0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-01-20 22:52:46 -05:00
verdaccio/lib/index-web.js

168 lines
5.1 KiB
JavaScript
Raw Normal View History

2015-04-08 23:54:59 +03:00
var async = require('async')
var bodyParser = require('body-parser')
var Cookies = require('cookies')
var express = require('express')
var fs = require('fs')
var Handlebars = require('handlebars')
2014-12-10 09:14:31 +03:00
var renderReadme = require('render-readme')
var Search = require('./search')
var Middleware = require('./middleware')
var match = Middleware.match
var validate_name = Middleware.validate_name
2014-11-16 20:44:46 +03:00
var validate_pkg = Middleware.validate_package
2014-11-04 17:47:03 +03:00
2015-04-08 23:54:59 +03:00
module.exports = function(config, auth, storage) {
var app = express.Router()
2015-04-08 23:54:59 +03:00
var can = Middleware.allow(auth)
2014-11-13 18:52:13 +03:00
// validate all of these params as a package name
// this might be too harsh, so ask if it causes trouble
2014-11-16 20:44:46 +03:00
app.param('package', validate_pkg)
app.param('filename', validate_name)
app.param('version', validate_name)
app.param('anything', match(/.*/))
app.use(Cookies.express())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(auth.cookie_middleware())
app.use(function(req, res, next) {
// disable loading in frames (clickjacking, etc.)
res.header('X-Frame-Options', 'deny')
next()
})
Search.configureStorage(storage)
Handlebars.registerPartial('entry', fs.readFileSync(require.resolve('./GUI/entry.hbs'), 'utf8'))
if(config.web && config.web.template) {
var template = Handlebars.compile(fs.readFileSync(config.web.template, 'utf8'));
}
else {
var template = Handlebars.compile(fs.readFileSync(require.resolve('./GUI/index.hbs'), 'utf8'))
}
app.get('/', function(req, res, next) {
var base = config.url_prefix
? config.url_prefix.replace(/\/$/, '')
: req.protocol + '://' + req.get('host')
res.setHeader('Content-Type', 'text/html')
storage.get_local(function(err, packages) {
if (err) throw err // that function shouldn't produce any
async.filterSeries(packages, function(package, cb) {
2015-04-08 23:54:59 +03:00
auth.allow_access(package.name, req.remote_user, function(err, allowed) {
setImmediate(function () {
if (err) {
cb(null, false);
} else {
cb(err, allowed)
}
})
})
}, function(err, packages) {
if (err) throw err
2015-09-24 11:24:23 +03:00
packages.sort(function(p1, p2) {
if (p1.name < p2.name) {
return -1;
}
else {
return 1;
}
});
next(template({
2016-08-20 11:57:36 -05:00
name: config.web && config.web.title ? config.web.title : 'Verdaccio',
tagline: config.web && config.web.tagline ? config.web.tagline : '',
packages: packages,
baseUrl: base,
username: req.remote_user.name,
}))
})
})
})
// Static
app.get('/-/static/:filename', function(req, res, next) {
var file = __dirname + '/static/' + req.params.filename
res.sendFile(file, function(err) {
2014-11-13 21:32:31 +03:00
if (!err) return
if (err.status === 404) {
next()
} else {
next(err)
}
})
})
app.get('/-/logo', function(req, res, next) {
res.sendFile( config.web && config.web.logo
? config.web.logo
: __dirname + '/static/logo-sm.png' )
})
app.post('/-/login', function(req, res, next) {
2014-11-16 15:37:50 +03:00
auth.authenticate(req.body.user, req.body.pass, function(err, user) {
if (!err) {
req.remote_user = user
//res.cookies.set('token', auth.issue_token(req.remote_user))
var str = req.body.user + ':' + req.body.pass
res.cookies.set('token', auth.aes_encrypt(str).toString('base64'))
2014-11-16 15:37:50 +03:00
}
var base = config.url_prefix
? config.url_prefix.replace(/\/$/, '')
: req.protocol + '://' + req.get('host')
2014-11-16 15:37:50 +03:00
res.redirect(base)
})
})
app.post('/-/logout', function(req, res, next) {
var base = config.url_prefix
? config.url_prefix.replace(/\/$/, '')
: req.protocol + '://' + req.get('host')
res.cookies.set('token', '')
res.redirect(base)
})
// Search
app.get('/-/search/:anything', function(req, res, next) {
2014-11-13 18:52:13 +03:00
var results = Search.query(req.params.anything)
var packages = []
var getData = function(i) {
storage.get_package(results[i].ref, function(err, entry) {
if (!err && entry) {
auth.allow_access(entry.name, req.remote_user, function(err, allowed) { // TODO: This may cause performance issue?
if (err || !allowed) return
packages.push(entry.versions[entry['dist-tags'].latest])
})
}
if (i >= results.length - 1) {
2014-11-13 21:32:31 +03:00
next(packages)
} else {
getData(i + 1)
}
})
}
if (results.length) {
getData(0)
} else {
2014-11-13 21:32:31 +03:00
next([])
}
})
app.get('/-/readme(/@:scope?)?/:package/:version?', can('access'), function(req, res, next) {
var packageName = req.params.package;
if (req.params.scope) packageName = "@"+ req.params.scope + "/" + packageName;
storage.get_package(packageName, {req: req}, function(err, info) {
if (err) return next(err)
2014-12-10 09:14:31 +03:00
next( renderReadme(info.readme || 'ERROR: No README data found!') )
})
})
return app
}