| blob | cfc188817913ba45a5ad4aff3f9465cd4ffe6339 |
1 'use strict';
3 var env = require('gitter-web-env');
4 var logger = env.logger;
5 var config = env.config;
6 var identifyRoute = env.middlewares.identifyRoute;
8 var jwt = require('jwt-simple');
9 var uuid = require('uuid/v4');
10 var url = require('url');
11 var express = require('express');
12 var GithubMeService = require('gitter-web-github').GitHubMeService;
13 var oauth2 = require('../web/oauth2');
14 var ensureLoggedIn = require('../web/middlewares/ensure-logged-in');
15 var resolveUserAvatarUrl = require('gitter-web-shared/avatars/resolve-user-avatar-srcset');
17 var gitlab = require('./auth-providers/gitlab');
18 var github = require('./auth-providers/github');
19 var google = require('./auth-providers/google');
20 var twitter = require('./auth-providers/twitter');
21 var linkedin = require('./auth-providers/linkedin');
22 var validatedMessage = require('../web/validated-message');
24 var router = express.Router({ caseSensitive: true, mergeParams: true });
26 router.get('/*', function(req, res, next) {
27 // Fix for Windows Phone
28 req.nonApiRoute = true;
29 next();
30 });
32 router.get('/', identifyRoute('login'), function(req, res) {
33 res.render('login', {
34 source: req.query.source || 'login_page-login',
35 returnTo: req.query.returnTo,
36 bootScriptName: 'router-login',
37 cssFileName: 'styles/login.css',
38 // TODO: remove this and just show it anyway
39 showNewLogin: true
40 });
41 });
43 // ----------------------------------------------------------
44 // Common across different providers
45 // ----------------------------------------------------------
47 router.get('/upgrade-failed', identifyRoute('login-upgrade-failed'), function(req, res) {
48 res.render('upgrade-failed');
49 });
51 router.get('/failed', identifyRoute('login-failed'), function(req, res) {
52 var message = validatedMessage.validate(
53 req.query.message,
54 req.query.check,
55 'An error occurred. Please try again'
56 );
58 res.render('login-failed', {
59 message: message
60 });
61 });
63 router.get('/token-revoked', identifyRoute('token-revoked'), function(req, res) {
64 res.status(401);
65 res.render('token-revoked', {
66 appsLink: config.get('web:basepath') + '/apps'
67 });
68 });
70 router.get('/user-agent-revoked', identifyRoute('user-agent-revoked'), function(req, res) {
71 res.status(401);
72 res.render('user-agent-revoked', {
73 appsLink: config.get('web:basepath') + '/apps'
74 });
75 });
77 // ----------------------------------------------------------
78 // GitHub
79 // ----------------------------------------------------------
81 router.get('/github', github.login);
82 router.get('/invited', github.invited);
83 router.get('/upgrade', github.upgradeLandingPage);
84 router.post('/upgrade', github.upgrade);
86 // alias the old /callback to the new /github/callback for backwards
87 // compatibility and so we can switch over without downtime
88 ['/github/callback', '/callback'].forEach(function(path) {
89 router.get(path, github.callback);
90 });
92 // ----------------------------------------------------------
93 // GitLab
94 // ----------------------------------------------------------
96 router.get('/gitlab', gitlab.login);
97 router.get('/gitlab/callback', gitlab.callback);
99 // ----------------------------------------------------------
100 // Google
101 // ----------------------------------------------------------
103 router.get('/google', google.login);
104 router.get('/google/callback', google.callback);
106 // ----------------------------------------------------------
107 // Twitter
108 // ----------------------------------------------------------
110 router.get('/twitter', twitter.login);
111 router.get('/twitter/callback', twitter.callback);
113 // ----------------------------------------------------------
114 // LinkedIn
115 // ----------------------------------------------------------
117 router.get('/linkedin', linkedin.login);
118 router.get('/linkedin/callback', linkedin.callback);
120 // ----------------------------------------------------------
121 // OAuth for our own clients
122 // ----------------------------------------------------------
124 // Our clients
125 router.get('/oauth/authorize', identifyRoute('login-oauth-authorize'), oauth2.authorization);
127 router.post('/oauth/authorize/decision', identifyRoute('login-oauth-decision'), oauth2.decision);
129 router.post('/oauth/token', identifyRoute('login-oauth-token'), oauth2.token);
131 router.all('/oauth/callback', identifyRoute('login-oauth-callback'), function(req, res) {
132 res.send(
133 'Wait time is the worst / I can hardly sit / No one has the time / Someone is always late'
134 );
135 });
137 // Wait? Why is this here?
138 // REMOVE IT: app.post('/oauth/authorize/decision', oauth2.decision);
140 // Zendesk login callback
141 router.get('/zendesk', ensureLoggedIn, identifyRoute('login-zendesk'), function(req, res, next) {
142 var ghMe = new GithubMeService(req.user);
143 ghMe
144 .getEmail()
145 .then(function(email) {
146 var cfg = config.get('zendesk');
147 var payload = {
148 iat: new Date().getTime() / 1000,
149 jti: uuid(),
150 name: req.user.displayName,
151 email: email,
152 external_id: req.user.id,
153 remote_photo_url: resolveUserAvatarUrl(req.user, 128),
154 user_fields: {
155 username: req.user.username
156 }
157 };
159 logger.info('Sending data to Zendesk', payload);
161 var token = jwt.encode(payload, cfg.sharedKey);
162 var redirect = 'https://' + cfg.subdomain + '.zendesk.com/access/jwt?jwt=' + token;
164 var query = url.parse(req.url, true).query;
166 if (query.return_to) {
167 redirect += '&return_to=' + encodeURIComponent(query.return_to);
168 }
170 res.redirect(redirect);
171 })
172 .catch(next);
173 });
175 router.get('/embed', ensureLoggedIn, function(req, res) {
176 res.render('embed-login-complete');
177 });
179 module.exports = router;