diff --git a/caracal.js b/caracal.js index 4ab7d4a..6023c77 100644 --- a/caracal.js +++ b/caracal.js @@ -74,6 +74,7 @@ var HANDLERS = { "loginHandler": function() { return auth.loginHandler(auth.PUBKEY); }, + "loginWithHeader": auth.loginWithHeader, "sanitizeBody": function() { return sanitizeBody; }, diff --git a/handlers/authHandlers.js b/handlers/authHandlers.js index c5c470f..430963f 100644 --- a/handlers/authHandlers.js +++ b/handlers/authHandlers.js @@ -263,6 +263,35 @@ function firstSetupUserSignupExists() { }; } +// Use a trusted header instead of a jwt for login. Use carefully if at all. +function loginWithHeader(header, signKey, userFunction) { + return function(req, res) { + // get the correct header, set it to use userFunction + let token = {"email": req.headers[header]}; + // login using that + userFunction(token).then((x) => { + if (x === false) { + res.status(401).send({ + 'err': 'User Unauthorized', + }); + } else { + data = x; + delete data['exp']; + // sign using the mounted key + var token = jwt.sign(data, signKey, { + algorithm: 'RS256', + expiresIn: EXPIRY, + }); + res.send({ + 'token': token, + }); + } + }).catch((e) => { + console.log(e); + res.status(401).send(e); + }); + }; +} auth = {}; auth.jwkTokenTrade = jwkTokenTrade; @@ -271,6 +300,7 @@ auth.filterHandler = filterHandler; auth.loginHandler = loginHandler; auth.editHandler = editHandler; auth.firstSetupUserSignupExists = firstSetupUserSignupExists; +auth.loginWithHeader = loginWithHeader; auth.CLIENT = CLIENT; auth.PRIKEY = PRIKEY; auth.PUBKEY = PUBKEY; diff --git a/idx_mongo.js b/idx_mongo.js index 242b485..5ee21f4 100644 --- a/idx_mongo.js +++ b/idx_mongo.js @@ -5,7 +5,6 @@ const mongodb = require("./service/database"); function indexes() { db = "camic"; - mongodb.createIndex(db, "authorization", {"name": 1}, {unique: true}); mongodb.createIndex(db, "user", {"email": 1}, {unique: true}); mongodb.createIndex(db, "mark", {"provenance.image.slide": 1, "provenance.analysis.execution_id": 1, "footprint": 1, "x": 1, "y": 1});