Skip to content
Snippets Groups Projects
Commit cb5d382c authored by Eduardo L. Buratti's avatar Eduardo L. Buratti
Browse files

Add server-side login and session management 


Signed-off-by: default avatarEduardo L. Buratti <elb09@c3sl.ufpr.br>
parent 13f9b080
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
web/app/partials/header.html
+ 1
1
View file @ cb5d382c
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
<li><a href="">Pular para o conteúdo</a></li> <li><a href="">Pular para o conteúdo</a></li>
<li><a href="">Ouvidoria</a></li> <li><a href="">Ouvidoria</a></li>
<li><a href="">Mapa do site</a></li> <li><a href="">Mapa do site</a></li>
<li><a href="" ng-click="login.show()">Acesso Restrito</a></li> <li><a href="" ng-click="login.click()">{{ login.buttomText }}</a></li>
</ul> </ul>
<div class="header-font-size"> <div class="header-font-size">
......
web/assets/js/app.js
+ 63
15
View file @ cb5d382c
...@@ -31,7 +31,11 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi ...@@ -31,7 +31,11 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi
} }
}). }).
controller('MainCtrl', function ($scope, $rootScope, $state) { factory('SessionFactory', function ($resource) {
return $resource('/api/s');
}).
controller('MainCtrl', function ($scope, $rootScope, $state, SessionFactory) {
$scope.bigButtons = { $scope.bigButtons = {
collapsed: false, collapsed: false,
rowClass: "", rowClass: "",
...@@ -69,8 +73,15 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi ...@@ -69,8 +73,15 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi
includeUrl: '', includeUrl: '',
error: null, error: null,
loading: false, loading: false,
username: '', username: 'admin',
password: '', password: '123mudar',
buttonText: 'Acesso Restrito',
click: function () {
if ($scope.session.loggedIn)
this.logout();
else
this.show();
},
show: function () { show: function () {
this.includeUrl = 'partials/login.html'; this.includeUrl = 'partials/login.html';
}, },
...@@ -79,19 +90,31 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi ...@@ -79,19 +90,31 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi
}, },
submit: function () { submit: function () {
this.loading = true; this.loading = true;
this.error = null;
SessionFactory.save({username: $scope.login.username, password: $scope.login.password}, function (session) {
$scope.login.loading = false;
setTimeout(function () { $scope.session = session;
$scope.$apply(function () { $rootScope.$broadcast('$sessionUpdate', session);
$scope.login.loading = false;
if (session.error) {
if (($scope.login.username === 'admin') && ($scope.login.password === '123mudar')) { $scope.login.error = 'Usuário ou senha inválidos.';
$scope.login.hide(); return;
} }
else {
$scope.login.error = 'Usuário ou senha inválidos.'; $scope.login.username = '';
} $scope.login.password = '';
}); $scope.login.hide();
}, 1000); }, function (response) {
$scope.login.loading = false;
if ((typeof response.data.error !== 'undefined') &&
(response.data.error === 'invalid_username_password'))
$scope.login.error = 'Usuário ou senha inválidos.';
else
$scope.login.error = 'Erro no servidor, tente novamente mais tarde.';
});
}, },
cancel: function () { cancel: function () {
this.error = null; this.error = null;
...@@ -99,9 +122,34 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi ...@@ -99,9 +122,34 @@ angular.module('datasid', ['ngResource', 'ui.router', 'datasid.install', 'datasi
this.username = ''; this.username = '';
this.password = ''; this.password = '';
this.hide(); this.hide();
},
logout: function () {
SessionFactory.delete(function(session) {
$scope.session = session;
$rootScope.$broadcast('$sessionUpdate', session);
});
} }
}; };
SessionFactory.get(function (session) {
$scope.session = session;
$rootScope.$broadcast('$sessionUpdate', session);
});
$scope.$on('$accessDenied', function (e) {
SessionFactory.get(function (session) {
$scope.session = session;
$rootScope.$broadcast('$sessionUpdate', session);
});
});
$scope.$on('$sessionUpdate', function (e, newSession) {
if (newSession.loggedIn)
$scope.login.buttomText = "Logout";
else
$scope.login.buttomText = "Acesso Restrito";
});
$scope.$on("$stateChangeSuccess", function(event, toState, toParams, fromState, fromParams) { $scope.$on("$stateChangeSuccess", function(event, toState, toParams, fromState, fromParams) {
if (typeof $state.current === "undefined") if (typeof $state.current === "undefined")
return; return;
......
web/config.example.js
+ 3
1
View file @ cb5d382c
...@@ -4,4 +4,6 @@ exports.db_config = { ...@@ -4,4 +4,6 @@ exports.db_config = {
database: 'dbname', database: 'dbname',
host: 'localhost', host: 'localhost',
port: 5432 port: 5432
}; };
\ No newline at end of file
exports.secret = '123mudar';
\ No newline at end of file
web/routes/sessions.js 0 → 100644
+ 42
0
View file @ cb5d382c
exports.login = function (req, res) {
if (req.session.username)
delete req.session.username;
if (typeof req.body === 'undefined')
return res.send(400, {loggedIn: false, error: 'invalid_username_password'});
if ((typeof req.body.username === 'undefined') ||
(typeof req.body.password === 'undefined'))
return res.send(400, {loggedIn: false, error: 'invalid_username_password'});
var username = req.body.username,
password = req.body.password;
if ((username !== 'admin') || (password !== '123mudar'))
return res.send(400, {loggedIn: false, error: 'invalid_username_password'});
req.session.username = username;
res.send(200, {loggedIn: true, username: req.session.username});
}
exports.get = function (req, res) {
if (!req.session.username)
return res.send(200, {loggedIn: false});
res.send(200, {loggedIn: true, username: req.session.username});
}
exports.logout = function (req, res) {
if (req.session.username)
delete req.session.username;
res.send({loggedIn: false});
}
exports.auth = function (req, res, next) {
if (!req.session.username)
return res.send(401, "");
req.user = req.session.username;
next();
}
\ No newline at end of file
web/server.js
+ 7
0
View file @ cb5d382c
...@@ -4,6 +4,7 @@ var express = require('express'); ...@@ -4,6 +4,7 @@ var express = require('express');
var config = require('./config.js'); var config = require('./config.js');
var db = require('./middleware/db.js'); var db = require('./middleware/db.js');
var sessions = require('./routes/sessions.js');
var points = require('./routes/points.js'); var points = require('./routes/points.js');
var telecenters = require('./routes/telecenters.js'); var telecenters = require('./routes/telecenters.js');
var charts = require('./routes/charts.js'); var charts = require('./routes/charts.js');
...@@ -13,10 +14,16 @@ var port = parseInt(process.argv.splice(2)[0]) || 3000; ...@@ -13,10 +14,16 @@ var port = parseInt(process.argv.splice(2)[0]) || 3000;
var app = express(); var app = express();
app.use(express.logger('dev')); app.use(express.logger('dev'));
app.use(express.bodyParser()); app.use(express.bodyParser());
app.use(express.cookieParser());
app.use(express.session({ secret: config.secret }));
app.use(express.static(__dirname + '/app')); app.use(express.static(__dirname + '/app'));
db.config(config.db_config); db.config(config.db_config);
app.post('/api/s', sessions.login);
app.get('/api/s', sessions.get);
app.delete('/api/s', sessions.logout);
app.all('/api/points', db.connect, points.list); app.all('/api/points', db.connect, points.list);
app.all('/api/points/count', db.connect, points.count); app.all('/api/points/count', db.connect, points.count);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment