Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 anys
|
dc0af96470 | ||
|
anys
|
bda47fd88b | ||
|
anys
|
c0a335d33f | ||
|
anys
|
e818051621 |
@@ -3,12 +3,16 @@ import { AsyncRoute } from "$fresh/src/server/types.ts";
|
||||
|
||||
export interface AuthenticatedState {
|
||||
isAuthenticated: true;
|
||||
session: CasContent;
|
||||
isFromPolytech: boolean;
|
||||
role: "etudiant" | "professeur" | "administration" | "autre";
|
||||
displayName: string;
|
||||
uid: string;
|
||||
availablePages: Record<string, string>;
|
||||
}
|
||||
|
||||
interface UnauthenticatedState {
|
||||
isAuthenticated: false;
|
||||
isFromPolytech: false;
|
||||
session: undefined;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,2 +0,0 @@
|
||||
#Local mode, set to true to access admin pages with any users
|
||||
LOCAL=false
|
||||
+1
-1
@@ -2,7 +2,7 @@ import { defineConfig } from "$fresh/server.ts";
|
||||
import ensureDatabases from "$root/databases/ensure.ts";
|
||||
import { load } from "@std/dotenv";
|
||||
|
||||
await load({ envPath: "./.env", export: true });
|
||||
await load({ envPath: "./.env.development.local", export: true });
|
||||
await ensureDatabases();
|
||||
export default defineConfig({
|
||||
server: {
|
||||
|
||||
@@ -19,6 +19,7 @@ import * as $_apps_students_partials_admin_consult from "./routes/(apps)/student
|
||||
import * as $_apps_students_partials_admin_upload from "./routes/(apps)/students/partials/(admin)/upload.tsx";
|
||||
import * as $_apps_students_partials_index from "./routes/(apps)/students/partials/index.tsx";
|
||||
import * as $_apps_students_types_d from "./routes/(apps)/students/types.d.ts";
|
||||
import * as $_403 from "./routes/_403.tsx";
|
||||
import * as $_404 from "./routes/_404.tsx";
|
||||
import * as $_app from "./routes/_app.tsx";
|
||||
import * as $_middleware from "./routes/_middleware.ts";
|
||||
@@ -64,6 +65,7 @@ const manifest = {
|
||||
"./routes/(apps)/students/partials/index.tsx":
|
||||
$_apps_students_partials_index,
|
||||
"./routes/(apps)/students/types.d.ts": $_apps_students_types_d,
|
||||
"./routes/_403.tsx": $_403,
|
||||
"./routes/_404.tsx": $_404,
|
||||
"./routes/_app.tsx": $_app,
|
||||
"./routes/_middleware.ts": $_middleware,
|
||||
|
||||
@@ -23,7 +23,7 @@ export const handler: MiddlewareHandler<AuthenticatedState>[] = [
|
||||
|
||||
context.state.availablePages = properties.pages;
|
||||
if (
|
||||
context.state.session.eduPersonPrimaryAffiliation == "student" &&
|
||||
context.state.role == "etudiant" &&
|
||||
Deno.env.get("LOCAL") != "true"
|
||||
) {
|
||||
properties.adminOnly.forEach((page) =>
|
||||
|
||||
@@ -240,7 +240,7 @@ export default function EditMobility() {
|
||||
</table>
|
||||
</div>
|
||||
))}
|
||||
<button type="button" onClick={handleSave} disabled={isSaving}>
|
||||
<button onClick={handleSave} disabled={isSaving}>
|
||||
{isSaving ? "Saving..." : "Confirm"}
|
||||
</button>
|
||||
</section>
|
||||
|
||||
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";
|
||||
|
||||
// deno-lint-ignore require-await
|
||||
export async function Index(_request: Request, context: FreshContext<State>) {
|
||||
return <h2>Welcome to {context.state.session?.displayName}.</h2>;
|
||||
return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
|
||||
}
|
||||
|
||||
export const config = getPartialsConfig();
|
||||
|
||||
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";
|
||||
|
||||
// deno-lint-ignore require-await
|
||||
async function Courses(_request: Request, context: FreshContext<State>) {
|
||||
return <h2>Welcome to {context.state.session?.displayName}.</h2>;
|
||||
return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
|
||||
}
|
||||
|
||||
export const config = getPartialsConfig();
|
||||
|
||||
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";
|
||||
|
||||
// deno-lint-ignore require-await
|
||||
export async function Index(_request: Request, context: FreshContext<State>) {
|
||||
return <h2>Welcome to {context.state.session?.displayName}.</h2>;
|
||||
return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
|
||||
}
|
||||
|
||||
export const config = getPartialsConfig();
|
||||
|
||||
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";
|
||||
|
||||
// deno-lint-ignore require-await
|
||||
async function Notes(_request: Request, context: FreshContext<State>) {
|
||||
return <h2>Welcome to {context.state.session?.displayName}.</h2>;
|
||||
return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
|
||||
}
|
||||
|
||||
export const config = getPartialsConfig();
|
||||
|
||||
@@ -22,7 +22,7 @@ export default function Promotion(props: PromotionProps) {
|
||||
<tbody>
|
||||
{props.students
|
||||
.filter((student) => student.promotionId === props.promo.id)
|
||||
.map((student) => <Student key={student.id} student={student} />)}
|
||||
.map((student) => <Student student={student} />)}
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
@@ -104,7 +104,7 @@ export default function UploadStudents() {
|
||||
return (
|
||||
<>
|
||||
<input type="file" accept=".xlsx, .xls" onChange={handleFileChange} />
|
||||
<button type="button" onClick={confirmUpload}>Confirm Upload</button>
|
||||
<button onClick={confirmUpload}>Confirm Upload</button>
|
||||
<p>{statusMessage.value}</p>
|
||||
</>
|
||||
);
|
||||
|
||||
@@ -60,8 +60,8 @@ function getAll(
|
||||
*/
|
||||
function addStudents(database: Database, students: Student[], promoId: string) {
|
||||
const query = `
|
||||
INSERT INTO students
|
||||
(userId, firstName, lastName, mail, promotionId)
|
||||
INSERT INTO students
|
||||
(userId, firstName, lastName, mail, promotionId)
|
||||
VALUES (?, ?, ?, ?, ?)`;
|
||||
|
||||
const statement = database.prepare(query);
|
||||
@@ -92,9 +92,9 @@ export const handler: Handlers<null, AuthenticatedState> = {
|
||||
using connection = connect("students");
|
||||
const database = connection.database;
|
||||
|
||||
if (context.state.session.eduPersonPrimaryAffiliation == "student") {
|
||||
if (context.state.role == "etudiant") {
|
||||
return new Response(
|
||||
JSON.stringify(getItself(database, context.state.session.uid)),
|
||||
JSON.stringify(getItself(database, context.state.uid)),
|
||||
{
|
||||
headers: {
|
||||
"content-type": "application/json",
|
||||
|
||||
@@ -8,13 +8,7 @@ import SelfPortrait from "$root/routes/(apps)/students/(_components)/SelfPortrai
|
||||
|
||||
// deno-lint-ignore require-await
|
||||
export async function Index(_request: Request, context: FreshContext<State>) {
|
||||
return (
|
||||
<>
|
||||
<h2>Welcome {context.state.session?.givenName}!</h2>
|
||||
<h3>Your amU identity</h3>
|
||||
<SelfPortrait self={context.state.session!} />
|
||||
</>
|
||||
);
|
||||
return <h2>Welcome {context.state.displayName || 'Guest'}!</h2>;
|
||||
}
|
||||
|
||||
export const config = getPartialsConfig();
|
||||
|
||||
@@ -0,0 +1,12 @@
|
||||
import { Head } from "$fresh/runtime.ts";
|
||||
|
||||
export default function Error403() {
|
||||
return (
|
||||
<>
|
||||
<Head>
|
||||
<title>403 - Forbidden</title>
|
||||
</Head>
|
||||
<p>403</p>
|
||||
</>
|
||||
);
|
||||
}
|
||||
+39
-8
@@ -44,6 +44,7 @@ export function getKey(user: string): string {
|
||||
export const handler: MiddlewareHandler<State>[] = [
|
||||
/**
|
||||
* Check if user is authenticated and add session to context accordingly.
|
||||
* Only authenticated users who are members of Polytech are allowed.
|
||||
* @param request The HTTP incomming request.
|
||||
* @param context The Fresh context object with custom `State`.
|
||||
* @returns The response from the next middleware.
|
||||
@@ -55,6 +56,7 @@ export const handler: MiddlewareHandler<State>[] = [
|
||||
const cookies = getCookies(request.headers);
|
||||
if (!cookies["sessionToken"]) {
|
||||
context.state.isAuthenticated = false;
|
||||
context.state.isFromPolytech = false;
|
||||
return await context.next();
|
||||
}
|
||||
|
||||
@@ -67,9 +69,27 @@ export const handler: MiddlewareHandler<State>[] = [
|
||||
);
|
||||
|
||||
if (context.state.isAuthenticated) {
|
||||
|
||||
const session: CasContent =
|
||||
(getJwtPayload(cookies["sessionToken"]) as LoginJWT).user;
|
||||
context.state.session = session;
|
||||
|
||||
const isFromPolytech = session.amuComposante.includes("polytech");
|
||||
context.state.isFromPolytech = isFromPolytech;
|
||||
|
||||
if (isFromPolytech) {
|
||||
context.state.displayName = session.displayName;
|
||||
context.state.uid = session.uid;
|
||||
|
||||
if (session.eduPersonPrimaryAffiliation == "faculty") {
|
||||
context.state.role = "professeur"
|
||||
} else if (session.eduPersonPrimaryAffiliation == "employee") {
|
||||
context.state.role = "administration"
|
||||
} else if (session.eduPersonPrimaryAffiliation == "student") {
|
||||
context.state.role = "etudiant";
|
||||
} else {
|
||||
context.state.role = "autre";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return await context.next();
|
||||
@@ -87,13 +107,24 @@ export const handler: MiddlewareHandler<State>[] = [
|
||||
): Promise<Response> {
|
||||
const url = new URL(request.url);
|
||||
|
||||
if (!isRoutePublic(url.pathname) && !context.state.isAuthenticated) {
|
||||
return new Response(null, {
|
||||
status: 302,
|
||||
headers: {
|
||||
Location: "/login",
|
||||
},
|
||||
});
|
||||
if (!isRoutePublic(url.pathname)) {
|
||||
if (!context.state.isAuthenticated) {
|
||||
return new Response(null, {
|
||||
status: 302,
|
||||
headers: {
|
||||
Location: "/login",
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
if (!context.state.isFromPolytech) {
|
||||
return new Response(null, {
|
||||
status: 403,
|
||||
headers: {
|
||||
Location: "/403",
|
||||
},
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
return await context.next();
|
||||
|
||||
Reference in New Issue
Block a user