Blame | Historie | Raw
dh_ackergaul
vor 3 Tagen 5bbf43c1b146439ab882815c12ed6292f1d7b4df 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104

const ProcessArguments = require("./ProcessArguments"); 


const LocalFurnplan = require("./LocalFurnplan"); 


 


const { BaseAuthenticationService } = require("./BaseAuthenticationService"); 


 


module.exports.OpusAuthenticationService = class extends BaseAuthenticationService { 


    login(req, res) { 


        return res.view(); 


    } 


 


    async login_form(req, res) { 


        req.body.customerNo = req.body.customerNo || ""; 


        req.body.username = req.body.username || ""; 


        req.body.password = req.body.password || ""; 


 


        req.body.customerNo.trim(); 


 


        if (req.body.customerNo.toLowerCase() == "admin" && req.body.username.toLowerCase() == "admin") { 


            return res.json({ url: "/nice-try-dude", sessionId: "1337" }); 


        } 


 


        // use access manager for protection from brute force attacks 


        AccessManagerService.create(req.auth_cookie); 


 


        const accessManager = req.auth_cookie.accessManager; 


 


        accessManager.setMaxTries(3).setPause(30); 


 


        if (accessManager.canTry()) { 


            try { 


                let user; 


 


                if (ProcessArguments.isLocal()) { 


                    const customerNoOrTenant = req.body.customerNo; 


 


                    const credential = await FurncloudCredential.findOne({ customerNo: customerNoOrTenant }); 


                    const existsCustomerNo = !!credential; 


 


                    if (existsCustomerNo) { 


                        // use customer number as specified 


                        user = await Opus.login(customerNoOrTenant, "offlineUser", "offlineUser"); 


                    } 


                    else { 


                        // customer number seems to be a tenant, so try to find the corresponding customer number 


                        const projectPath = await LocalFurnplan.getCustomerProjectsPath(customerNoOrTenant); 


                        const customerNo = await LocalFurnplan.getCustomerNo(projectPath); 


 


                        user = await Opus.login(customerNo, "offlineUser", "offlineUser"); 


                    } 


                } 


                else { 


                    user = await Opus.login(req.body.customerNo, req.body.username, req.body.password, Helper.isLocalRequest(req.connection.remoteAddress) || !sails.config.needsAuth); 


                } 


 


                const configuration = await UseCaseConfiguration.findOne({ 


                    customerNo: req.body.customerNo, 


                    externalConf: true 


                }); 


 


                if (configuration) user.data.config = configuration.id; 


 


                await Session.update({ _id: req.session._id }, { $addToSet: { users: user } }); 


 


                Winston.info((new Date).toISOString(), "Login granted with provided credentials:", req.body.customerNo, "/", req.body.username, "/", "***CENSORED***"); 


 


                // delete access manager if everything went fine 


                delete req.auth_cookie.accessManager; 


 


                if (req.query.oriReq) return res.json({ url: req.query.oriReq, sessionId: user.opusSessionId }); 


 


                return res.json({ url: "/", sessionId: user.opusSessionId }); 


            } 


            catch (e) { 


                Winston.error(e); 


                accessManager.failed(); 


 


                // TODO: i18n 


                return res.json(422, { error: "Ungültige Zugangsdaten" }); 


            } 


        } 


        else { 


            // TODO: i18n 


            return res.json(422, { error: "Zugang gesperrt" }); 


        } 


    } 


 


    async logout(req, res) { 


        if (req.user) { 


            // close furnplan instance 


            FurnplanNodeManager.closeInstance(req.user.opusSessionId); 


 


            await Session.update({ _id: req.session._id }, { $pull: { users: { _id: req.user._id } } }); 


            delete req.user; 


        } 


 


        let redirection = "/login"; 


        if (req.headers && req.headers.referer) { 


            if (new RegExp("article-url-configurator").test(req.headers.referer)) { 


                redirection = "/article-url-configurator"; 


            } 


        } 


        return res.json({ url: redirection }); 


    } 


};