Add prelaunch wall
This commit is contained in:
parent
c8f9947ef1
commit
4318edfce8
|
@ -11,5 +11,6 @@ export default Object.assign(require("wms-core/config/default").default, {
|
|||
host: "127.0.0.1",
|
||||
port: 6379,
|
||||
prefix: 'aldap'
|
||||
}
|
||||
},
|
||||
'prelaunch-password': '$argon2i$v=19$m=4096,t=3,p=1$V7njt+IBmIQ/epc7tuQcfA$ypJCNauYSPrjOhtb5UqTbRlqCHkEGikBApOrYmbdYC0',
|
||||
});
|
|
@ -1,2 +1,3 @@
|
|||
export default Object.assign(require("wms-core/config/production").default, {
|
||||
'prelaunch-password': 'CHANGE ME',
|
||||
});
|
|
@ -21,6 +21,7 @@ import AuthGuard from "wms-core/auth/AuthGuard";
|
|||
import {PasswordAuthProof} from "./models/UserPassword";
|
||||
import {MIGRATIONS} from "./migrations";
|
||||
import LDAPServerComponent from "./LDAPServerComponent";
|
||||
import PreLaunchWall from "./controllers/PreLaunchWall";
|
||||
|
||||
export default class Aldap extends Application {
|
||||
private readonly port: number;
|
||||
|
@ -91,6 +92,7 @@ export default class Aldap extends Application {
|
|||
}
|
||||
|
||||
private registerControllers() {
|
||||
this.use(new PreLaunchWall());
|
||||
this.use(new HomeController());
|
||||
this.use(new AuthController());
|
||||
}
|
||||
|
|
|
@ -0,0 +1,50 @@
|
|||
import Controller from "wms-core/Controller";
|
||||
import {Request, RequestHandler, Response} from "express";
|
||||
import {ForbiddenHttpError} from "wms-core/HttpError";
|
||||
import Validator from "wms-core/db/Validator";
|
||||
import argon2 from "argon2";
|
||||
import config from "config";
|
||||
|
||||
export default class PreLaunchWall extends Controller {
|
||||
public getGlobalHandlers(): RequestHandler[] {
|
||||
return [
|
||||
(req, res, next) => {
|
||||
if (!req.session) throw new ForbiddenHttpError('page', req.url);
|
||||
|
||||
if (!req.session.authorized) {
|
||||
const route = Controller.route('prelaunch-wall');
|
||||
if (req.url !== route) {
|
||||
res.redirect(route);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
next();
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
routes(): void {
|
||||
this.get('/prelaunch-wall', this.getWall, 'prelaunch-wall');
|
||||
this.post('/prelaunch-wall', this.postWall, 'prelaunch-wall');
|
||||
}
|
||||
|
||||
private async getWall(req: Request, res: Response) {
|
||||
res.render('prelaunch-wall');
|
||||
}
|
||||
|
||||
private async postWall(req: Request, res: Response) {
|
||||
await this.validate({
|
||||
password: new Validator().defined(),
|
||||
}, req.body);
|
||||
|
||||
if (await argon2.verify(config.get<string>('prelaunch-password'), req.body.password)) {
|
||||
req.session!.authorized = true;
|
||||
req.flash('success', 'Authentication success!');
|
||||
res.redirect(Controller.route('home'));
|
||||
}
|
||||
|
||||
req.flash('error', 'Invalid password.');
|
||||
res.redirectBack();
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
{% extends 'layouts/base.njk' %}
|
||||
|
||||
{% set title = 'ALDAP - Early access' %}
|
||||
|
||||
{% block body %}
|
||||
<div class="container">
|
||||
<div class="panel">
|
||||
<h1>{{ title }}</h1>
|
||||
|
||||
<form action="{{ route('prelaunch-wall') }}" method="POST">
|
||||
{{ macros.field(_locals, 'password', 'password', null, 'Enter password') }}
|
||||
|
||||
<button type="submit">Authenticate</button>
|
||||
|
||||
{{ macros.csrf(getCSRFToken) }}
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
Loading…
Reference in New Issue