diff --git a/index.js b/index.js index 3920065..e05b060 100644 --- a/index.js +++ b/index.js @@ -24,21 +24,6 @@ curl -X PUT 'http://localhost:9200/changelog' -d ' const authorizationToken = process.env.AUTH_TOKEN || "hello"; const port = process.env.APP_PORT || 3000; -function requireAuthentication( req, res, next ){ - const userAuth = req.get("AuthorizationToken") || req.query.authorizationToken; - console.log( "userAuth : "+userAuth) - if( userAuth && userAuth === authorizationToken ) next(); - else res.end("Auth required"); -} - - -const elasticsearch = require('elasticsearch'); -var client = new elasticsearch.Client({ - host: process.env.ES_CONNECT, -// log: 'trace', - apiVersion: '7.7' -}); - const express = require('express'); const app = express(); @@ -46,9 +31,6 @@ const app = express(); app.set('view engine', 'pug'); app.use(express.static('public')); -app.all('*', requireAuthentication) - - const bodyParser = require('body-parser'); app.use(bodyParser.json()); app.use(bodyParser.raw()); @@ -56,73 +38,30 @@ app.use(bodyParser.text({ type : "text/*" })); app.disable('x-powered-by'); -const routes = { - main: (req, res) => { - client.search({index:"changelog", "size":100,"sort":"created_at:desc"}).then( (results,err) => { - res.render('index', { - title: 'changelog', - error: err, - data: JSON.stringify( results), - authorizationToken: authorizationToken - }); - - }); - - }, - search: (req, res) => { - const query = req.query.q; - const search = { - index:"changelog", - size:100, - body:{ - query:{ - multi_match:{ - query: query - } - } - }, - sort:"_score,created_at:desc" - }; - client.search(search).then( (results,err) => { - res.json(results ); - - }, (err) => { - res.status(404); - res.json({data: {} }); - }); - - }, - health: (req, res) => { - - // Do an ES request - client.ping({ requestTimeout: 100}).then( - () => { - res.json({"health":100,"msg":"OK"}); - }, () => { - res.json({"health":0,"msg":"Lost connection to ES"}); - }); - }, - add: (req, res) => { - - const body = req.body; - body.created_at = new Date().toISOString(); - client.index({ - index: 'changelog', - body: body - }).then( (e) => { - res.end("ok"); - - }, (e) => { - res.status(400); - res.end("error"); - }); - } -}; - +var cookieParser = require('cookie-parser') +app.use(cookieParser('secret')) +function requireAuthentication( req, res, next ){ + var userAuth = ''; + + if( req.signedCookies.AuthorizationToken){ + userAuth = req.signedCookies.AuthorizationToken; + } + else if( "AuthorizationToken" in req.query ){ + userAuth = req.query.AuthorizationToken; + res.cookie('AuthorizationToken', userAuth, {signed: true}); + }else if (req.get("AuthorizationToken") ){ + userAuth = req.get('AuthorizationToken'); + } + console.log( `user : ${userAuth}, auth: ${authorizationToken}` ) + if( userAuth && userAuth === authorizationToken ){ + next(); + } + else res.end("Auth required");} +app.all('*', requireAuthentication); +const routes = require( "./routes"); app.get('/health', routes.health); app.get('/search', routes.search); - app.post('/*', routes.add); app.get('/*', routes.main); app.patch('/*', routes.main); diff --git a/package-lock.json b/package-lock.json index 623d426..774eb66 100644 --- a/package-lock.json +++ b/package-lock.json @@ -212,6 +212,15 @@ "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.0.tgz", "integrity": "sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg==" }, + "cookie-parser": { + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.4.5.tgz", + "integrity": "sha512-f13bPUj/gG/5mDr+xLmSxxDsB9DQiTIfhJS/sqjrmfAWiAN+x2O4i/XguTL9yDZ+/IFDanJ+5x7hC4CXT9Tdzw==", + "requires": { + "cookie": "0.4.0", + "cookie-signature": "1.0.6" + } + }, "cookie-signature": { "version": "1.0.6", "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", diff --git a/package.json b/package.json index 06512df..43a1c87 100644 --- a/package.json +++ b/package.json @@ -10,6 +10,7 @@ "license": "GPLv3", "dependencies": { "body-parser": "^1.18.3", + "cookie-parser": "^1.4.5", "elasticsearch": "^16.7.1", "express": "^4.17.1", "lodash": "^4.17.10", diff --git a/routes/index.js b/routes/index.js new file mode 100644 index 0000000..854cb4e --- /dev/null +++ b/routes/index.js @@ -0,0 +1,73 @@ +"use strict" + +const elasticsearch = require('elasticsearch'); +var client = new elasticsearch.Client({ + host: process.env.ES_CONNECT, +// log: 'trace', + apiVersion: '7.7' +}); + + +const routes = { + main: (req, res) => { + client.search({index:"changelog", "size":100,"sort":"created_at:desc"}).then( (results,err) => { + res.render('index', { + title: 'changelog', + error: err, + data: JSON.stringify( results), + authorizationToken: process.env.AUTH_TOKEN + }); + + }); + + }, + search: (req, res) => { + const query = req.query.q; + const search = { + index:"changelog", + size:100, + body:{ + query:{ + multi_match:{ + query: query + } + } + }, + sort:"_score,created_at:desc" + }; + client.search(search).then( (results,err) => { + res.json(results ); + + }, (err) => { + res.status(404); + res.json({data: {} }); + }); + + }, + health: (req, res) => { + + // Do an ES request + client.ping({ requestTimeout: 100}).then( + () => { + res.json({"health":100,"msg":"OK"}); + }, () => { + res.json({"health":0,"msg":"Lost connection to ES"}); + }); + }, + add: (req, res) => { + + const body = req.body; + body.created_at = new Date().toISOString(); + client.index({ + index: 'changelog', + body: body + }).then( (e) => { + res.end("ok"); + + }, (e) => { + res.status(400); + res.end("error"); + }); + } +}; +module.exports = routes; \ No newline at end of file diff --git a/views/index.pug b/views/index.pug index e45a6f2..041ad2b 100644 --- a/views/index.pug +++ b/views/index.pug @@ -31,6 +31,5 @@ html(lang="en") script. var initData = !{data}; - var authorizationToken = " !{authorizationToken}"; script(type = "text/javascript",src='/js/app.js')