mbkauthe 2.4.0 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +1 -1
- package/LICENSE +339 -373
- package/README.md +116 -288
- package/docs/api.md +139 -1
- package/docs/db.md +35 -5
- package/docs/env.md +32 -0
- package/docs/error-messages.md +557 -0
- package/index.d.ts +233 -0
- package/index.js +43 -32
- package/lib/config/cookies.js +52 -0
- package/lib/{config.js → config/index.js} +21 -85
- package/lib/config/security.js +8 -0
- package/lib/{pool.js → database/pool.js} +1 -1
- package/lib/main.js +28 -964
- package/lib/{validateSessionAndRole.js → middleware/auth.js} +5 -3
- package/lib/middleware/index.js +106 -0
- package/lib/routes/auth.js +521 -0
- package/lib/routes/misc.js +272 -0
- package/lib/routes/oauth.js +325 -0
- package/lib/utils/errors.js +257 -0
- package/lib/utils/response.js +21 -0
- package/package.json +6 -3
- package/public/main.js +4 -4
- package/views/Error/dError.handlebars +1 -1
- package/views/errorCodes.handlebars +341 -0
- package/views/info.handlebars +4 -0
- package/views/loginmbkauthe.handlebars +3 -31
- package/views/showmessage.handlebars +10 -18
package/views/info.handlebars
CHANGED
|
@@ -201,6 +201,10 @@
|
|
|
201
201
|
<div class="info-label">APP_NAME:</div>
|
|
202
202
|
<div class="info-value">{{mbkautheVar.APP_NAME}}</div>
|
|
203
203
|
</div>
|
|
204
|
+
<div class="info-row">
|
|
205
|
+
<div class="info-label">APP_Version:</div>
|
|
206
|
+
<div class="info-value">{{APP_VERSION}}</div>
|
|
207
|
+
</div>
|
|
204
208
|
<div class="info-row">
|
|
205
209
|
<div class="info-label">Domain:</div>
|
|
206
210
|
<div class="info-value">{{mbkautheVar.DOMAIN}}</div>
|
|
@@ -98,8 +98,7 @@
|
|
|
98
98
|
|
|
99
99
|
// Info dialogs
|
|
100
100
|
function usernameinfo() {
|
|
101
|
-
showMessage(`Your username is the part of your MBKTech.org email before the @ (e.g., abc.xyz@mbktech.org
|
|
102
|
-
→ abc.xyz). For guests or if you’ve forgotten your credentials, contact <a href="https://mbktech.org/Support">Support</a>.`, `What is my username?`);
|
|
101
|
+
showMessage(`Your username is the part of your MBKTech.org email before the @ (e.g., abc.xyz@mbktech.org → abc.xyz). For guests or if you’ve forgotten your credentials, contact <a href="https://mbktech.org/Support">Support</a>.`, `What is my username?`);
|
|
103
102
|
}
|
|
104
103
|
|
|
105
104
|
function tokeninfo() {
|
|
@@ -245,39 +244,12 @@
|
|
|
245
244
|
|
|
246
245
|
{{#if githubLoginEnabled }}
|
|
247
246
|
|
|
248
|
-
// GitHub login:
|
|
247
|
+
// GitHub login: Navigate directly to GitHub OAuth flow
|
|
249
248
|
async function startGithubLogin() {
|
|
250
249
|
const urlParams = new URLSearchParams(window.location.search);
|
|
251
250
|
const redirect = urlParams.get('redirect') || '{{customURL}}';
|
|
252
251
|
|
|
253
|
-
|
|
254
|
-
// Try POSTing to the backend so it can establish any session state
|
|
255
|
-
const resp = await fetch('/mbkauthe/api/github/login', {
|
|
256
|
-
method: 'POST',
|
|
257
|
-
headers: { 'Content-Type': 'application/json' },
|
|
258
|
-
credentials: 'include',
|
|
259
|
-
body: JSON.stringify({ redirect })
|
|
260
|
-
});
|
|
261
|
-
|
|
262
|
-
// If backend responds with a JSON containing redirectUrl, navigate there
|
|
263
|
-
if (resp.ok) {
|
|
264
|
-
// If server redirected directly (resp.redirected), follow the final URL
|
|
265
|
-
if (resp.redirected) {
|
|
266
|
-
window.location.href = resp.url;
|
|
267
|
-
return;
|
|
268
|
-
}
|
|
269
|
-
const data = await resp.json().catch(() => null);
|
|
270
|
-
if (data && data.redirectUrl) {
|
|
271
|
-
window.location.href = data.redirectUrl;
|
|
272
|
-
return;
|
|
273
|
-
}
|
|
274
|
-
}
|
|
275
|
-
} catch (error) {
|
|
276
|
-
// swallow and fallback to direct navigation
|
|
277
|
-
console.warn('[mbkauthe] GitHub login POST failed, falling back to direct redirect', error);
|
|
278
|
-
}
|
|
279
|
-
|
|
280
|
-
// Fallback: navigate to the backend GET endpoint with redirect query
|
|
252
|
+
// Navigate directly to the backend GET endpoint with redirect query
|
|
281
253
|
window.location.href = `/mbkauthe/api/github/login?redirect=${encodeURIComponent(redirect)}`;
|
|
282
254
|
}
|
|
283
255
|
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
<div class="showmessageWindow">
|
|
3
3
|
<h1></h1>
|
|
4
4
|
<p></p>
|
|
5
|
-
|
|
5
|
+
<a href="" target="_blank" class="error-code"></a>
|
|
6
6
|
<button class="btn btn-save full" onclick="hideMessage()">Okay</button>
|
|
7
7
|
</div>
|
|
8
8
|
</div>
|
|
@@ -12,7 +12,6 @@
|
|
|
12
12
|
document.querySelector(".showmessageWindow h1").innerText = heading;
|
|
13
13
|
document.querySelector(".showmessageWindow p").innerHTML = message;
|
|
14
14
|
|
|
15
|
-
/* Disable for now
|
|
16
15
|
if (errorCode) {
|
|
17
16
|
document.querySelector(".showmessageWindow .error-code").style.display = "block";
|
|
18
17
|
document.querySelector(".showmessageWindow .error-code").innerText = `Error Code: ${errorCode}`;
|
|
@@ -20,26 +19,17 @@
|
|
|
20
19
|
document.querySelector(".showmessageWindow .error-code").style.display = "none";
|
|
21
20
|
}
|
|
22
21
|
|
|
23
|
-
document.querySelector(".showmessageWindow .error-code").href =
|
|
24
|
-
|
|
25
|
-
document
|
|
26
|
-
|
|
27
|
-
.classList
|
|
28
|
-
.add("active");
|
|
29
|
-
document
|
|
30
|
-
.body
|
|
31
|
-
.classList
|
|
32
|
-
.add("blur-active");
|
|
22
|
+
document.querySelector(".showmessageWindow .error-code").href = `/mbkauthe/ErrorCode/#${errorCode}`;
|
|
23
|
+
|
|
24
|
+
document.querySelector(".showMessageblurWindow").classList.add("active");
|
|
25
|
+
document.body.classList.add("blur-active");
|
|
33
26
|
}
|
|
34
27
|
function hideMessage() {
|
|
35
28
|
const blurWindow = document.querySelector(".showMessageblurWindow");
|
|
36
29
|
blurWindow.classList.add("fade-out");
|
|
37
30
|
setTimeout(() => {
|
|
38
31
|
blurWindow.classList.remove("active", "fade-out");
|
|
39
|
-
document
|
|
40
|
-
.body
|
|
41
|
-
.classList
|
|
42
|
-
.remove("blur-active");
|
|
32
|
+
document.body.classList.remove("blur-active");
|
|
43
33
|
}, 500);
|
|
44
34
|
}
|
|
45
35
|
</script>
|
|
@@ -56,11 +46,13 @@
|
|
|
56
46
|
align-items: center;
|
|
57
47
|
z-index: 10000;
|
|
58
48
|
backdrop-filter: blur(10px);
|
|
49
|
+
pointer-events: none;
|
|
59
50
|
}
|
|
60
51
|
|
|
61
52
|
.showMessageblurWindow.active {
|
|
62
53
|
display: flex;
|
|
63
54
|
animation: fadeIn 0.3s ease-in-out;
|
|
55
|
+
pointer-events: all;
|
|
64
56
|
}
|
|
65
57
|
|
|
66
58
|
.showMessageblurWindow.fade-out {
|
|
@@ -81,12 +73,13 @@
|
|
|
81
73
|
padding: 2rem 2.5rem;
|
|
82
74
|
border-radius: 8px;
|
|
83
75
|
max-width: 90%;
|
|
84
|
-
width:
|
|
76
|
+
width: 550px;
|
|
85
77
|
position: relative;
|
|
86
78
|
color: #e0f7fa;
|
|
87
79
|
border: 1px solid rgba(0, 184, 148, 0.2);
|
|
88
80
|
box-shadow: 0 8px 32px rgba(0, 0, 0, 0.4);
|
|
89
81
|
animation: slideIn 0.3s ease-out;
|
|
82
|
+
pointer-events: all;
|
|
90
83
|
}
|
|
91
84
|
|
|
92
85
|
.showmessageWindow h1 {
|
|
@@ -124,7 +117,6 @@
|
|
|
124
117
|
.showmessageWindow .error-code:hover {
|
|
125
118
|
background: rgba(255, 209, 102, 0.2);
|
|
126
119
|
color: #ffd166;
|
|
127
|
-
transform: translateY(-2px);
|
|
128
120
|
box-shadow: 0 4px 10px rgba(255, 209, 102, 0.2);
|
|
129
121
|
}
|
|
130
122
|
|