From 079822dfecfba659a491034c447c679dab2424c7 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Mon, 9 May 2016 16:27:35 -0400 Subject: Start extending to support GitLab authentication. Add necessary dependency. Add baseURL parameter for self-hosted GitLab Add necessary require. Add block for GitLab auth. Fix typo Update font-awesome dependency for GitLab icon. Use a color closer to GitLab orange. More direct TODO --- app.js | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'app.js') diff --git a/app.js b/app.js index c3c824a6..a6eded98 100644 --- a/app.js +++ b/app.js @@ -292,6 +292,23 @@ if (config.github) { //github callback actions app.get('/auth/github/callback/:noteId/:action', response.githubActions); } +//gitlab auth +if (config.gitlab) { + app.get('/auth/gitlab', + passport.authenticate('gitlab'), + function (req, res) {}); + //gitlab auth callback + app.get('/auth/gitlab/callback', + passport.authenticate('gitlab', { + failureRedirect: config.serverurl + }), + function (req, res) { + res.redirect(config.serverurl); + }); + //gitlab callback actions + // TODO: Maybe in the future + //app.get('/auth/gitlab/callback/:noteId/:action', response.gitlabActions); +} //dropbox auth if (config.dropbox) { app.get('/auth/dropbox', -- cgit v1.2.3 From ad79b581bda79ef2be0d6ad1a192fc7d0afef2f0 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Wed, 11 May 2016 17:06:18 -0400 Subject: End-point to get GitLab data. --- app.js | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'app.js') diff --git a/app.js b/app.js index a6eded98..964a3a81 100644 --- a/app.js +++ b/app.js @@ -16,6 +16,7 @@ var formidable = require('formidable'); var morgan = require('morgan'); var passportSocketIo = require("passport.socketio"); var helmet = require('helmet'); +var request = require('request'); //core var config = require("./lib/config.js"); @@ -82,6 +83,9 @@ var sessionStore = new SequelizeStore({ //compression app.use(compression()); +//cookies +app.use(cookieParser()); + // use hsts to tell https users stick to this app.use(helmet.hsts({ maxAge: 31536000 * 1000, // 365 days @@ -438,6 +442,18 @@ app.post('/uploadimage', function (req, res) { } }); }); +//get gitlab parameters +app.get('/gitlab', function (req, res) { + var ret = { baseURL: config.gitlab.baseURL }; + models.User.findById(req.cookies.userid) + .then(function(user) { + ret.accesstoken = user.accessToken; + return res.send(ret); + }).catch(function(err) { + logger.error('user search failed: ' + err); + return done(err, null); + }); +}); //get new note app.get("/new", response.newNote); //get publish note -- cgit v1.2.3 From c16345ab128288b92023e789f09cabb5197d1181 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Thu, 12 May 2016 11:19:14 -0400 Subject: Can now select from available projects and snippets to build import URL. --- app.js | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'app.js') diff --git a/app.js b/app.js index 964a3a81..60eb61b5 100644 --- a/app.js +++ b/app.js @@ -448,10 +448,20 @@ app.get('/gitlab', function (req, res) { models.User.findById(req.cookies.userid) .then(function(user) { ret.accesstoken = user.accessToken; - return res.send(ret); + request( + config.gitlab.baseURL + '/api/v3/projects?access_token=' + user.accessToken, + function(error, httpResponse, body) { + if (!error && httpResponse.statusCode == 200) { + ret.projects = JSON.parse(body); + return res.send(ret); + } else { + return res.send(ret); + } + } + ); }).catch(function(err) { logger.error('user search failed: ' + err); - return done(err, null); + return response.errorInternalError(res); }); }); //get new note -- cgit v1.2.3 From d6316a24c95209389302375a4ba00d32f01eef86 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Thu, 12 May 2016 14:18:36 -0400 Subject: Only pull projects the user owns. --- app.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app.js') diff --git a/app.js b/app.js index 5d847f76..a89a4e29 100644 --- a/app.js +++ b/app.js @@ -449,7 +449,7 @@ app.get('/gitlab', function (req, res) { .then(function(user) { ret.accesstoken = user.accessToken; request( - config.gitlab.baseURL + '/api/v3/projects?access_token=' + user.accessToken, + config.gitlab.baseURL + '/api/v3/projects/owned?access_token=' + user.accessToken, function(error, httpResponse, body) { if (!error && httpResponse.statusCode == 200) { ret.projects = JSON.parse(body); -- cgit v1.2.3 From 31d978e4507765da104d0aafebd2e757d8103df1 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Thu, 12 May 2016 14:26:43 -0400 Subject: Revert last change. --- app.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app.js') diff --git a/app.js b/app.js index a89a4e29..5d847f76 100644 --- a/app.js +++ b/app.js @@ -449,7 +449,7 @@ app.get('/gitlab', function (req, res) { .then(function(user) { ret.accesstoken = user.accessToken; request( - config.gitlab.baseURL + '/api/v3/projects/owned?access_token=' + user.accessToken, + config.gitlab.baseURL + '/api/v3/projects?access_token=' + user.accessToken, function(error, httpResponse, body) { if (!error && httpResponse.statusCode == 200) { ret.projects = JSON.parse(body); -- cgit v1.2.3 From 930afdc33738a487bd9e596c5d35bc9f686eaaa1 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Fri, 13 May 2016 10:32:30 -0400 Subject: Show only projects where user is creator, has project access >= 20, or has group access. --- app.js | 1 + 1 file changed, 1 insertion(+) (limited to 'app.js') diff --git a/app.js b/app.js index 5d847f76..35408bb0 100644 --- a/app.js +++ b/app.js @@ -448,6 +448,7 @@ app.get('/gitlab', function (req, res) { models.User.findById(req.cookies.userid) .then(function(user) { ret.accesstoken = user.accessToken; + ret.profileid = user.profileid; request( config.gitlab.baseURL + '/api/v3/projects?access_token=' + user.accessToken, function(error, httpResponse, body) { -- cgit v1.2.3