2014-11-13 18:13:37 +01:00
|
|
|
var bodyParser = require('body-parser')
|
|
|
|
|
var Cookies = require('cookies')
|
|
|
|
|
var express = require('express')
|
|
|
|
|
var fs = require('fs')
|
|
|
|
|
var Handlebars = require('handlebars')
|
2014-12-10 07:14:31 +01:00
|
|
|
var renderReadme = require('render-readme')
|
2015-02-25 04:21:57 +01:00
|
|
|
var async = require('async')
|
2014-11-13 18:13:37 +01:00
|
|
|
var Search = require('./search')
|
|
|
|
|
var Middleware = require('./middleware')
|
|
|
|
|
var match = Middleware.match
|
|
|
|
|
var validate_name = Middleware.validate_name
|
2014-11-16 18:44:46 +01:00
|
|
|
var validate_pkg = Middleware.validate_package
|
2014-11-04 15:47:03 +01:00
|
|
|
|
2015-02-25 04:21:57 +01:00
|
|
|
module.exports = function(config, auth, storage, package_provider) {
|
2014-11-13 18:13:37 +01:00
|
|
|
var app = express.Router()
|
2015-02-25 04:21:57 +01:00
|
|
|
var can = Middleware.allow(config, package_provider)
|
2014-11-13 16:52:13 +01:00
|
|
|
|
2014-11-13 18:13:37 +01:00
|
|
|
// validate all of these params as a package name
|
|
|
|
|
// this might be too harsh, so ask if it causes trouble
|
2014-11-16 18:44:46 +01:00
|
|
|
app.param('package', validate_pkg)
|
2014-11-13 18:13:37 +01:00
|
|
|
app.param('filename', validate_name)
|
|
|
|
|
app.param('version', validate_name)
|
|
|
|
|
app.param('anything', match(/.*/))
|
|
|
|
|
|
2014-11-12 12:14:37 +01:00
|
|
|
app.use(Cookies.express())
|
2014-11-13 17:15:50 +01:00
|
|
|
app.use(bodyParser.urlencoded({ extended: false }))
|
2014-11-12 12:14:37 +01:00
|
|
|
app.use(auth.cookie_middleware())
|
|
|
|
|
app.use(function(req, res, next) {
|
|
|
|
|
// disable loading in frames (clickjacking, etc.)
|
|
|
|
|
res.header('X-Frame-Options', 'deny')
|
|
|
|
|
next()
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Search.configureStorage(storage)
|
|
|
|
|
|
2015-02-25 23:15:36 +01:00
|
|
|
if(config.web && config.web.template) {
|
|
|
|
|
var template = Handlebars.compile(fs.readFileSync(config.web.template, 'utf8'));
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
Handlebars.registerPartial('entry', fs.readFileSync(require.resolve('./GUI/entry.hbs'), 'utf8'))
|
|
|
|
|
var template = Handlebars.compile(fs.readFileSync(require.resolve('./GUI/index.hbs'), 'utf8'))
|
|
|
|
|
}
|
2014-11-12 12:14:37 +01:00
|
|
|
app.get('/', function(req, res, next) {
|
2015-03-29 21:59:08 +02:00
|
|
|
var base = config.url_prefix
|
|
|
|
|
? config.url_prefix.replace(/\/$/, '')
|
|
|
|
|
: req.protocol + '://' + req.get('host')
|
2014-11-12 12:14:37 +01:00
|
|
|
res.setHeader('Content-Type', 'text/html')
|
|
|
|
|
|
|
|
|
|
storage.get_local(function(err, packages) {
|
|
|
|
|
if (err) throw err // that function shouldn't produce any
|
2015-02-25 04:21:57 +01:00
|
|
|
async.filterSeries(packages, function(package, cb) {
|
|
|
|
|
package_provider.allow_access(package.name, req.remote_user, function(err, allowed) {
|
|
|
|
|
if(err) cb(false)
|
|
|
|
|
else cb(allowed)
|
|
|
|
|
})
|
|
|
|
|
}, function(packages) {
|
|
|
|
|
next(template({
|
|
|
|
|
name: config.web && config.web.title ? config.web.title : 'Sinopia',
|
|
|
|
|
packages: packages,
|
|
|
|
|
baseUrl: base,
|
|
|
|
|
username: req.remote_user.name,
|
|
|
|
|
}))
|
|
|
|
|
})
|
2014-11-12 12:14:37 +01:00
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Static
|
|
|
|
|
app.get('/-/static/:filename', function(req, res, next) {
|
|
|
|
|
var file = __dirname + '/static/' + req.params.filename
|
2014-11-13 17:15:50 +01:00
|
|
|
res.sendFile(file, function(err) {
|
2014-11-13 19:32:31 +01:00
|
|
|
if (!err) return
|
2014-11-12 17:25:33 +01:00
|
|
|
if (err.status === 404) {
|
|
|
|
|
next()
|
2014-11-12 12:14:37 +01:00
|
|
|
} else {
|
2014-11-12 17:25:33 +01:00
|
|
|
next(err)
|
2014-11-12 12:14:37 +01:00
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
app.get('/-/logo', function(req, res, next) {
|
2015-03-29 21:59:08 +02:00
|
|
|
res.sendFile( config.web && config.web.logo
|
|
|
|
|
? config.web.logo
|
|
|
|
|
: __dirname + '/static/logo-sm.png' )
|
2014-11-12 12:14:37 +01:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
app.post('/-/login', function(req, res, next) {
|
2014-11-16 13:37:50 +01:00
|
|
|
auth.authenticate(req.body.user, req.body.pass, function(err, user) {
|
|
|
|
|
if (!err) {
|
|
|
|
|
req.remote_user = user
|
2014-11-24 20:46:37 +01:00
|
|
|
//res.cookies.set('token', auth.issue_token(req.remote_user))
|
|
|
|
|
|
|
|
|
|
var str = req.body.user + ':' + req.body.pass
|
|
|
|
|
res.cookies.set('token', auth.aes_encrypt(str).toString('base64'))
|
2014-11-16 13:37:50 +01:00
|
|
|
}
|
|
|
|
|
|
2015-03-29 21:59:08 +02:00
|
|
|
var base = config.url_prefix
|
|
|
|
|
? config.url_prefix.replace(/\/$/, '')
|
|
|
|
|
: req.protocol + '://' + req.get('host')
|
2014-11-16 13:37:50 +01:00
|
|
|
res.redirect(base)
|
|
|
|
|
})
|
2014-11-12 12:14:37 +01:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
app.post('/-/logout', function(req, res, next) {
|
2015-03-29 21:59:08 +02:00
|
|
|
var base = config.url_prefix
|
|
|
|
|
? config.url_prefix.replace(/\/$/, '')
|
|
|
|
|
: req.protocol + '://' + req.get('host')
|
2014-11-12 12:14:37 +01:00
|
|
|
res.cookies.set('token', '')
|
|
|
|
|
res.redirect(base)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Search
|
|
|
|
|
app.get('/-/search/:anything', function(req, res, next) {
|
2014-11-13 16:52:13 +01:00
|
|
|
var results = Search.query(req.params.anything)
|
|
|
|
|
var packages = []
|
2014-11-12 12:14:37 +01:00
|
|
|
|
|
|
|
|
var getData = function(i) {
|
|
|
|
|
storage.get_package(results[i].ref, function(err, entry) {
|
|
|
|
|
if (!err && entry) {
|
|
|
|
|
packages.push(entry.versions[entry['dist-tags'].latest])
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (i >= results.length - 1) {
|
2014-11-13 19:32:31 +01:00
|
|
|
next(packages)
|
2014-11-12 12:14:37 +01:00
|
|
|
} else {
|
|
|
|
|
getData(i + 1)
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (results.length) {
|
|
|
|
|
getData(0)
|
|
|
|
|
} else {
|
2014-11-13 19:32:31 +01:00
|
|
|
next([])
|
2014-11-12 12:14:37 +01:00
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
2014-11-13 16:52:13 +01:00
|
|
|
app.get('/-/readme/:package/:version?', can('access'), function(req, res, next) {
|
2014-11-12 12:14:37 +01:00
|
|
|
storage.get_package(req.params.package, {req: req}, function(err, info) {
|
|
|
|
|
if (err) return next(err)
|
2014-12-10 07:14:31 +01:00
|
|
|
next( renderReadme(info.readme || 'ERROR: No README data found!') )
|
2014-11-12 12:14:37 +01:00
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
return app
|
2014-09-06 21:53:28 +02:00
|
|
|
}
|
2014-11-12 12:14:37 +01:00
|
|
|
|
