summaryrefslogtreecommitdiffstats
path: root/server/api/authentication.js
diff options
context:
space:
mode:
authorJannik Schönartz2019-03-04 22:27:04 +0100
committerJannik Schönartz2019-03-04 22:27:04 +0100
commit59a1b083e02928593e3ab5a3f23d361c6303009b (patch)
tree0beeeb4e73ef79252186c4098a604297c1b240ca /server/api/authentication.js
parenteslint fixes (diff)
downloadbas-59a1b083e02928593e3ab5a3f23d361c6303009b.tar.gz
bas-59a1b083e02928593e3ab5a3f23d361c6303009b.tar.xz
bas-59a1b083e02928593e3ab5a3f23d361c6303009b.zip
[server/setup] Move (initial) setup in it's own api file
Diffstat (limited to 'server/api/authentication.js')
-rw-r--r--server/api/authentication.js28
1 files changed, 0 insertions, 28 deletions
diff --git a/server/api/authentication.js b/server/api/authentication.js
index 2aa5101..73ab822 100644
--- a/server/api/authentication.js
+++ b/server/api/authentication.js
@@ -6,14 +6,6 @@ const { decorateApp } = require('@awaitjs/express')
var noAuthRouter = decorateApp(express.Router())
var authentication = require(path.join(__appdir, 'lib', 'authentication'))
-// Setup method for checking if setup is possible.
-noAuthRouter.get('/setup', (req, res) => {
- db.user.findAll().then(users => {
- if (users.length > 0) res.status(403).send({ status: 'USERTABLE_NOT_EMPTY', error_message: 'The user table is not empty, unauthorized creation is forbidden.' })
- else res.send({ status: 'SUCCESS' })
- })
-})
-
// Authentification method for the API using the authorization header. (GET)
noAuthRouter.postAsync('/token', async (req, res) => {
const body = req.body
@@ -61,24 +53,4 @@ noAuthRouter.post('/logout', (req, res) => {
return res.status(200).send()
})
-// Setup method for creating the initial root account.
-noAuthRouter.postAsync('/setup', async (req, res) => {
- const body = req.body
- const users = await db.user.findAll()
- if (users.length > 0) res.status(403).send({ status: 'USERTABLE_NOT_EMPTY', error_message: 'The user table is not empty, unauthorized creation is forbidden.' })
- else {
- const result = await authentication.signup(body)
- const code = result.code
- delete result.code
- if (result.error) return res.status(code).send(result)
-
- const user = await db.user.findOne({ where: { id: result.id } })
- const roleDb = await db.role.create({ name: user.username, descr: 'Superadmin' })
- const permission = await db.permission.findOne({ where: { name: 'superadmin' } })
- await roleDb.addPermissions(permission.id)
- await user.addRoles(roleDb.id)
- res.send()
- }
-})
-
module.exports.noAuthRouter = noAuthRouter