1
0
Fork 0

Make angular client load dynamically the generated client id/secret

This commit is contained in:
Chocobozzz 2016-04-27 22:11:48 +02:00
parent 2693922352
commit 23a5a916db
3 changed files with 46 additions and 0 deletions

View file

@ -11,12 +11,29 @@ export class AuthService {
private _loginChanged;
private _baseLoginUrl = '/api/v1/users/token';
private _baseClientUrl = '/api/v1/users/client';
private _clientId = '56f055587305d40b21904240';
private _clientSecret = 'megustalabanana';
constructor (private http: Http) {
this._loginChanged = new Subject<AuthStatus>();
this.loginChanged$ = this._loginChanged.asObservable();
// Fetch the client_id/client_secret
// FIXME: save in local storage?
this.http.get(this._baseClientUrl)
.map(res => res.json())
.catch(this.handleError)
.subscribe(
result => {
this._clientId = result.client_id;
this._clientSecret = result.client_secret;
console.log('Client credentials loaded.');
},
error => {
alert(error);
}
)
}
login(username: string, password: string) {

View file

@ -1,13 +1,16 @@
'use strict'
const config = require('config')
const express = require('express')
const oAuth2 = require('../../../middlewares/oauth2')
const middleware = require('../../../middlewares')
const cacheMiddleware = middleware.cache
const Users = require('../../../models/users')
const router = express.Router()
router.get('/client', cacheMiddleware.cache(false), getAngularClient)
router.post('/token', cacheMiddleware.cache(false), oAuth2.token, success)
// ---------------------------------------------------------------------------
@ -16,6 +19,27 @@ module.exports = router
// ---------------------------------------------------------------------------
function getAngularClient (req, res, next) {
const server_host = config.get('webserver.host')
const server_port = config.get('webserver.port')
let header_host_should_be = server_host
if (server_port !== 80 && server_port !== 443) {
header_host_should_be += ':' + server_port
}
if (req.get('host') !== header_host_should_be) return res.type('json').status(403).end()
Users.getFirstClient(function (err, client) {
if (err) return next(err)
if (!client) return next(new Error('No client available.'))
res.json({
client_id: client._id,
client_secret: client.clientSecret
})
})
}
function success (req, res, next) {
res.end()
}

View file

@ -35,6 +35,7 @@ const Users = {
getAccessToken: getAccessToken,
getClient: getClient,
getClients: getClients,
getFirstClient: getFirstClient,
getRefreshToken: getRefreshToken,
getUser: getUser,
getUsers: getUsers,
@ -64,6 +65,10 @@ function getAccessToken (bearerToken, callback) {
return OAuthTokensDB.findOne({ accessToken: bearerToken }).populate('user')
}
function getFirstClient (callback) {
return OAuthClientsDB.findOne({}, callback)
}
function getClient (clientId, clientSecret) {
logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').')