Fix some routing and configuration

2020-07-25 10:48:56 +02:00 · 2020-07-25 10:48:56 +02:00 · 3b8dee7fdf
parent cb9d28128f
commit 3b8dee7fdf
7 changed files with 32 additions and 17 deletions
--- a/config/default.ts
+++ b/config/default.ts
@ -1,12 +1,13 @@
 export default Object.assign(require("wms-core/config/default").default, {
    app: {
        name: 'ALDAP',
-        contact_email: 'contact@toot.party'
+        contact_email: 'contact@toot.party',
    },
    log_level: "DEV",
    db_log_level: "ERROR",
-    public_url: "http://localhost:4899",
+    base_url: "http://localhost:4899",
    public_websocket_url: "ws://localhost:4899",
+    domain: 'localhost:4899',
    port: 4899,
    mysql: {
        connectionLimit: 10,
@ -14,19 +15,19 @@ export default Object.assign(require("wms-core/config/default").default, {
        user: "root",
        password: "",
        database: "aldap",
-        create_database_automatically: false
+        create_database_automatically: false,
    },
    redis: {
        host: "127.0.0.1",
        port: 6379,
-        prefix: 'aldap'
+        prefix: 'aldap',
    },
    session: {
        secret: "very_secret_not_known",
        cookie: {
            secure: false,
            maxAge: 30 * 24 * 3600 * 1000,
-        }
+        },
    },
    mail: {
        host: "127.0.0.1",
@ -35,11 +36,14 @@ export default Object.assign(require("wms-core/config/default").default, {
        username: "",
        password: "",
        allow_invalid_tls: true,
-        from: 'contact@example.net',
-        from_name: 'Example App',
+        from: 'contact@toot.party',
+        from_name: 'ALDAP - toot.party',
    },
    view: {
-        cache: false
+        cache: false,
+    },
+    magic_link: {
+        validity_period: 20,
    },
    approval_mode: false,
-});
+});
--- a/config/production.ts
+++ b/config/production.ts
@ -1,8 +1,9 @@
 export default Object.assign(require("wms-core/config/production").default, {
    log_level: "DEBUG",
    db_log_level: "ERROR",
-    public_url: "https://aldap.toot.party",
+    base_url: "https://aldap.toot.party",
    public_websocket_url: "wss://aldap.toot.party",
+    domain: 'aldap.toot.party',
    session: {
        cookie: {
            secure: true
@ -11,5 +12,9 @@ export default Object.assign(require("wms-core/config/production").default, {
    mail: {
        secure: true,
        allow_invalid_tls: false
-    }
-});
+    },
+    magic_link: {
+        validity_period: 900,
+    },
+    approval_mode: true,
+});
--- a/src/controllers/AuthController.ts
+++ b/src/controllers/AuthController.ts
@ -11,8 +11,8 @@ import {ServerError} from "wms-core/HttpError";

 export default class AuthController extends _AuthController {
    routes(): void {
-        this.get('/login', this.getLogin, 'login', REQUIRE_GUEST_MIDDLEWARE);
-        this.post('/login', this.postLogin, 'login', REQUIRE_GUEST_MIDDLEWARE);
+        this.get('/login', this.getLogin, 'auth', REQUIRE_GUEST_MIDDLEWARE);
+        this.post('/login', this.postLogin, 'auth', REQUIRE_GUEST_MIDDLEWARE);
        this.get('/register', this.getRegister, 'register', REQUIRE_GUEST_MIDDLEWARE);
        this.post('/register', this.postRegister, 'register', REQUIRE_GUEST_MIDDLEWARE);
        this.post('/logout', this.postLogout, 'logout', REQUIRE_AUTH_MIDDLEWARE);
--- a/src/controllers/MagicLinkController.ts
+++ b/src/controllers/MagicLinkController.ts
@ -28,7 +28,7 @@ export default class MagicLinkController extends _MagicLinkController {
                })).save();

                req.flash('success', `Recovery email ${userEmail.email} successfully added.`);
-                res.redirect(Controller.route('home'));
+                res.redirect(Controller.route('account'));
                break;
        }
    }
--- a/views/account.njk
+++ b/views/account.njk
@ -24,6 +24,8 @@
                    {{ macros.field(_locals, 'email', 'email', null, 'Choose a safe email address', 'An email we can use to identify you in case you lose access to your account', 'required') }}

                    <button type="submit">Add recovery email</button>
+
+                    {{ macros.csrf(getCSRFToken) }}
                </form>
            </section>
        </main>
--- a/views/layouts/base.njk
+++ b/views/layouts/base.njk
@ -18,6 +18,10 @@
        <ul id="main-menu">
            <li><a href="{{ route('about') }}"><i data-feather="info"></i> <span class="tip">About</span></a></li>
            {% if user %}
+                {% if user.is_admin %}
+                    <li><a href="{{ route('backend') }}"><i data-feather="settings"></i> <span class="tip">Backend</span></a></li>
+                {% endif %}
+
                <li><a href="{{ route('account') }}"><i data-feather="user"></i>
                        <span class="tip">{{ user.name }}</span></a></li>
                <li>
@ -27,7 +31,7 @@
                    </form>
                </li>
            {% else %}
-                <li><a href="{{ route('login') }}"><i data-feather="log-in"></i> <span class="tip">Login</span></a></li>
+                <li><a href="{{ route('auth') }}"><i data-feather="log-in"></i> <span class="tip">Login</span></a></li>
                <li><a href="{{ route('register') }}"><i data-feather="user-plus"></i>
                        <span class="tip">Register</span></a></li>
            {% endif %}
--- a/views/login.njk
+++ b/views/login.njk
@ -7,7 +7,7 @@

    <div class="container">
        <div class="panel center">
-            <form action="{{ route('login') }}" method="POST">
+            <form action="{{ route('auth') }}" method="POST">
                {{ macros.field(_locals, 'email', 'email', null, 'Your email address', null, 'required') }}
                {{ macros.field(_locals, 'password', 'password', null, 'Your password', null, 'required') }}