siwatsystem-public/satitm-sso-node
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

link student working

Browse source
This commit is contained in:
Siwat Sirichai 2024-05-05 17:18:54 +07:00
parent 512a69319c
commit 5540ac6d81
4 changed files with 84 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

12
config/passport.js
View file

@ -22,23 +22,19 @@ passport.use(
signatureAlgorithm: "sha256",
racComparison: "exact",
},
function (profile, done) {
async function (profile, done) {
// Query Active Directory for user details
// username is the UPN
// Store the user's group and DN in the session
let username = profile["username"];
attributes = ["dn", "memberOf"];
directory.queryUser(username, attributes, function (err, user) {
if (err) {
console.log("Error:", err);
} else {
console.log("User:", user);
console.log("Waiting for queryUser...")
let user = await directory.queryUser(username, attributes);
console.log("user:", user);
profile["dn"] = user.dn;
profile["memberOf"] = user.memberOf;
return done(null, profile);
}
});
}
)
);

53
directory.js
View file

@ -1,4 +1,5 @@
let satitm_directory = require('./config/ldap.js');
let ldap = require('ldapjs');
// Search for a user in the directory
async function queryUser(upn, attributes) {
return new Promise((resolve, reject) => {
@ -23,12 +24,39 @@ async function queryUser(upn, attributes) {
});
}
function setAttribute(upn, attribute, value, callback) {
// First, get DN of the user from the UPN
let attributes = ['dn'];
async function setPrimaryParent(student_upn, parent_upn) {
try {
// Query the student's LDAP entry
let studentAttributes = ['primaryParent'];
let student = await queryUser(student_upn, studentAttributes);
let primaryParent = student.primaryParent;
// If the primary parent is not set, set it to the parent's UPN
if (!primaryParent) {
let change = new ldap.Change({
operation: 'add',
modification: {
primaryParent: parent_upn
}
});
let dn = student.dn;
satitm_directory.modify(dn, change, function(err) {
if (err) {
console.error(err);
throw err;
}
});
}
// If the primary parent is already set, return an error
else {
throw new Error('Primary parent already set');
}
} catch (err) {
console.error(err);
throw err;
}
}
// 0: Unkown, 1: Student, 2: Parent
const USER_TYPE = {
UNKNOWN: 0,
@ -55,23 +83,22 @@ function getUserType(req, res) {
}
}
async function getPrimaryParent(student_upn, callback) {
return new Promise((resolve, reject) => {
async function getPrimaryParent(student_upn) {
try {
// Query primaryParent attribute in the student's LDAP entry
let attributes = ['primaryParent'];
queryUser(student_upn, attributes, function(err, student) {
if (err) {
reject(err);
} else {
let student = await queryUser(student_upn, attributes);
let primaryParent = student.primaryParent;
resolve(primaryParent);
return primaryParent;
} catch (err) {
console.error(err);
throw err;
}
});
});
}
module.exports = {
queryUser: queryUser,
getUserType: getUserType,
setPrimaryParent: setPrimaryParent,
USER_TYPE: USER_TYPE
};

10
routes/auth.js
View file

@ -11,22 +11,12 @@ router.get('/selfservice/api', function (req, res) {
// username is the UPN
let username = req.user.username;
attributes = ['dn', 'memberOf'];
directory.queryUser(username, attributes, function(err, user) {
if (err) {
console.log('Error:', err);
}
else {
console.log('User:', user);
response += 'Username: ' + req.user.username + '<br>';
response += 'First Name: ' + req.user.first_name + '<br>';
response += 'Last Name: ' + req.user.last_name + '<br>';
usertype_str_map = ['Unknown', 'Student', 'Parent'];
response += 'User Type: ' + usertype_str_map[directory.getUserType(req, res)] + '<br>';
response += '<a href="/selfservice/api/logout">Logout</a>';
res.send(response);
}
});
}
else {
response += '<a href="/selfservice/api/login">Login</a>';
res.send(response);

30
routes/ps_relation_parent.js
View file

@ -3,36 +3,39 @@
let express = require('express');
let router = express.Router();
let passport = require('passport');
let directory = require('../directory.js');
let database = require('../config/database.js');
// Consume the pairing code
// Return the student's UPN then delete the pairing code
function consumePairingCode(pairing_code, callback) {
async function consumePairingCode(pairing_code) {
return new Promise((resolve, reject) => {
let sql = 'SELECT upn FROM ps_pairing_codes WHERE pairing_code = ?';
database.query(sql, pairing_code, function (err, result) {
if (err) {
console.log('Error:', err);
return callback(err, null);
reject(err);
} else {
if (result.length === 0) {
return callback(null, null);
resolve(null);
} else {
let upn = result[0].upn;
let sql = 'DELETE FROM ps_pairing_codes WHERE pairing_code = ?';
database.query(sql, pairing_code, function (err, result) {
let deleteSql = 'DELETE FROM ps_pairing_codes WHERE pairing_code = ?';
database.query(deleteSql, pairing_code, function (err, result) {
if (err) {
console.log('Error:', err);
} else {
console.log('Pairing code consumed');
}
});
return callback(null, upn);
resolve(upn);
}
}
});
});
}
router.get('/parent/:parent_upn/add-student', function (req, res) {
router.get('/parent/:parent_upn/add-student', async function (req, res) {
if(!req.isAuthenticated()) {
return res.status(401).send('Unauthorized');
}
@ -52,17 +55,12 @@ router.get('/parent/:parent_upn/add-student', function (req, res) {
return res.status(400).send('Bad Request, pairing_code missing');
}
let student_upn = '';
consumePairingCode(pairing_code, function (err, upn) {
if (err) {
return res.status(500).send('Internal Server Error');
let student = await consumePairingCode(pairing_code);
if (!student) {
return res.status(404).send('Not Found, pairing_code not found');
}
if (upn === null) {
return res.status(404).send('Invalid pairing code');
}
student_upn = upn;
await directory.setPrimaryParent(student, parent_upn);
res.send('Student added');
// Set the LDAP attribute parent to the parent's UPN in the student's LDAP entry
});
});
router.get('/parent/:parent_upn', function (req, res) {