+++ /dev/null
-var exec = require('child_process').exec;
-var dbRoutes = require('./dbRoutes');
-var fs = require('fs.extra');
-var properties = require(process.env.SDNC_CONFIG_DIR + '/admportal.json');
-
-var retURL = "";
-var noCookieUrl = "";
-var logoutUrl = "";
-
-function logout(req,res){
- console.log("logout");
- req.session.loggedInAdmin = undefined;
- res.redirect('/login');
-}
-
-function login (req,res) {
-
-console.log('login');
-var tkn = req.sanitize(req.body._csrf);
-console.log('login:tkn=' + tkn);
-
- var loggedInAdmin={};
- var email = req.sanitize(req.body.email);
- var pswd = req.sanitize(req.body.password);
- dbRoutes.findAdminUser(email,res,function(adminUser){
- if(adminUser !== null){
-
- // make sure correct password is provided
- if (pswd != adminUser.password) {
- res.render("pages/login",
- {
- result:
- {
- code:'error',
- msg:'Invalid password entered.'
- },
- header:process.env.MAIN_MENU
- });
- return;
- }
-
- var loggedInAdmin = {
- email:adminUser.email,
- csrfToken: tkn,
- password:adminUser.password,
- privilege:adminUser.privilege
- }
- req.session.loggedInAdmin = loggedInAdmin;
- console.log("Login Success"+JSON.stringify(loggedInAdmin));
- res.redirect('sla/listSLA');
- }else{
- res.render("pages/err",
- {
- result:
- {
- code:'error',
- msg:'User ' + attuid + ' is not in the database. Please see an adminstrator to have them added.'
- },
- header:process.env.MAIN_MENU
- });
- }
- });
-}
-
-function checkAuth(req,res,next){
-
- var host = req.get('host');
- var url = req.url;
- var originalUrl = req.originalUrl;
-
- console.log("checkAuth");
-
- var host = req.headers['host'];
- console.log('host=' + host);
- console.log("cookie is not null "+JSON.stringify(req.session.loggedInAdmin));
- if(req.session == null || req.session == undefined
- || req.session.loggedInAdmin == null || req.session.loggedInAdmin == undefined)
- {
- // nothing else to do but log them back in, or they may
- // be coming from the graph tool
- console.log("loggedInAdmin not found.session timed out.");
- res.render('pages/login');
- return false;
- }
- next();
-}
-
-function checkPriv(req,res,next)
-{
- var priv = req.session.loggedInAdmin;
- if(req.session == null || req.session == undefined
- || req.session.loggedInAdmin == null || req.session.loggedInAdmin == undefined)
- {
- res.render("pages/err",
- {
- result: {code:'error', msg:'Unexpected null session.'},
- header: process.env.MAIN_MENU
- });
- return;
- }
- else
- {
- if (priv.privilege == 'A')
- {
- next();
- return;
- }
- else
- {
- res.render("pages/err",
- {
- result: { code:'error', msg:'User does not have permission to run operation.'},
- header: process.env.MAIN_MENU
- });
- return;
- }
- }
-}
-
-
-exports.login = login;
-exports.logout = logout;
-exports.checkAuth = checkAuth;
-exports.checkPriv = checkPriv;
Code Review / nonrtric.git / blobdiff