2016-12-17 08:06:40 +07:00
|
|
|
|
|
|
|
|
module.exports = {
|
|
|
|
|
run: run
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var routes = require('./routes');
|
|
|
|
|
|
|
|
|
|
var express = require('express');
|
|
|
|
|
var bodyParser = require('body-parser');
|
|
|
|
|
var speakeasy = require('speakeasy');
|
2016-12-18 01:36:41 +07:00
|
|
|
var path = require('path');
|
2017-01-21 23:41:06 +07:00
|
|
|
var session = require('express-session');
|
|
|
|
|
var winston = require('winston');
|
2017-01-22 02:24:35 +07:00
|
|
|
var UserDataStore = require('./user_data_store');
|
2017-01-22 23:54:45 +07:00
|
|
|
var EmailSender = require('./email_sender');
|
2017-01-27 07:20:03 +07:00
|
|
|
var identity_check = require('./identity_check');
|
2016-12-17 08:06:40 +07:00
|
|
|
|
2017-01-27 07:20:03 +07:00
|
|
|
function run(config, ldap_client, deps, fn) {
|
2016-12-18 01:36:41 +07:00
|
|
|
var view_directory = path.resolve(__dirname, '../views');
|
|
|
|
|
var public_html_directory = path.resolve(__dirname, '../public_html');
|
2017-01-22 02:24:35 +07:00
|
|
|
var datastore_options = {};
|
|
|
|
|
datastore_options.directory = config.store_directory;
|
2016-12-18 01:36:41 +07:00
|
|
|
|
2017-01-22 23:54:45 +07:00
|
|
|
var email_options = {};
|
|
|
|
|
email_options.gmail = config.gmail;
|
|
|
|
|
|
2016-12-17 08:06:40 +07:00
|
|
|
var app = express();
|
2016-12-18 01:36:41 +07:00
|
|
|
app.use(express.static(public_html_directory));
|
2016-12-17 08:06:40 +07:00
|
|
|
app.use(bodyParser.urlencoded({ extended: false }));
|
2017-01-21 23:41:06 +07:00
|
|
|
app.use(bodyParser.json());
|
|
|
|
|
app.set('trust proxy', 1); // trust first proxy
|
|
|
|
|
|
|
|
|
|
app.use(session({
|
|
|
|
|
secret: config.session_secret,
|
|
|
|
|
resave: false,
|
|
|
|
|
saveUninitialized: true,
|
|
|
|
|
cookie: {
|
|
|
|
|
secure: false,
|
|
|
|
|
maxAge: config.session_max_age
|
|
|
|
|
},
|
|
|
|
|
}));
|
2016-12-17 08:06:40 +07:00
|
|
|
|
2016-12-18 01:36:41 +07:00
|
|
|
app.set('views', view_directory);
|
2016-12-17 08:06:40 +07:00
|
|
|
app.set('view engine', 'ejs');
|
|
|
|
|
|
2017-01-23 00:18:19 +07:00
|
|
|
winston.level = config.debug_level || 'info';
|
2017-01-21 23:41:06 +07:00
|
|
|
|
|
|
|
|
app.set('logger', winston);
|
2017-01-27 07:20:03 +07:00
|
|
|
app.set('ldap', deps.ldap);
|
2016-12-17 08:06:40 +07:00
|
|
|
app.set('ldap client', ldap_client);
|
|
|
|
|
app.set('totp engine', speakeasy);
|
2017-01-27 07:20:03 +07:00
|
|
|
app.set('u2f', deps.u2f);
|
|
|
|
|
app.set('user data store', new UserDataStore(deps.nedb, datastore_options));
|
|
|
|
|
app.set('email sender', new EmailSender(deps.nodemailer, email_options));
|
2016-12-17 08:06:40 +07:00
|
|
|
app.set('config', config);
|
2017-01-27 07:20:03 +07:00
|
|
|
|
|
|
|
|
var base_endpoint = '/authentication';
|
2016-12-17 08:06:40 +07:00
|
|
|
|
2017-01-22 23:54:45 +07:00
|
|
|
// web pages
|
2017-01-27 07:20:03 +07:00
|
|
|
app.get (base_endpoint + '/login', routes.login);
|
|
|
|
|
app.get (base_endpoint + '/logout', routes.logout);
|
|
|
|
|
|
|
|
|
|
identity_check(app, base_endpoint + '/u2f-register', routes.u2f_register.icheck_interface);
|
|
|
|
|
identity_check(app, base_endpoint + '/reset-password', routes.reset_password.icheck_interface);
|
|
|
|
|
app.get (base_endpoint + '/reset-password-form', function(req, res) { res.render('reset-password-form'); });
|
2016-12-17 08:06:40 +07:00
|
|
|
|
2017-01-27 07:20:03 +07:00
|
|
|
// Reset the password
|
|
|
|
|
app.post (base_endpoint + '/new-password', routes.reset_password.post);
|
2017-01-22 23:54:45 +07:00
|
|
|
|
|
|
|
|
// verify authentication
|
2017-01-27 07:20:03 +07:00
|
|
|
app.get (base_endpoint + '/verify', routes.verify);
|
2017-01-21 23:41:06 +07:00
|
|
|
|
2017-01-22 23:54:45 +07:00
|
|
|
// Authentication process
|
2017-01-27 07:20:03 +07:00
|
|
|
app.post (base_endpoint + '/1stfactor', routes.first_factor);
|
|
|
|
|
app.post (base_endpoint + '/2ndfactor/totp', routes.second_factor.totp);
|
2017-01-19 07:01:37 +07:00
|
|
|
|
2017-01-27 07:20:03 +07:00
|
|
|
app.get (base_endpoint + '/2ndfactor/u2f/register_request', routes.second_factor.u2f.register_request);
|
|
|
|
|
app.post (base_endpoint + '/2ndfactor/u2f/register', routes.second_factor.u2f.register);
|
2017-01-22 23:54:45 +07:00
|
|
|
|
2017-01-27 07:20:03 +07:00
|
|
|
app.get (base_endpoint + '/2ndfactor/u2f/sign_request', routes.second_factor.u2f.sign_request);
|
|
|
|
|
app.post (base_endpoint + '/2ndfactor/u2f/sign', routes.second_factor.u2f.sign);
|
2016-12-17 08:06:40 +07:00
|
|
|
|
2017-01-21 23:41:06 +07:00
|
|
|
return app.listen(config.port, function(err) {
|
2016-12-17 08:06:40 +07:00
|
|
|
console.log('Listening on %d...', config.port);
|
2017-01-21 23:41:06 +07:00
|
|
|
if(fn) fn();
|
2016-12-17 08:06:40 +07:00
|
|
|
});
|
|
|
|
|
}
|
