siwatsystem-public/satitm-sso-node
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

link student working

Browse source
This commit is contained in:
Siwat Sirichai 2024-05-05 17:18:54 +07:00
parent 512a69319c
commit 5540ac6d81
4 changed files with 84 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

12
config/passport.js
View file

@ -22,23 +22,19 @@ passport.use(
signatureAlgorithm: "sha256", signatureAlgorithm: "sha256",
racComparison: "exact", racComparison: "exact",
}, },
function (profile, done) { async function (profile, done) {
// Query Active Directory for user details // Query Active Directory for user details
// username is the UPN // username is the UPN
// Store the user's group and DN in the session // Store the user's group and DN in the session
let username = profile["username"]; let username = profile["username"];
attributes = ["dn", "memberOf"]; attributes = ["dn", "memberOf"];
directory.queryUser(username, attributes, function (err, user) { console.log("Waiting for queryUser...")
if (err) { let user = await directory.queryUser(username, attributes);
console.log("Error:", err); console.log("user:", user);
} else {
console.log("User:", user);
profile["dn"] = user.dn; profile["dn"] = user.dn;
profile["memberOf"] = user.memberOf; profile["memberOf"] = user.memberOf;
return done(null, profile); return done(null, profile);
} }
});
}
) )
); );

53
directory.js
View file

@ -1,4 +1,5 @@
let satitm_directory = require('./config/ldap.js'); let satitm_directory = require('./config/ldap.js');
let ldap = require('ldapjs');
// Search for a user in the directory // Search for a user in the directory
async function queryUser(upn, attributes) { async function queryUser(upn, attributes) {
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
@ -23,12 +24,39 @@ async function queryUser(upn, attributes) {
}); });
} }
function setAttribute(upn, attribute, value, callback) { async function setPrimaryParent(student_upn, parent_upn) {
// First, get DN of the user from the UPN try {
let attributes = ['dn']; // Query the student's LDAP entry
let studentAttributes = ['primaryParent'];
let student = await queryUser(student_upn, studentAttributes);
let primaryParent = student.primaryParent;
// If the primary parent is not set, set it to the parent's UPN
if (!primaryParent) {
let change = new ldap.Change({
operation: 'add',
modification: {
primaryParent: parent_upn
}
});
let dn = student.dn;
satitm_directory.modify(dn, change, function(err) {
if (err) {
console.error(err);
throw err;
}
});
}
// If the primary parent is already set, return an error
else {
throw new Error('Primary parent already set');
}
} catch (err) {
console.error(err);
throw err;
}
} }
// 0: Unkown, 1: Student, 2: Parent // 0: Unkown, 1: Student, 2: Parent
const USER_TYPE = { const USER_TYPE = {
UNKNOWN: 0, UNKNOWN: 0,
@ -55,23 +83,22 @@ function getUserType(req, res) {
} }
} }
async function getPrimaryParent(student_upn, callback) { async function getPrimaryParent(student_upn) {
return new Promise((resolve, reject) => { try {
// Query primaryParent attribute in the student's LDAP entry // Query primaryParent attribute in the student's LDAP entry
let attributes = ['primaryParent']; let attributes = ['primaryParent'];
queryUser(student_upn, attributes, function(err, student) { let student = await queryUser(student_upn, attributes);
if (err) {
reject(err);
} else {
let primaryParent = student.primaryParent; let primaryParent = student.primaryParent;
resolve(primaryParent); return primaryParent;
} catch (err) {
console.error(err);
throw err;
} }
});
});
} }
module.exports = { module.exports = {
queryUser: queryUser, queryUser: queryUser,
getUserType: getUserType, getUserType: getUserType,
setPrimaryParent: setPrimaryParent,
USER_TYPE: USER_TYPE USER_TYPE: USER_TYPE
}; };

10
routes/auth.js
View file

@ -11,22 +11,12 @@ router.get('/selfservice/api', function (req, res) {
// username is the UPN // username is the UPN
let username = req.user.username; let username = req.user.username;
attributes = ['dn', 'memberOf']; attributes = ['dn', 'memberOf'];
directory.queryUser(username, attributes, function(err, user) {
if (err) {
console.log('Error:', err);
}
else {
console.log('User:', user);
response += 'Username: ' + req.user.username + '<br>'; response += 'Username: ' + req.user.username + '<br>';
response += 'First Name: ' + req.user.first_name + '<br>'; response += 'First Name: ' + req.user.first_name + '<br>';
response += 'Last Name: ' + req.user.last_name + '<br>'; response += 'Last Name: ' + req.user.last_name + '<br>';
usertype_str_map = ['Unknown', 'Student', 'Parent'];
response += 'User Type: ' + usertype_str_map[directory.getUserType(req, res)] + '<br>';
response += '<a href="/selfservice/api/logout">Logout</a>'; response += '<a href="/selfservice/api/logout">Logout</a>';
res.send(response); res.send(response);
} }
});
}
else { else {
response += '<a href="/selfservice/api/login">Login</a>'; response += '<a href="/selfservice/api/login">Login</a>';
res.send(response); res.send(response);

30
routes/ps_relation_parent.js
View file

@ -3,36 +3,39 @@
let express = require('express'); let express = require('express');
let router = express.Router(); let router = express.Router();
let passport = require('passport'); let passport = require('passport');
let directory = require('../directory.js');
let database = require('../config/database.js'); let database = require('../config/database.js');
// Consume the pairing code // Consume the pairing code
// Return the student's UPN then delete the pairing code // Return the student's UPN then delete the pairing code
function consumePairingCode(pairing_code, callback) { async function consumePairingCode(pairing_code) {
return new Promise((resolve, reject) => {
let sql = 'SELECT upn FROM ps_pairing_codes WHERE pairing_code = ?'; let sql = 'SELECT upn FROM ps_pairing_codes WHERE pairing_code = ?';
database.query(sql, pairing_code, function (err, result) { database.query(sql, pairing_code, function (err, result) {
if (err) { if (err) {
console.log('Error:', err); console.log('Error:', err);
return callback(err, null); reject(err);
} else { } else {
if (result.length === 0) { if (result.length === 0) {
return callback(null, null); resolve(null);
} else { } else {
let upn = result[0].upn; let upn = result[0].upn;
let sql = 'DELETE FROM ps_pairing_codes WHERE pairing_code = ?'; let deleteSql = 'DELETE FROM ps_pairing_codes WHERE pairing_code = ?';
database.query(sql, pairing_code, function (err, result) { database.query(deleteSql, pairing_code, function (err, result) {
if (err) { if (err) {
console.log('Error:', err); console.log('Error:', err);
} else { } else {
console.log('Pairing code consumed'); console.log('Pairing code consumed');
} }
}); });
return callback(null, upn); resolve(upn);
} }
} }
}); });
});
} }
router.get('/parent/:parent_upn/add-student', function (req, res) { router.get('/parent/:parent_upn/add-student', async function (req, res) {
if(!req.isAuthenticated()) { if(!req.isAuthenticated()) {
return res.status(401).send('Unauthorized'); return res.status(401).send('Unauthorized');
} }
@ -52,17 +55,12 @@ router.get('/parent/:parent_upn/add-student', function (req, res) {
return res.status(400).send('Bad Request, pairing_code missing'); return res.status(400).send('Bad Request, pairing_code missing');
} }
let student_upn = ''; let student_upn = '';
consumePairingCode(pairing_code, function (err, upn) { let student = await consumePairingCode(pairing_code);
if (err) { if (!student) {
return res.status(500).send('Internal Server Error'); return res.status(404).send('Not Found, pairing_code not found');
} }
if (upn === null) { await directory.setPrimaryParent(student, parent_upn);
return res.status(404).send('Invalid pairing code');
}
student_upn = upn;
res.send('Student added'); res.send('Student added');
// Set the LDAP attribute parent to the parent's UPN in the student's LDAP entry
});
}); });
router.get('/parent/:parent_upn', function (req, res) { router.get('/parent/:parent_upn', function (req, res) {