app.use('/graphql',
- bodyParser.json(), // parse incoming HTTP request (req) as a JSON
graphqlHTTP(async (req, res, params) => {
// vary the options *on a per-request basis*
let uid;
let password;
console.log("Responding to graphql request...");
- console.log(`User ${req.user ? req.user.uid : "none"}`);
- console.log("User is authenticated:",req.isAuthenticated());
+ console.log(`| User: ${req.user ? req.user.uid : "none"}`);
+ console.log("| User is authenticated:",req.isAuthenticated());
if(req.isAuthenticated()) {
+ console.log("graphql API is receiving a request from an authenticated user! \\o/");
try {
uid = req.user.uid;
password = "mythe";
@@ -216,8 +242,6 @@ app.use('/graphql',
password = passwd;
}
- console.log("Cookies:",req.cookies);
-
return {
schema,
graphiql: true, // gives access to graphiql if request is detected to be from browser (je crois)
--
GitLab