Add prelaunch wall

2020-04-25 16:13:40 +02:00 · 2020-04-25 16:13:40 +02:00 · 4318edfce8
parent c8f9947ef1
commit 4318edfce8
5 changed files with 74 additions and 1 deletions
--- a/config/default.ts
+++ b/config/default.ts
@ -11,5 +11,6 @@ export default Object.assign(require("wms-core/config/default").default, {
        host: "127.0.0.1",
        port: 6379,
        prefix: 'aldap'
-    }
+    },
+    'prelaunch-password': '$argon2i$v=19$m=4096,t=3,p=1$V7njt+IBmIQ/epc7tuQcfA$ypJCNauYSPrjOhtb5UqTbRlqCHkEGikBApOrYmbdYC0',
 });
--- a/config/production.ts
+++ b/config/production.ts
@ -1,2 +1,3 @@
 export default Object.assign(require("wms-core/config/production").default, {
+    'prelaunch-password': 'CHANGE ME',
 });
--- a/src/Aldap.ts
+++ b/src/Aldap.ts
@ -21,6 +21,7 @@ import AuthGuard from "wms-core/auth/AuthGuard";
 import {PasswordAuthProof} from "./models/UserPassword";
 import {MIGRATIONS} from "./migrations";
 import LDAPServerComponent from "./LDAPServerComponent";
+import PreLaunchWall from "./controllers/PreLaunchWall";

 export default class Aldap extends Application {
    private readonly port: number;
@ -91,6 +92,7 @@ export default class Aldap extends Application {
    }

    private registerControllers() {
+        this.use(new PreLaunchWall());
        this.use(new HomeController());
        this.use(new AuthController());
    }
--- a/src/controllers/PreLaunchWall.ts
+++ b/src/controllers/PreLaunchWall.ts
@ -0,0 +1,50 @@
+import Controller from "wms-core/Controller";
+import {Request, RequestHandler, Response} from "express";
+import {ForbiddenHttpError} from "wms-core/HttpError";
+import Validator from "wms-core/db/Validator";
+import argon2 from "argon2";
+import config from "config";
+
+export default class PreLaunchWall extends Controller {
+    public getGlobalHandlers(): RequestHandler[] {
+        return [
+            (req, res, next) => {
+                if (!req.session) throw new ForbiddenHttpError('page', req.url);
+
+                if (!req.session.authorized) {
+                    const route = Controller.route('prelaunch-wall');
+                    if (req.url !== route) {
+                        res.redirect(route);
+                        return;
+                    }
+                }
+
+                next();
+            }
+        ];
+    }
+
+    routes(): void {
+        this.get('/prelaunch-wall', this.getWall, 'prelaunch-wall');
+        this.post('/prelaunch-wall', this.postWall, 'prelaunch-wall');
+    }
+
+    private async getWall(req: Request, res: Response) {
+        res.render('prelaunch-wall');
+    }
+
+    private async postWall(req: Request, res: Response) {
+        await this.validate({
+            password: new Validator().defined(),
+        }, req.body);
+
+        if (await argon2.verify(config.get<string>('prelaunch-password'), req.body.password)) {
+            req.session!.authorized = true;
+            req.flash('success', 'Authentication success!');
+            res.redirect(Controller.route('home'));
+        }
+
+        req.flash('error', 'Invalid password.');
+        res.redirectBack();
+    }
+}
--- a/views/prelaunch-wall.njk
+++ b/views/prelaunch-wall.njk
@ -0,0 +1,19 @@
+{% extends 'layouts/base.njk' %}
+
+{% set title = 'ALDAP - Early access' %}
+
+{% block body %}
+    <div class="container">
+        <div class="panel">
+            <h1>{{ title }}</h1>
+
+            <form action="{{ route('prelaunch-wall') }}" method="POST">
+                {{ macros.field(_locals, 'password', 'password', null, 'Enter password') }}
+
+                <button type="submit">Authenticate</button>
+
+                {{ macros.csrf(getCSRFToken) }}
+            </form>
+        </div>
+    </div>
+{% endblock %}