diff --git a/web/app/partials/header.html b/web/app/partials/header.html
index d664e231e2d516525852edaede15030a52b31c77..6d5820ad3bf35b6509c608f1c4369c5969310cd3 100644
--- a/web/app/partials/header.html
+++ b/web/app/partials/header.html
@@ -3,7 +3,7 @@
<li><a href="">Pular para o conteúdo</a></li>
<li><a href="">Ouvidoria</a></li>
<li><a href="">Mapa do site</a></li>
- <li><a href="" ng-click="login.show()">Acesso Restrito</a></li>
+ <li><a href="" ng-click="login.click()">{{ login.buttomText }}</a></li>
</ul>
<div class="header-font-size">
diff --git a/web/assets/js/app.js b/web/assets/js/app.js
index ad4238d2474bb72ff42c4b35d8cf30390d6440ec..a75062e30898a84407d56fd98ce0f2ee71c8f9cc 100644
--- a/web/assets/js/app.js
+++ b/web/assets/js/app.js
@@ -31,7 +31,11 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi
}
}).
- controller('MainCtrl', function ($scope, $rootScope, $state) {
+ factory('SessionFactory', function ($resource) {
+ return $resource('/api/s');
+ }).
+
+ controller('MainCtrl', function ($scope, $rootScope, $state, SessionFactory) {
$scope.bigButtons = {
collapsed: false,
rowClass: "",
@@ -69,8 +73,15 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi
includeUrl: '',
error: null,
loading: false,
- username: '',
- password: '',
+ username: 'admin',
+ password: '123mudar',
+ buttonText: 'Acesso Restrito',
+ click: function () {
+ if ($scope.session.loggedIn)
+ this.logout();
+ else
+ this.show();
+ },
show: function () {
this.includeUrl = 'partials/login.html';
},
@@ -79,19 +90,31 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi
},
submit: function () {
this.loading = true;
+ this.error = null;
+
+ SessionFactory.save({username: $scope.login.username, password: $scope.login.password}, function (session) {
+ $scope.login.loading = false;
- setTimeout(function () {
- $scope.$apply(function () {
- $scope.login.loading = false;
-
- if (($scope.login.username === 'admin') && ($scope.login.password === '123mudar')) {
- $scope.login.hide();
- }
- else {
- $scope.login.error = 'Usuário ou senha inválidos.';
- }
- });
- }, 1000);
+ $scope.session = session;
+ $rootScope.$broadcast('$sessionUpdate', session);
+
+ if (session.error) {
+ $scope.login.error = 'Usuário ou senha inválidos.';
+ return;
+ }
+
+ $scope.login.username = '';
+ $scope.login.password = '';
+ $scope.login.hide();
+ }, function (response) {
+ $scope.login.loading = false;
+
+ if ((typeof response.data.error !== 'undefined') &&
+ (response.data.error === 'invalid_username_password'))
+ $scope.login.error = 'Usuário ou senha inválidos.';
+ else
+ $scope.login.error = 'Erro no servidor, tente novamente mais tarde.';
+ });
},
cancel: function () {
this.error = null;
@@ -99,9 +122,34 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi
this.username = '';
this.password = '';
this.hide();
+ },
+ logout: function () {
+ SessionFactory.delete(function(session) {
+ $scope.session = session;
+ $rootScope.$broadcast('$sessionUpdate', session);
+ });
}
};
+ SessionFactory.get(function (session) {
+ $scope.session = session;
+ $rootScope.$broadcast('$sessionUpdate', session);
+ });
+
+ $scope.$on('$accessDenied', function (e) {
+ SessionFactory.get(function (session) {
+ $scope.session = session;
+ $rootScope.$broadcast('$sessionUpdate', session);
+ });
+ });
+
+ $scope.$on('$sessionUpdate', function (e, newSession) {
+ if (newSession.loggedIn)
+ $scope.login.buttomText = "Logout";
+ else
+ $scope.login.buttomText = "Acesso Restrito";
+ });
+
$scope.$on("$stateChangeSuccess", function(event, toState, toParams, fromState, fromParams) {
if (typeof $state.current === "undefined")
return;
diff --git a/web/config.example.js b/web/config.example.js
index 291ce456fa2bb644cb04c58d360558ef41804414..68d7314c57ff5a0a40da7c50d8d7dd3d13078cce 100644
--- a/web/config.example.js
+++ b/web/config.example.js
@@ -4,4 +4,6 @@ exports.db_config = {
database: 'dbname',
host: 'localhost',
port: 5432
-};
\ No newline at end of file
+};
+
+exports.secret = '123mudar';
\ No newline at end of file
diff --git a/web/routes/sessions.js b/web/routes/sessions.js
new file mode 100644
index 0000000000000000000000000000000000000000..419a96b3ade3a23895ba532b879489d165708bd9
--- /dev/null
+++ b/web/routes/sessions.js
@@ -0,0 +1,42 @@
+exports.login = function (req, res) {
+ if (req.session.username)
+ delete req.session.username;
+
+ if (typeof req.body === 'undefined')
+ return res.send(400, {loggedIn: false, error: 'invalid_username_password'});
+
+ if ((typeof req.body.username === 'undefined') ||
+ (typeof req.body.password === 'undefined'))
+ return res.send(400, {loggedIn: false, error: 'invalid_username_password'});
+
+ var username = req.body.username,
+ password = req.body.password;
+
+ if ((username !== 'admin') || (password !== '123mudar'))
+ return res.send(400, {loggedIn: false, error: 'invalid_username_password'});
+
+ req.session.username = username;
+ res.send(200, {loggedIn: true, username: req.session.username});
+}
+
+exports.get = function (req, res) {
+ if (!req.session.username)
+ return res.send(200, {loggedIn: false});
+
+ res.send(200, {loggedIn: true, username: req.session.username});
+}
+
+exports.logout = function (req, res) {
+ if (req.session.username)
+ delete req.session.username;
+
+ res.send({loggedIn: false});
+}
+
+exports.auth = function (req, res, next) {
+ if (!req.session.username)
+ return res.send(401, "");
+
+ req.user = req.session.username;
+ next();
+}
\ No newline at end of file
diff --git a/web/server.js b/web/server.js
index 10ce519e98447586990f99ed93794aa02b729a10..3c90a47fb046a3344303e9b8214d514bf69f6abc 100755
--- a/web/server.js
+++ b/web/server.js
@@ -4,6 +4,7 @@ var express = require('express');
var config = require('./config.js');
var db = require('./middleware/db.js');
+var sessions = require('./routes/sessions.js');
var points = require('./routes/points.js');
var telecenters = require('./routes/telecenters.js');
var charts = require('./routes/charts.js');
@@ -13,10 +14,16 @@ var port = parseInt(process.argv.splice(2)[0]) || 3000;
var app = express();
app.use(express.logger('dev'));
app.use(express.bodyParser());
+app.use(express.cookieParser());
+app.use(express.session({ secret: config.secret }));
app.use(express.static(__dirname + '/app'));
db.config(config.db_config);
+app.post('/api/s', sessions.login);
+app.get('/api/s', sessions.get);
+app.delete('/api/s', sessions.logout);
+
app.all('/api/points', db.connect, points.list);
app.all('/api/points/count', db.connect, points.count);