Skip to content

Commit

Permalink
No commit message
Browse files Browse the repository at this point in the history
  • Loading branch information
nicolaslabbe committed Nov 22, 2016
1 parent e416161 commit 20c0d7d
Show file tree
Hide file tree
Showing 38 changed files with 1,599 additions and 444 deletions.
7 changes: 4 additions & 3 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,20 +15,21 @@
"start": "node --debug --harmony ./dist/server/index.js",
"startpm2": "pm2 startOrRestart ./processes.json",
"babel": "babelify --presets [ es2015 ] src/server/public/scripts/template-engine.js -o src/server/public/scripts/template-engine-compiled.js",
"watch": "./node_modules/.bin/parallelshell './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/template-engine.js -o src/server/public/scripts/template-engine-compiled.js' './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/admin.js -o src/server/public/scripts/admin-compiled.js' 'npm run watch:sass'",
"watch": "./node_modules/.bin/parallelshell './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/template-engine.js -o src/server/public/scripts/template-engine-compiled.js' './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/admin.js -o src/server/public/scripts/admin-compiled.js' './node_modules/.bin/watchify -v -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/user-login.js -o src/server/public/scripts/user-login-compiled.js' 'npm run watch:sass'",
"watch:sass": "./node_modules/.bin/watch 'npm run sass' ./src/server/sass",
"babel-app": "node_modules/.bin/babel-node --presets es2015",
"build": "node_modules/.bin/babel-node --presets es2015 src/cli/build/template.js",
"mvasset": "mkdirp dist/server/public && cp -r src/server/locale dist/server && cp -r src/server/views dist/server && cp -r src/server/public/css dist/server/public && cp -r src/server/public/fonts dist/server/public && cp -r src/server/public/image dist/server/public",
"sass": "node ./src/tasks/sass.js",
"js:users": "browserify -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/user-login.js -o src/server/public/scripts/user-login-compiled.js",
"js:admin": "browserify -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/admin.js -o src/server/public/scripts/admin-compiled.js",
"js:engine": "browserify -t [ babelify --presets [ es2015 ] ] src/server/public/scripts/template-engine.js -o src/server/public/scripts/template-engine-compiled.js",
"build:front": "npm run js:admin && npm run js:engine && npm run sass",
"build:front": "npm run js:admin && npm run js:users && npm run js:engine && npm run sass",
"build:scripts": "npm run build:front && ./node_modules/.bin/babel --presets es2015,stage-0 -d dist/server src/server/ && ./node_modules/.bin/babel --presets es2015,stage-0 -d dist/cli src/cli/ && npm run mvasset",
"compile": "./node_modules/.bin/babel --presets es2015,stage-0 -d dist/ src/ && cp -r src/cli/core/config/config.json dist/cli/core/config/config.json",
"watchdev": "npm run build:front && npm run compile && npm run mvasset && nodemon --debug --exec npm run compile && npm run mvasset --kill-others",
"startdev": "npm run build:front && npm run compile && npm run mvasset && node src/tasks/nodemon.js & npm run watch --kill-others",
"startdevOnly": "npm run js:admin && npm run js:engine && node src/tasks/nodemon.js & npm run watch --kill-others"
"startdevOnly": "npm run js:admin && npm run js:users && npm run js:engine && node src/tasks/nodemon.js & npm run watch --kill-others"
},
"author": "Adfab Connect",
"license": "ISC",
Expand Down
50 changes: 50 additions & 0 deletions src/cli/cms/templates/handlebars/role.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
import Cookies from 'cookies'
import jwt from 'jwt-simple'

import {
config,
User
} from '../../../'

/**
* Handlebars helper, to print className and escape it string
*/
export default function role(role, obj, ctx) {
if(typeof obj.express !== 'undefined' && obj.express !== null) {
var cookies = new Cookies(obj.express.req, obj.express.res, {
secure: config.cookie.secure
})
var token = cookies.get('x-access-token');

if(typeof token !== 'undefined' && token !== null && token !== '') {
var secret = config.users.secret
var decoded = jwt.decode(token, secret);

var user = User.findSync(decoded.iss)

var roles = config.users.roles
var cpt = 0;
var cptUser = 0;
var cptRole = 0;
Array.prototype.forEach.call(roles, (currentRole) => {
if(currentRole.workflow === user.role.workflow) {
cptUser = cpt
}
if(currentRole.workflow === role) {
cptRole = cpt
}
cpt++;
})

if(cptRole > cptUser) {
return '';
}
}

var content = ctx.fn(this)
return content

}else {
return '';
}
}
3 changes: 3 additions & 0 deletions src/cli/cms/templates/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ import truncate from './handlebars/truncate'
import lowercase from './handlebars/lowercase'
import uppercase from './handlebars/uppercase'
import setVariable from './handlebars/setVariable'
import role from './handlebars/role'

import * as template from './template'
import * as assets from './assets'
Expand All @@ -43,6 +44,7 @@ Handlebars.registerHelper('truncate', truncate)
Handlebars.registerHelper('lowercase', lowercase)
Handlebars.registerHelper('uppercase', uppercase)
Handlebars.registerHelper('setVariable', setVariable)
Handlebars.registerHelper('role', role)

HandlebarsIntl.registerWith(Handlebars)

Expand All @@ -61,6 +63,7 @@ export {
lowercase,
uppercase,
setVariable,
role,
math,
moduloIf,
notEmpty,
Expand Down
4 changes: 0 additions & 4 deletions src/cli/core/config/config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,10 +96,6 @@
"sitePort": false,
"users": {
"secret": "GoNinjaGo",
"login": "/abe/plugin/abe-users/login",
"signup": "/abe/plugin/abe-users/signup",
"logout": "/abe/plugin/abe-users/logout",
"home": "/abe/",
"smtp": null,
"forgotExpire": 60,
"email": {
Expand Down
100 changes: 63 additions & 37 deletions src/cli/users/index.js
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,43 @@
import fs from 'fs'
import fs from 'fs-extra'
import path from 'path'
import bcrypt from 'bcrypt-nodejs'
import config from './config'
import Cookies from 'cookies'
import jwt from 'jwt-simple'
import owasp from 'owasp-password-strength-test'
import xss from 'xss'
import mkdirp from 'mkdirp'

import {
config,
coreUtils
} from '../../cli'

function getBdd() {
return JSON.parse(fs.readFileSync(__dirname + '/../../../users/bdd.json', 'utf8'));
var bddFile = path.join(config.root, 'users', 'bdd.json')
var json = {}
if (coreUtils.file.exist(bddFile)) {
json = JSON.parse(fs.readFileSync(bddFile, 'utf8'))
}else {
mkdirp(path.dirname(bddFile))
fs.writeJsonSync(bddFile, [], { space: 2, encoding: 'utf-8' })
var admin = add({
"username": "admin",
"name": "admin",
"email": "admin@test.com",
"password": "Adm1n@test",
"role": {
"workflow":"admin",
"name":"Admin"
}
});
activate(admin.user.id)

json = JSON.parse(fs.readFileSync(bddFile, 'utf8'))
}
return json;
}

exports.findSync = function(id) {
export function findSync(id) {
var bdd = getBdd()
for (var i = 0, len = bdd.length; i < len; i++) {
var user = bdd[i];
Expand All @@ -21,7 +48,7 @@ exports.findSync = function(id) {
return null;
};

exports.find = function(id, done) {
export function find(id, done) {
var bdd = getBdd()
for (var i = 0, len = bdd.length; i < len; i++) {
var user = bdd[i];
Expand All @@ -32,7 +59,7 @@ exports.find = function(id, done) {
return done(null, null);
};

exports.findByUsername = function(username, done) {
export function findByUsername(username, done) {
var bdd = getBdd()
for (var i = 0, len = bdd.length; i < len; i++) {
var user = bdd[i];
Expand All @@ -43,7 +70,7 @@ exports.findByUsername = function(username, done) {
return done(null, null);
};

exports.findByEmail = function(email, done) {
export function findByEmail(email, done) {
var bdd = getBdd()
for (var i = 0, len = bdd.length; i < len; i++) {
var user = bdd[i];
Expand All @@ -54,7 +81,7 @@ exports.findByEmail = function(email, done) {
return done(null, null);
};

exports.findByResetPasswordToken = function(resetPasswordToken, done) {
export function findByResetPasswordToken(resetPasswordToken, done) {
var bdd = getBdd()
for (var i = 0, len = bdd.length; i < len; i++) {
var user = bdd[i];
Expand All @@ -65,7 +92,7 @@ exports.findByResetPasswordToken = function(resetPasswordToken, done) {
return done(null, null);
};

exports.isValid = function(user, password) {
export function isValid(user, password) {
var bdd = getBdd()
if(user.actif === 1) {
if(bcrypt.compareSync(password, user.password)) {
Expand All @@ -75,7 +102,7 @@ exports.isValid = function(user, password) {
return false;
};

exports.deactivate = function(id, abe) {
export function deactivate(id) {
var bdd = getBdd()
id = parseInt(id)
for (var i = 0, len = bdd.length; i < len; i++) {
Expand All @@ -84,11 +111,10 @@ exports.deactivate = function(id, abe) {
bdd[i].actif = 0
}
}
mkdirp(path.dirname(userBddUrl))
abe.fse.writeJsonSync(__dirname + '/../../../users/bdd.json', bdd, { space: 2, encoding: 'utf-8' })
fs.writeJsonSync(path.join(config.root, 'users', 'bdd.json'), bdd, { space: 2, encoding: 'utf-8' })
};

exports.activate = function(id, abe) {
export function activate(id) {
var bdd = getBdd()
id = parseInt(id)
for (var i = 0, len = bdd.length; i < len; i++) {
Expand All @@ -98,10 +124,10 @@ exports.activate = function(id, abe) {
}
}

abe.fse.writeJsonSync(__dirname + '/../../../users/bdd.json', bdd)
fs.writeJsonSync(path.join(config.root, 'users', 'bdd.json'), bdd)
};

exports.remove = function(id, abe) {
export function remove(id) {
var bdd = getBdd()
id = parseInt(id)
var newBdd = []
Expand All @@ -113,18 +139,18 @@ exports.remove = function(id, abe) {
}
bdd = newBdd;

abe.fse.writeJsonSync(__dirname + '/../../../users/bdd.json', bdd)
fs.writeJsonSync(path.join(config.root, 'users', 'bdd.json'), bdd)
};

exports.decodeUser = function(req, res, abe) {
export function decodeUser(req, res) {
var decoded = {}
var cookies = new Cookies(req, res, {
secure: abe.config.cookie.secure
secure: config.cookie.secure
})
var token = cookies.get('x-access-token');
if(typeof token !== 'undefined' && token !== null && token !== '') {
try {
var secret = config.getConfig('secret', abe);
var secret = config.users.secret;
decoded = jwt.decode(token, secret);
} catch (err) {}
}
Expand Down Expand Up @@ -185,16 +211,16 @@ function textXss(newUser) {
}
}

function getRole(data, abe) {
var roles = config.getConfig('roles', abe);
function getRole(data) {
var roles = config.users.roles;
Array.prototype.forEach.call(roles, (role) => {
if(role.name === data.role) {
data.role = role
}
})
}

function checkSameEmail(data, abe) {
function checkSameEmail(data) {
var emailAlreadyUsed = false
var bdd = getBdd();
var email = data.email;
Expand All @@ -217,17 +243,17 @@ function checkSameEmail(data, abe) {
}
}

function commonPassword(data, abe) {
var owaspConfig = config.getConfig('owasp', abe)
function commonPassword(data) {
var owaspConfig = config.users.owasp
owasp.config(owaspConfig);

var owaspConfig = config.getConfig('owasp', abe)
var owaspConfig = config.users.owasp
owasp.config(owaspConfig);
var res = owasp.test(data.password)

currentUserName = data.username;

mustCommonPassword = config.getConfig('mustCommonPassword', abe);
mustCommonPassword = config.users.mustCommonPassword
sameAsUser = (typeof owaspConfig.sameAsUser !== 'undefined' && owaspConfig.sameAsUser !== null) ? owaspConfig.sameAsUser : true;
mostCommon = (typeof owaspConfig.mostCommon !== 'undefined' && owaspConfig.mostCommon !== null) ? owaspConfig.mostCommon : true;

Expand All @@ -250,7 +276,7 @@ function commonPassword(data, abe) {
}
}

exports.update = function(data, abe) {
export function update(data) {
var xss = textXss(data)
if(xss.success === 0) {
return xss
Expand All @@ -260,7 +286,7 @@ exports.update = function(data, abe) {
return sameEmail
}

getRole(data, abe);
getRole(data);

var bdd = getBdd();
var id = parseInt(data.id);
Expand All @@ -273,16 +299,16 @@ exports.update = function(data, abe) {
}
}

abe.fse.writeJsonSync(__dirname + '/../../../users/bdd.json', bdd)
fs.writeJsonSync(path.join(config.root, 'users', 'bdd.json'), bdd)

return {
success:1,
user: data
}
};

exports.updatePassword = function(data, password, abe) {
var cPassword = commonPassword(data, abe)
export function updatePassword(data, password) {
var cPassword = commonPassword(data)
if(cPassword.success === 0) {
return cPassword
}
Expand All @@ -298,15 +324,15 @@ exports.updatePassword = function(data, password, abe) {
}
}

abe.fse.writeJsonSync(__dirname + '/../../../users/bdd.json', bdd)
fs.writeJsonSync(path.join(config.root, 'users', 'bdd.json'), bdd)

return {
success:1,
user: data
}
}

exports.add = function(newUser, abe) {
export function add(newUser) {
var xss = textXss(newUser)
if(xss.success === 0) {
return xss
Expand All @@ -316,31 +342,31 @@ exports.add = function(newUser, abe) {
return sameEmail
}

getRole(newUser, abe);
getRole(newUser);
var bdd = getBdd()
var lastId = 0
for (var i = 0, len = bdd.length; i < len; i++) {
lastId = parseInt(bdd[i].id)
}
newUser.id = lastId+1;
newUser.actif = 0;
var cPassword = commonPassword(newUser, abe)
var cPassword = commonPassword(newUser)
if(cPassword.success === 0) {
return cPassword
}

var salt = bcrypt.genSaltSync(10);
newUser.password = bcrypt.hashSync(newUser.password, salt);
bdd.push(newUser);
abe.fse.writeJsonSync(__dirname + '/../../../users/bdd.json', bdd)
fs.writeJsonSync(path.join(config.root, 'users', 'bdd.json'), bdd)

return {
success:1,
user: newUser
}
};

exports.getAll = function(abe) {
export function getAll() {
var bdd = getBdd()
return bdd;
};
Loading

0 comments on commit 20c0d7d

Please sign in to comment.