From 93a1065d3f20dc118bc58bbef488674e57cf8df6 Mon Sep 17 00:00:00 2001
From: nicrausaz <n.crausaz99@gmail.com>
Date: Thu, 23 May 2019 11:19:49 +0200
Subject: [PATCH] Nouveau processus d'auth fonctionnel
---
.../app/Http/Controllers/AuthController.php | 66 +-
.../API/app/Http/Middleware/JwtMiddleware.php | 2 +-
canapGEST/API/app/Providers/TequilaClient.php | 1129 +++--------------
canapGEST/API/routes/web.php | 5 +-
.../DB/Valeurs de tests/table_activity.sql | 0
.../DB/Valeurs de tests/table_applicants.sql | 0
.../DB/Valeurs de tests/table_file.sql | 0
.../DB/Valeurs de tests/table_job.sql | 0
.../DB/Valeurs de tests/table_location.sql | 0
.../DB/Valeurs de tests/table_position.sql | 0
.../DB/Valeurs de tests/table_responsible.sql | 0
.../DB/Valeurs de tests/table_scolarity.sql | 0
.../DB/Valeurs de tests/table_status.sql | 0
.../DB/Valeurs de tests/test6.sql | 0
.../{ => Documentation}/DB/createSqlUser.sql | 0
.../DB/create_db_script.sql | 0
canapGEST/{ => Documentation}/DB/model.mwb | Bin
.../{ => Documentation}/DB/model.mwb.bak | Bin
canapGEST/{ => Documentation}/DB/model.png | Bin
canapGEST/Site/package-lock.json | 6 +-
canapGEST/Site/package.json | 2 +-
canapGEST/Site/src/App.vue | 11 +-
canapGEST/Site/src/plugins/axios.js | 44 +-
canapGEST/Site/src/router/index.js | 3 +-
.../Site/src/store/modules/user/actions.js | 27 +-
25 files changed, 289 insertions(+), 1006 deletions(-)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/table_activity.sql (100%)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/table_applicants.sql (100%)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/table_file.sql (100%)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/table_job.sql (100%)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/table_location.sql (100%)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/table_position.sql (100%)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/table_responsible.sql (100%)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/table_scolarity.sql (100%)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/table_status.sql (100%)
rename canapGEST/{ => Documentation}/DB/Valeurs de tests/test6.sql (100%)
rename canapGEST/{ => Documentation}/DB/createSqlUser.sql (100%)
rename canapGEST/{ => Documentation}/DB/create_db_script.sql (100%)
rename canapGEST/{ => Documentation}/DB/model.mwb (100%)
rename canapGEST/{ => Documentation}/DB/model.mwb.bak (100%)
rename canapGEST/{ => Documentation}/DB/model.png (100%)
diff --git a/canapGEST/API/app/Http/Controllers/AuthController.php b/canapGEST/API/app/Http/Controllers/AuthController.php
index a379055..f6b2fbc 100644
--- a/canapGEST/API/app/Http/Controllers/AuthController.php
+++ b/canapGEST/API/app/Http/Controllers/AuthController.php
@@ -18,46 +18,66 @@ class AuthController extends Controller
$this->request = $request;
}
- protected function jwt($tequilaObject)
+ protected function jwt($tequila_attributes)
{
- $user_perms = AccessLevelHelper::getUserAccess($tequilaObject->getValue("group"));
+ $user_perms = AccessLevelHelper::getUserAccess($tequila_attributes['group']);
$payload = [
'iss' => "canap-gest",
- 'sub' => $tequilaObject->getValue('uniqueid'),
"tequila_data" => [
- "firstname" => $tequilaObject->getValue('firstname'),
- "name" => $tequilaObject->getValue("name"),
- "group" => $tequilaObject->getValue("group"),
- "user" => $tequilaObject->getValue("user"),
- "sciper" => $tequilaObject->getValue('uniqueid')
+ "firstname" => $tequila_attributes['firstname'],
+ "name" => $tequila_attributes['name'],
+ "group" => $tequila_attributes['group'],
+ "user" => $tequila_attributes['user'],
+ "sciper" => $tequila_attributes['uniqueid']
],
'permissions' => $user_perms['groups'],
"role" => $user_perms['role'],
'iat' => time(),
'exp' => time() + 43200
];
-
return JWT::encode($payload, env('JWT_SECRET'));
}
- public function authenticate()
+ public function login()
+ {
+ $oClient = new TequilaClient("https://tequila.epfl.ch/cgi-bin/tequila/");
+ $oClient->setParam(
+ array(
+ 'urlacces' => url("/api/auth/tequilareturn"),
+ 'service' => "Canap-Gest",
+ 'language' => "francais",
+ 'usecookie' => "on",
+ // 'allows' => "categorie=epfl-guests",
+ )
+ );
+ $oClient->setRequested(
+ array(
+ 'request' => "name,firstname,uniqueid,group",
+ //~ 'require' => "role-respaccred",
+ )
+ );
+
+ if (!empty($_GET['key'])) {
+ $attributs = $oClient->checkUser($_GET['key']);
+ if (!$attributs) {
+ exit("Unknown tequila error");
+ }
+ } else {
+ $oClient->createRequest();
+ header("Location: " . $oClient->getAuthenticationUrl());
+ exit;
+ }
+
+ return response()->json($this->jwt($attributs));
+ }
+
+ public function tequilareturn()
{
- $oClient = new TequilaClient();
- $oClient->SetApplicationName('Canap-Gest');
- $oClient->SetWantedAttributes(array('uniqueid', 'name', 'firstname', 'where', 'group'));
- $oClient->SetWishedAttributes(array('email', 'title'));
- $oClient->SetCustomFilter('org=EPFL&group=canap-gest-users-dev');
- // $oClient->SetApplicationURL('https://canap-gest.epfl.ch:8443');
- $oClient->SetApplicationURL('http://canap-gest-dev.local:8080');
- $oClient->Authenticate();
-
- return response()->json([
- 'token' => $this->jwt($oClient)
- ], 200);
+ return redirect()->to("https://canap-gest-dev.local:8080/#/?key=" . $_GET["key"]);
}
public function logout()
{
- $this->oClient->Logout();
+ // $this->oClient->Logout();
}
}
diff --git a/canapGEST/API/app/Http/Middleware/JwtMiddleware.php b/canapGEST/API/app/Http/Middleware/JwtMiddleware.php
index c13ad5a..e8055c6 100644
--- a/canapGEST/API/app/Http/Middleware/JwtMiddleware.php
+++ b/canapGEST/API/app/Http/Middleware/JwtMiddleware.php
@@ -30,7 +30,7 @@ class JwtMiddleware
}
// Make sciper, data & permissions accessible through request
- $request->attributes->add(['user_sciper' => $content->sub]);
+ $request->attributes->add(['user_sciper' => $content->tequila_data->sciper]);
$request->attributes->add(['user_data' => $content->tequila_data]);
$request->attributes->add(['user_permissions' => $content->permissions]);
$request->attributes->add(['user_role' => $content->role]);
diff --git a/canapGEST/API/app/Providers/TequilaClient.php b/canapGEST/API/app/Providers/TequilaClient.php
index d4c86a3..c44557a 100644
--- a/canapGEST/API/app/Providers/TequilaClient.php
+++ b/canapGEST/API/app/Providers/TequilaClient.php
@@ -1,962 +1,223 @@
<?php
+/**
+ * Client implementation for Tequila opaque mode (http://tequila.epfl.ch)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * @copyright 2006 Camptocamp SA
+ * @author Alexandre Saunier
+ *
+ * @package Plugins
+ * @version $Id: $
+ */
+
+
+/* -----------------------------------------------------------------------------
+Modifications
+27.06.2008 - Nicolas Dubois
+ Fonction getCurrentUrl -> ajoute check https + query_string
+30.05.2006 - Nicolas Dubois
+ - Support PHP 4
+ - Check ssl CA (certificat de l'Autorit� de Certification EPFL).
+ epflca.pem must be in the same directory as tequila_opaque.php
+ - Check required attributes
+------------------------------------------------------------------------------*/
namespace App\Providers;
-/*========================================================================
-
- PHP client for Tequila, v. 2.0.4 (Tue Nov 14 10:47:18 CET 2006)
- (C) 2004, Lionel Clavien [lionel dot clavien AT epfl dot ch]
- This code is released under the GNU GPL v2 terms (see LICENCE file).
-
- Changelog:
- 0.1.0, 2004-06-27: Creation
- 0.1.1, 2004-08-29: Changed RSA authentication method to use the new
- server certificate in lieu of the server public key
- [openssl bug ?]
- 0.1.2, 2004-09-04: Configuration options put in tequila_config.inc.php
- ......
-
- 2.0.3 : I forgot.
- 2.0.4 : Fix problem with cookie. Now it is a session cookie.
- 2.0.5 : Fix ERROR_SESSION_FILE (replace with ERROR_SESSION_FILE_FORMAT).
- Fix bug in fetchAttributes().
-
- 3.0.0 : Big rewrite.
- Fix session time out
- use PHP sessions
- hide key attribute in urlaccess.
-
- 3.0.1 : Fix INFO_PATH & QUERY_STRING test.
- 3.0.2 : 2011-08-05 : Include comments from Lucien Chaboudez
- Define MIN_SESSION_TIMEOUT
- Delete cookie with explicit root path
-
- 3.0.3 : 2012-04-12 : Patch from Lucien Chaboudez
- LoadSession :Check if all the wanted attributes are present
- in the $_SESSION.
-
- TODO:
- - implement more documented features (allows, ?)
-
-========================================================================*/
-
-// Disable PHP error reporting
-error_reporting (0);
-error_reporting (E_ALL); // DEBUG
-
-// Start output buffering, for the authentication redirection to work...
-ob_start ();
-
-// Load configuration file
-require_once ('tequila_config.inc.php');
-
-// PHP 4.3.0
-if (!function_exists ('file_get_contents')) {
- function file_get_contents ($sFileName) {
- $rHandle = fopen($sFileName, "rb");
- if (!$rHandle) return (FALSE);
- $sContents = fread ($rHandle, filesize ($sFileName));
- return ($sContents);
- }
-}
-
-// PHP 4.2.0
-if(!function_exists('ob_clean')) {
- function ob_clean() {
- ob_end_clean();
- ob_start();
- }
-}
-
-// Constants declarations
-define('SESSION_INVALIDKEY', 8);
-define('SESSION_READ', 9);
-define('SESSION_TIMEOUT', 7);
-
-define('AUTHENTICATE_RSA', 1); // No longer used, ignored.
-define('AUTHENTICATE_URL', 2); // No longer used, ignored.
-
-define('ERROR_AUTH_METHOD_UNKNOWN', 129);
-define('ERROR_CREATE_FILE', 134);
-define('ERROR_CREATE_SESSION_DIR', 137);
-define('ERROR_CREATE_SESSION_FILE', 145);
-define('ERROR_NO_DATA', 133);
-define('ERROR_NO_KEY', 131);
-define('ERROR_NO_MESSAGE', 139);
-define('ERROR_NO_SERVER_DEFINED', 143);
-define('ERROR_NO_SERVER_KEY', 140);
-define('ERROR_NO_SESSION_DIR', 130);
-define('ERROR_NO_SIGNATURE', 138);
-define('ERROR_NO_VALID_PUBLIC_KEY', 141);
-define('ERROR_NOT_READABLE', 135);
-define('ERROR_SESSION_DIR_NOT_WRITEABLE', 148);
-define('ERROR_SESSION_FILE_EXISTS', 144);
-define('ERROR_SESSION_FILE_FORMAT', 146);
-define('ERROR_SESSION_TIMEOUT', 136);
-define("ERROR_UNKNOWN_ERROR", 127);
-define('ERROR_UNSUPPORTED_METHOD', 132);
-define('ERROR_CURL_NOT_LOADED', 149);
-
-define('LNG_DEUTSCH', 2);
-define('LNG_ENGLISH', 1);
-define('LNG_FRENCH', 0);
-
-define('COOKIE_LIFE', 86400);
-define('COOKIE_NAME', 'TequilaPHP');
-define('MIN_SESSION_TIMEOUT', 600);
+/**
+ * @package Plugins
+ */
class TequilaClient {
- var $aLanguages = array (
- LNG_ENGLISH => 'english',
- LNG_FRENCH => 'francais',
- );
- var $aErrors = array(
- ERROR_UNKNOWN_ERROR => array(
- LNG_ENGLISH => 'An unknown error has occured.',
- LNG_FRENCH => 'Une erreur inconnue est survenue.',
- ),
- ERROR_SESSION_DIR_NOT_WRITEABLE => array(
- LNG_ENGLISH => 'Error: the given sessions directory is not writeable.',
- LNG_FRENCH => 'Erreur: le r�pertoire de sessions indiqu� ne peut pas �tre �crit.',
- ),
- ERROR_SESSION_FILE_FORMAT => array(
- LNG_ENGLISH => 'Error: invalid session file format.',
- LNG_FRENCH => 'Erreur: format de fichier de session non valide.',
- ),
- ERROR_CREATE_SESSION_FILE => array(
- LNG_ENGLISH => 'Error: session file creation failed.',
- LNG_FRENCH => 'Erreur: �chec lors de la cr�ation du fichier de session.',
- ),
- ERROR_NO_DATA => array(
- LNG_ENGLISH => 'Error: no session data.',
- LNG_FRENCH => 'Erreur: aucune donn�e de session.',
- ),
- ERROR_NO_SESSION_DIR => array(
- LNG_ENGLISH => 'Error: inexistant or unspecified sessions directory.',
- LNG_FRENCH => 'Erreur: dossier de sessions inexistant ou non sp�cifi�.',
- ),
- ERROR_NO_SERVER_DEFINED => array(
- LNG_ENGLISH => 'Error: no authentication server available.',
- LNG_FRENCH => 'Erreur: aucun serveur d\'authentification disponible.',
- ),
- ERROR_UNSUPPORTED_METHOD => array(
- LNG_ENGLISH => 'Error: unsupported request method.',
- LNG_FRENCH => 'Erreur: m�thode de transmission inconnue.',
- ),
- ERROR_NOT_READABLE => array(
- LNG_ENGLISH => 'Error: unable to read session file.',
- LNG_FRENCH => 'Erreur: fichier de session non lisible.',
- ),
- ERROR_CREATE_FILE => array(
- LNG_ENGLISH => 'Error: unable to create session file.',
- LNG_FRENCH => 'Erreur: impossible de cr�er le fichier de sessions.',
- ),
- ERROR_SESSION_TIMEOUT => array(
- LNG_ENGLISH => 'Error: session timed out.',
- LNG_FRENCH => 'Erreur: la session a expir�.',
- ),
- ERROR_CREATE_SESSION_DIR => array(
- LNG_ENGLISH => 'Error: unable to create sessions directory.',
- LNG_FRENCH => 'Erreur: impossible de cr�er le dossier de sessions d�fini.',
- ),
- ERROR_NO_MESSAGE => array(
- LNG_ENGLISH => 'Error: no message to authenticate.',
- LNG_FRENCH => 'Erreur: pas de message � v�rifier.',
- ),
- ERROR_NO_SERVER_KEY => array(
- LNG_ENGLISH => 'Error: no public key defined.',
- LNG_FRENCH => 'Erreur: la cl� publique du serveur d\'authentification n\'est pas d�finie ou disponible.',
- ),
- ERROR_NO_VALID_PUBLIC_KEY => array(
- LNG_ENGLISH => 'Error: invalid public key.',
- LNG_FRENCH => 'Erreur: la cl� publique fournie n\'est pas valide.',
- ),
- ERROR_NO_SIGNATURE => array(
- LNG_ENGLISH => 'Error: no signature for mesage authentication.',
- LNG_FRENCH => 'Erreur: pas de signature pour la v�rification du mesage.',
- ),
- ERROR_NO_KEY => array (
- LNG_ENGLISH => 'Error: no session key.',
- LNG_FRENCH => 'Erreur: pas de cl� de session.',
- ),
- ERROR_SESSION_FILE_EXISTS => array (
- LNG_ENGLISH => 'Error: session already created.',
- LNG_FRENCH => 'Erreur: session d�j� cr��e.',
- ),
- ERROR_CURL_NOT_LOADED => array (
- LNG_ENGLISH => 'Error: CURL Extension is not loaded.',
- LNG_FRENCH => 'Erreur: L\'extension CURL n\'est pas pr�sente.',
- ),
- );
- var $aWantedRights = array ();
- var $aWantedRoles = array ();
- var $aWantedAttributes = array ();
- var $aWishedAttributes = array ();
- var $aWantedGroups = array ();
- var $aCustomAttrs = array ();
- var $sCustomFilter = '';
- var $sAllowsFilter = '';
- var $iLanguage = LNG_FRENCH;
- var $sApplicationURL = '';
- var $sApplicationName = '';
- var $sResource = '';
- var $sKey = '';
- var $sMessage = '';
- var $aAttributes = array();
- var $iTimeout;
- var $sServer = '';
- var $sServerUrl = '';
- var $sCAFile = '';
- var $sCertFile = '';
- var $sKeyFile = '';
- var $bReportErrors = TRUE;
- var $stderr;
-
- var $logoutUrl;
-
- var $requestInfos = array();
-
- /*====================== Constructor
- GOAL : Class constructor
- NOTE : All parameters are optional. They are present in the config
- file tequila_config.inc.php
- IN : $sServerURL -> (optional) Tequila server address (ie : https://tequila.epfl.ch/cgi-bin/tequila)
- IN : $sSessionsDirectory -> (optional) The directory where to save sessions files
- IN : $iTimeout -> (optional) Session timeout
- */
- function __construct($sServer = '', $iTimeout = NULL) {
- $this->stderr = fopen ('php://stderr', 'w');
- /* If curl is not found, */
- if (!extension_loaded ('curl')) {
- return $this->Error (ERROR_CURL_NOT_LOADED);
- }
-
- /* Initializations. If no parameter given, get info from config file */
- if (empty ($sServer)) $sServer = GetConfigOption ('sServer');
- if (empty ($sServer)) $sServerUrl = GetConfigOption ('sServerUrl');
-
- $aEtcConfig = $this->LoadEtcConfig ();
-
- if (empty ($sServer)) $sServer = $aEtcConfig ['sServer'];
- if (empty ($sServerUrl)) $sServerUrl = $aEtcConfig ['sServerUrl'];
-
- if (empty ($sServerUrl) && !empty ($sServer))
- $sServerUrl = $sServer . '/cgi-bin/tequila';
- if (empty ($iTimeout)) $iTimeout = GetConfigOption ('iTimeout', 86400);
- if (empty ($logoutUrl)) $logoutUrl = GetConfigOption ('logoutUrl');
-
- $this->sServer = $sServer;
- $this->sServerUrl = $sServerUrl;
- $this->iTimeout = $iTimeout;
- $this->logoutUrl = $logoutUrl;
- $this->iCookieLife = COOKIE_LIFE;
- $this->sCookieName = COOKIE_NAME;
- }
-
- /*====================== ERROR MANAGEMENT
- GOAL : Manage errors
- IN : $iError -> the number representing the error
- */
- function Error ($iError) {
-
- /* If not debug mode */
- if (!$this->bReportErrors) return ($iError);
-
- /* If language not initilized*/
- $iCurrentLanguage = $this->GetLanguage ();
- if (empty ($iCurrentLanguage))
- $iCurrentLanguage = LNG_FRENCH;
-
- /* If the error number is found in the errors array, */
- if (array_key_exists ($iError, $this->aErrors))
- /* Error display */
- echo "\n<br /><font color='red' size='5'>" .
- $this->aErrors[$iError][$iCurrentLanguage] .
- "</font><br />\n";
- else /* Error not found */
- echo "\n<br /><font color='red' size='5'>" .
- $this->aErrors [ERROR_UNKNOWN_ERROR][$iCurrentLanguage] .
- "</font><br />\n";
- return ($iError);
- }
-
- /*======================
- GOAL : Set if you want display the errors or not
- IN : $bReportErrors -> (TRUE|FALSE)
- */
- function SetReportErrors ($bReportErrors) {
- $this->bReportErrors = $bReportErrors;
- }
-
- /* GOAL : Return the value of bReportErrors (TRUE|FALSE) */
- function GetReportErrors () {
- return ($this->bReportErrors);
- }
-
- function LoadEtcConfig () {
- $sFile = '/etc/tequila.conf';
- if (!file_exists ($sFile)) return false;
- if (!is_readable ($sFile)) return false;
-
- $aConfig = array ();
- $sConfig = trim (file_get_contents ($sFile));
- $aLine = explode ("\n", $sConfig);
- foreach ($aLine as $sLine) {
- if (preg_match ('/^TequilaServer:\s*(.*)$/i', $sLine, $match))
- $aConfig ['sServer'] = $match [1];
-
- if (preg_match ('/^TequilaServerUrl:\s*(.*)$/i', $sLine, $match))
- $aConfig ['sServerUrl'] = $match [1];
- }
- return $aConfig;
- }
-
- /*====================== Custom parameters
- GOAL : Set the custom parameters
- IN : $customParameters -> an array containing the parameters. The
- array key is the name of the parameter and the value is the value.
- */
- function SetCustomParamaters ($customParamaters) {
- foreach ($customParamaters as $key => $val) {
- $this->requestInfos [$key] = $val;
- }
- }
-
- /* GOAL : Returns the custom parameters */
- function GetCustomParamaters () {
- return $this->requestInfos;
- }
+ // Const
+ var $EPFL_CA = "quovadis.pem";
- /*********************** WANTED RIGHTS ***************************
- ====================== Required rights ("wantright" parameter)
- GOAL : set the wanted rights
- IN : $aWantedRights -> an array with the rights
- */
- function SetWantedRights ($aWantedRights) {
- $this->aWantedRights = $aWantedRights;
- }
-
- /*
- GOAL : Add a wanted right. The wanted right must be an array. It
- will be merged we the array containing the wanted rights.
- IN : $aRightsToAdd -> an array containing the wanted rights to add
- */
- function AddWantedRights ($aWantedRights) {
- $this->aWantedRights = array_merge ($this->aWantedRights, $aWantedRights);
- }
-
- /*
- GOAL : Remove some wanted rights
- IN : $aRightsToRemove -> an array with the wanted rights to remove
- */
- function RemoveWantedRights ($aWantedRights) {
- foreach ($this->aWantedRights as $sWantedRight)
- if (in_array($sWantedRight, $aWantedRights))
- unset($this->aWantedRights[array_search($sWantedRight, $this->aWantedRights)]);
- }
-
- /* GOAL : Returns the wanted rights array. */
- function GetWantedRights () {
- return ($this->aWantedRights);
- }
-
- /************************ WANTED ROLES ***************************
- ====================== Required roles ("wantrole" parameter)
- GOAL : Set the wanted Roles
- IN : $aWantedRoles -> an array with the wanted roles
- */
- function SetWantedRoles ($aWantedRoles) {
- $this->aWantedRoles = $aWantedRoles;
- }
-
- /*
- GOAL : Add some wanted roles to the current roles
- IN : $aRolesToAdd -> an array with the roles to add.
- */
- function AddWantedRoles ($aWantedRoles) {
- $this->aWantedRoles = array_merge ($this->aWantedRoles, $aWantedRoles);
- }
-
- /*
- GOAL : Remove some wanted roles from the list
- IN : $aRolesToRemove -> an array with the roles to remove
- */
- function RemoveWantedRoles ($aWantedRoles) {
- foreach ($this->aWantedRoles as $sWantedRole)
- if (in_array ($sWantedRole, $aWantedRoles))
- unset ($this->aWantedRoles [array_search ($sWantedRole, $this->aWantedRoles)]);
- }
-
- /* GOAL : Returns the array containing the wanted roles */
- function GetWantedRoles () {
- return ($this->aWantedRoles);
- }
-
- /********************* REQUIRED ATTRIBUTES ***********************
- ====================== Required attributes ("request" parameter)
- GOAL : Set the wanted attributes
- IN : $aWantedAttributes -> an array containing the wanted attributes
- */
- function SetWantedAttributes ($aWantedAttributes) {
- $this->aWantedAttributes = $aWantedAttributes;
- }
-
- /*
- GOAL : Add some wanted attributes to the list
- IN : $aAttributesToAdd -> an array with the attributes to add
- */
- function AddWantedAttributes ($aWantedAttributes) {
- $this->aWantedAttributes = array_merge ($this->aWantedAttributes,
- $aWantedAttributes);
- }
-
- /*
- GOAL : Remove some wanted attributes from the list
- IN : $aAttributesToRemove -> an array containing the attributes to remove
- */
- function RemoveWantedAttributes ($aWantedAttributes) {
- foreach ($this->aWantedAttributes as $sWantedAttribute)
- if (in_array($sWantedAttribute, $aWantedAttributes))
- unset ($this->aWantedAttributes [array_search($sWantedAttribute,
- $this->aWantedAttributes)]);
- }
-
- /* GOAL : Returns the array containing the wanted attributes */
- function GetWantedAttributes () {
- return ($this->aWantedAttributes);
- }
-
- /********************** WISHED ATTRIBUTES ************************
- ====================== Desired attributes ("wish" parameter)
- GOAL : Set the wished attributes
- IN : $aWishedAttributes -> an array containing the wished attributes
- */
- function SetWishedAttributes ($aWishedAttributes) {
- $this->aWishedAttributes = $aWishedAttributes;
- }
-
- /*
- GOAL : Add some wished attributes to the list
- IN : $aAttributesToAdd -> an array containing the attributes to add
- */
- function AddWishedAttributes ($aWishedAttributes) {
- $this->aWishedAttributes = array_merge ($this->aWishedAttributes,
- $aWishedAttributes);
- }
-
- /*
- GOAL : Remove some wished attributes fromme the list
- IN : $aAttributesToRemove -> an array with the attributes to remove
- */
- function RemoveWishedAttributes ($aWishedAttributes) {
- foreach ($this->aWishedAttributes as $aWishedAttribute)
- if (in_array($aWishedAttribute, $aWishedAttributes))
- unset ($this->aWishedAttributes[array_search($aWishedAttribute,
- $this->aWishedAttributes)]);
- }
-
- /* GOAL : Returns the array containing the wished attributes */
- function GetWishedAttributes () {
- return ($this->aWishedAttributes);
- }
-
- /************************ WANTED GROUPS **************************
- ====================== Required groups ("belongs" parameter)
- GOAL : Set the wanted groups
- IN : $aWantedGroups -> an array containing the groups
- */
- function SetWantedGroups ($aWantedGroups) {
- $this->aWantedGroups = $aWantedGroups;
- }
-
- /*
- GOAL : Add some wanted groups to the list
- IN : $aGroupsToAdd -> an array containing the groups to add
- */
- function AddWantedGroups ($aWantedGroups) {
- $this->aWantedGroups = array_merge($this->aWantedGroups, $aWantedGroups);
- }
-
- /*
- GOAL : Remove some wanted groups from the list
- IN : $aGroupsToRemove -> an array containing the groups to remove
- */
- function RemoveWantedGroups ($aWantedGroups) {
- foreach ($this->aWantedGroups as $aWantedGroup)
- if (in_array($aWantedGroup, $aWantedGroups))
- unset($this->aWantedGroups[array_search($aWantedGroup,
- $this->aWantedGroups)]);
- }
-
- /* GOAL : Returns the array containing the wanted groups */
- function GetWantedGroups () {
- return ($this->aWantedGroups);
- }
-
- /************************* CUSTOM FILTER **************************
- ====================== Own filter ("require" parameter)
- GOAL : Set the custom filter.
- IN : $sCustomFilter -> a string containing the custom filter
- */
- function SetCustomFilter ($sCustomFilter) {
- $this->sCustomFilter = $sCustomFilter;
- }
-
- /* GOAL : Returns the string containing the custom filter */
- function GetCustomFilter () {
- return ($this->sCustomFilter);
- }
-
- /************************ ALLOWS FILTER **************************
- ====================== Allows filter ("allows" parameter)
- GOAL : Sets the allow filter
- IN : $sAllowsFilter -> a string containing the allow filter
- */
- function SetAllowsFilter ($sAllowsFilter) {
- $this->sAllowsFilter = $sAllowsFilter;
- }
-
- /* GOAL : Returns the string containing the allows filter */
- function GetAllowsFilter () {
- return ($this->sAllowsFilter);
- }
-
- /********************* LANGUAGE INTERFACE *************************
- ====================== Interface language ("language" parameter)
- GOAL : Sets the current language
- IN : $sLanguage -> the language : 'english' | 'francais'
- */
- function SetLanguage ($sLanguage) {
- $this->iLanguage = $sLanguage;
- }
-
- /* GOAL : Returns the current language */
- function GetLanguage () {
- return ($this->iLanguage);
- }
-
- /*********************** APPLICATION URL **************************
- ====================== Application URL ("urlaccess" parameter)
- GOAL : Sets the application URL. This is the URL where to redirect
- when the authentication has been done
- IN : $sApplicationURL -> the url
- */
- function SetApplicationURL ($sApplicationURL) {
- $this->sApplicationURL = $sApplicationURL;
- }
-
- /* GOAL : Returns the application URL */
- function GetApplicationURL () {
- return ($this->sApplicationURL);
- }
-
- /********************** APPLICATION NAME *************************
- ====================== Application name ("service" parameter)
- GOAL : Set the application name. This will be displayed on the
- Tequila login window.
- IN : $sApplicationName -> string containing the application name
- */
- function SetApplicationName ($sApplicationName) {
- $this->sApplicationName = $sApplicationName;
- }
-
- /* GOAL : returns the application name */
- function GetApplicationName () {
- return ($this->sApplicationName);
- }
-
- /*********************** RESOURCE NAME ****************************
- GOAL : Set the resource name
- IN : $sResource -> string with the resource name
- */
- function SetResource ($sResource) {
- $this->sResource = $sResource;
- }
-
- /* GOAL : Returns the resource name */
- function GetResource () {
- return ($this->sResource);
- }
-
- /*********************** SESSION KEY ******************************
- GOAL : Set the session key
- IN : $sKey -> string with the session key
- */
- function SetKey ($sKey) {
- $this->sKey = $sKey;
- }
-
- /* GOAL : Returns the session key */
- function GetKey () {
- return ($this->sKey);
- }
-
- /*********************** SESSION MESSAGE **************************
- GOAL : Set the session message
- IN : $sMessage -> string with the session message
- */
- function SetMessage ($sMessage) {
- $this->sMessage = $sMessage;
- }
-
- /* GOAL : Returns the session message */
- function GetMessage () {
- return ($this->sMessage);
- }
-
- /************************ TEQUILA SERVER **************************
- ====================== server name
- GOAL : Set tequila server name (i.e https://tequila.epfl.ch)
- IN : $sServer -> the name
- */
- function SetServer ($sServer) {
- $this->sServer = $sServer;
- }
-
- /* GOAL : Returns Tequila server's name */
- function GetServer () {
- return ($this->sServer);
- }
-
- /*====================== server URL
- GOAL : Set tequila server URL (ie https://tequila.epfl.ch/cgi-bin/tequila)
- IN : $sURL -> the url
- */
- function SetServerURL ($sURL) {
- $this->sServerUrl = $sURL;
- }
-
- /* GOAL : Returns Tequila server's url */
- function GetServerURL () {
- return ($this->sServerUrl);
- }
-
- //====================== Session manager parameters
- function SetTimeout ($iTimeout) {
- $this->iTimeout = $iTimeout;
- }
-
- function GetTimeout () {
- return ($this->iTimeout);
- }
-
- /************************ COOKIE PARAMETERS *********************
- GOAL : Set the cookie parameters. Very useful if you have page on your
- website that have different access rights than the other pages.
- Use this function to set the cookie name for thoses pages.
- */
- /*====================== Cookie Life parameters
- IN : $iCookieLife -> life of the cookie.
- */
- function SetCookieLife ($iTimeout) { // Obsolete
- $this->iCookieLife = $iTimeout;
- }
-
- /*====================== Cookie Name parameters
- IN : $sCookieName -> name of the cookie.
- */
- function SetCookieName ($sCookieName) {
- $this->sCookieName = $sCookieName;
- }
-
- /************************ CREATE PHP SESSION *******************
- GOAL : Create a PHP session with the Tequila attributes
- IN : $attributes -> an array containing the attributes returned
- by the tequila server.
- */
- function CreateSession ($attributes) {
- if (!$attributes) return (FALSE);
- foreach ($attributes as $key => $val) {
- $this->aAttributes [$key] = $val;
- $_SESSION [$key] = $val;
+ var $TEQUILA_CREATE = 'createrequest';
+ var $TEQUILA_VALIDATE = 'validatekey';
+ var $TEQUILA_REDIRECT = 'requestauth';
+ var $TEQUILA_CONFIG = 'getconfig';
+
+ // Class attributes
+ var $tequilaUrl;
+ var $epflca;
+ var $key;
+ var $request;
+ var $require;
+
+ // Constructor
+ // $tequilaUrl = tequila server url
+ // $epflca = path to EPFL certification authority (format: PEM)
+ function __construct($tequilaUrl) {
+ if (!extension_loaded('curl')) {
+ exit('Extension CURL is not loaded');
+ }
+ $this->tequilaUrl = $tequilaUrl;
}
- $_SESSION ['creation'] = time ();
- return (TRUE);
- }
- /* GOAL : Load or update a PHP session */
- function LoadSession () {
- if (!isset ($_SESSION ['user'])) return (FALSE);
-
- /****
- Check if all the wanted attributes are present in the $_SESSION.
- If at least one of the attribute is missing, we can consider that information
- is missing in $_SESSION. In this case, we return false to "force" to create a new
- session with the wanted attributes. This can happen when several website are
- running on the same web server and all are using the PHP Tequila Client.
- ****/
-
- foreach ($this->aWantedAttributes as $wantedAttribute) {
- if (!array_key_exists ($wantedAttribute, $_SESSION)) return false;
- }
- foreach ($this->aWishedAttributes as $wishedAttribute) {
- if (!array_key_exists ($wishedAttribute, $_SESSION)) return false;
+ function setParam($param) {
+ $this->param = $param;
}
- $sesstime = time () - $_SESSION ['creation'];
- if ($sesstime > $this->iTimeout) return (FALSE);
- $this->sKey = $_SESSION ['key'];
- return (TRUE);
- }
+ function setRequested($requested) {
+ $this->requested = $requested;
+ }
- /************************* USER ATTRIBUTES ***********************
- GOAL : Returns an array containing user's attributes names as indexes
- and attributes values as values
- @out : Array containing attributes names as indexes and
- attributes values as values
- */
- function GetAttributes() {
- return ($this->aAttributes);
- }
-
- /* GOAL : To know if the user's attributes are present or not.
- @in : Array containing wanted attributes as keys
- @out : The same array with TRUE or FALSE as value for the
- corresponding attribute
- */
- function HasAttributes (&$aAttributes) {
- foreach ($aAttributes as $sAttribute => $sHasIt)
- if (array_key_exists($sAttribute, $this->aAttributes))
- $aAttributes [$sAttribute] = TRUE;
- else
- $aAttributes [$sAttribute] = FALSE;
- }
- /* GOAL : Launch the user authentication */
- function Authenticate () {
- session_start ();
- if ($this->LoadSession ()) return (TRUE);
- if (isset ($_COOKIE [$this->sCookieName]) && !empty ($_COOKIE [$this->sCookieName])) {
- $this->sKey = $_COOKIE [$this->sCookieName];
- $attributes = $this->fetchAttributes ($this->sKey);
- if ($attributes) {
- $this->CreateSession ($attributes);
- return (TRUE);
- }
+ /**
+ * Sends a CURL request to the Tequila server.
+ * @param string type of request
+ * @param array array of fields to send
+ * @return mixed
+ */
+ function askTequila($type, $fields = array()) {
+ $ch = curl_init();
+
+ curl_setopt($ch, CURLOPT_HEADER, false);
+ curl_setopt($ch, CURLOPT_POST, true);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ //~ curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__)."/".$this->EPFL_CA);
+
+ $url = $this->tequilaUrl;
+ switch ($type) {
+ case 'create':
+ $url .= $this->TEQUILA_CREATE;
+ break;
+
+ case 'validate':
+ $url .= $this->TEQUILA_VALIDATE;
+ break;
+
+ case 'config':
+ $url .= $this->TEQUILA_CONFIG;
+ break;
+
+ default:
+ exit("Invalid Tequila request: $type");
+ }
+ curl_setopt($ch, CURLOPT_URL, $url);
+
+ if (is_array($fields) && count($fields)) {
+ $pFields = array();
+ foreach ($fields as $key => $val) {
+ $pFields[] = sprintf('%s=%s', $key, $val);
+ }
+ $query = implode("\n", $pFields);
+ //~ print $query; exit();
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $query);
+ }
+
+ $response = curl_exec($ch);
+ if (curl_errno($ch)) {
+ die ("cURL error: ".curl_error($ch)."\n");
+ }
+
+ // If connexion failed (HTTP code 200 <=> OK)
+ if (curl_getinfo($ch, CURLINFO_HTTP_CODE) != '200') {
+ $response = false;
+ }
+
+ curl_close($ch);
+
+ return $response;
}
- $this->createRequest ();
- setcookie ($this->sCookieName, $this->sKey);
- $url = $this->getAuthenticationUrl ();
- header ('Location: ' . $url);
- exit;
- }
-
- /*
- GOAL : Sends an authentication request to Tequila
- */
- function createRequest () {
- $urlaccess = $this->sApplicationURL;
- /* If application URL not initialized,
- we try to generate it automatically */
- if (empty ($urlaccess)) {
- $urlaccess = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on'))
- ? 'https://' : 'http://')
- . $_SERVER['SERVER_NAME'] . ":" . $_SERVER['SERVER_PORT'] . $_SERVER['PHP_SELF'];
- if (isset($_SERVER['PATH_INFO'])) {
- $urlaccess .= $_SERVER['PATH_INFO'];
- }
- if (isset($_SERVER['QUERY_STRING'])) {
- $urlaccess .= '?' . $_SERVER['QUERY_STRING'];
- }
+ /**
+ * Returns current URL.
+ * @return string
+ */
+ function getCurrentUrl() {
+ $url = $_SERVER["HTTPS"] == "off" ? "http://" : "https://";
+ $url .= $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];//$_SERVER['PHP_SELF'];
+ // if ($_SERVER["QUERY_STRING"]) {
+ // $url .= "?".$_SERVER["QUERY_STRING"];
+ // }
+ return $url;
}
- /* Request creation */
- $this->requestInfos ['urlaccess'] = $urlaccess;
-
- if (!empty ($this->sApplicationName))
- $this->requestInfos ['service'] = $this->sApplicationName;
- if (!empty ($this->aWantedRights))
- $this->requestInfos ['wantright'] = implode($this->aWantedRights, '+');
- if (!empty ($this->aWantedRoles))
- $this->requestInfos ['wantrole'] = implode($this->aWantedRoles, '+');
- if (!empty ($this->aWantedAttributes))
- $this->requestInfos ['request'] = implode ($this->aWantedAttributes, '+');
- if (!empty ($this->aWishedAttributes))
- $this->requestInfos ['wish'] = implode ($this->aWishedAttributes, '+');
- if (!empty ($this->aWantedGroups))
- $this->requestInfos ['belongs'] = implode($this->aWantedGroups, '+');
- if (!empty ($this->sCustomFilter))
- $this->requestInfos ['require'] = $this->sCustomFilter;
- if (!empty ($this->sAllowsFilter))
- $this->requestInfos ['allows'] = $this->sAllowsFilter;
- if (!empty ($this->iLanguage))
- $this->requestInfos ['language'] = $this->aLanguages [$this->iLanguage];
-
- $this->requestInfos ['dontappendkey'] = "1";
-
- ob_end_clean();
-
- /* Asking tequila */
- $response = $this->askTequila ('createrequest', $this->requestInfos);
- $this->sKey = substr (trim ($response), 4); // 4 = strlen ('key=')
- }
-
- /* GOAL : Returns current URL.
- @return string
- */
- function getCurrentUrl () {
- return 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
- }
-
- /* GOAL : Checks that user has correctly authenticated and retrieves its data.
- @return mixed
- */
- function fetchAttributes ($sessionkey) {
- $fields = array ('key' => $sessionkey);
- $response = $this->askTequila ('fetchattributes', $fields);
- if (!$response) return false;
-
- $result = array ();
- $attributes = explode ("\n", $response);
-
- /* Saving returned attributes */
- foreach ($attributes as $attribute) {
- $attribute = trim ($attribute);
- if (!$attribute) continue;
- list ($key, $val) = explode ('=', $attribute,2);
- //if ($key == 'key') { $this->key = $val; }
- //if ($key == 'org') { $this->org = $val; }
- //if ($key == 'user') { $this->user = $val; }
- //if ($key == 'host') { $this->host = $val; }
- $result [$key] = $val;
+ /**
+ * Sends an authentication request to Tequila.
+ */
+ function createRequest() {
+ $response = $this->askTequila('create', array_merge($this->requested, $this->param));
+ $this->key = substr(trim($response), 4); // 4 = strlen('key=')
}
- return $result;
- }
-
- /**
- * Returns the value of $key.
- * $key is a Tequila attribute.
- * @return string
- */
- function getValue ($key = ''){
- if (isset ($_SESSION [$key])) return $_SESSION [$key];
- }
-
- /*GOAL : Gets tequila server config infos */
- function getConfig () {
- return $this->askTequila ('config');
- }
- /*GOAL : Returns the Tequila authentication form URL.
- @return string
- */
- function getAuthenticationUrl () {
- //return sprintf('%s/requestauth?requestkey=%s',
- // $this->sServerUrl,
- // $this->sKey);
- return sprintf('%s/requestauth?requestkey=%s',
- $this->sServerUrl,
- $this->sKey);
- }
-
- /*
- GOAL : Returns the logout URL
- IN : $redirectUrl -> (optional) the url to redirect to when logout is done
- */
- function getLogoutUrl ($redirectUrl = '') {
- $url = sprintf('%s/logout', $this->sServerUrl);
- if (!empty($redirectUrl)) {
- $url .= "?urlaccess=" . urlencode ($redirectUrl);
+ /**
+ * Checks that user has correctly authenticated and retrieves its data.
+ * @return mixed
+ */
+ function checkUser($key) {
+ $fields = array('key' => $key);
+ $response = $this->askTequila('validate', $fields);
+
+ if (!$response) {
+ return false;
+ }
+
+ $attributes = $this->parseAttributes($response);
+
+ // Check required
+ foreach ($this->requested as $requestedAttributes) {
+ foreach (explode(",", $requestedAttributes) as $requestedAttribute) {
+ if (!array_key_exists($requestedAttribute, $attributes)) {
+ exit("Tequila error: missing attribute $requestedAttribute");
+ }
+ }
+ }
+
+ return $attributes;
}
- return $url;
- }
- /*
- GOAL : Destroy the session file
- */
- function KillSessionFile() {
- if(!empty($_SESSION)){
- session_destroy();
+ /**
+ * Gets Tequila Server config info.
+ * @return string
+ */
+ function getConfig() {
+ return $this->askTequila('config');
}
- }
-
- /*
- GOAL : Destroy session cookie
- */
- function KillSessionCookie() {
- // Delete cookie by setting expiration time in the past with root path
- setcookie($this->sCookieName, '', time()-3600, '/');
- }
-
- /*
- GOAL : terminate a session
- */
- function KillSession() {
- $this->KillSessionFile();
- $this->KillSessionCookie();
- }
-
- /*
- GOAL : Logout from tequila
- */
- function Logout ($redirectUrl = '') {
- // Kill session cookie and session file
- $this->KillSession();
- // Redirect the user to the tequila server logout url
- header("Location: " . $this->getLogoutUrl($redirectUrl));
- }
-
- /*
- GOAL : contact tequila
- IN : $type -> the type of contact to have with tequila
- N : $fields -> an array with the information for the request
- to Tequila server
- */
- function askTequila ($type, $fields = array()) {
- //Use the CURL object in order to communicate with tequila.epfl.ch
- $ch = curl_init ();
-
- curl_setopt ($ch, CURLOPT_HEADER, false);
- curl_setopt ($ch, CURLOPT_POST, true);
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, false);
- if ($this->sCAFile) curl_setopt ($ch, CURLOPT_CAINFO, $this->sCAFile);
- if ($this->sCertFile) curl_setopt ($ch, CURLOPT_SSLCERT, $this->sCertFile);
- if ($this->sKeyFile) curl_setopt ($ch, CURLOPT_SSLKEY, $this->sKeyFile);
-
- $url = $this->sServerUrl;
- switch ($type) {
- case 'createrequest':
- $url .= '/createrequest';
- break;
-
- case 'fetchattributes':
- $url .= '/fetchattributes';
- break;
-
- case 'config':
- $url .= '/getconfig';
- break;
-
- case 'logout':
- $url .= '/logout';
- break;
-
- default:
- return;
+ /**
+ * Reads Tequila response and isolates returned attributes.
+ * @param string
+ * @return array
+ */
+ function parseAttributes($response) {
+ $result = array();
+ $attributes = explode("\n", $response);
+ foreach ($attributes as $attribute) {
+ $attribute = trim($attribute);
+ if (!$attribute) {
+ continue;
+ }
+ list($key, $val) = explode('=', $attribute);
+ $result[$key] = $val;
+ }
+ return $result;
}
- // $url contains the tequila server with the parameters to execute
- curl_setopt ($ch, CURLOPT_URL, $url);
- /* If fields where passed as parameters, */
- if (is_array ($fields) && count ($fields)) {
- $pFields = array ();
- foreach ($fields as $key => $val) {
- $pFields[] = sprintf('%s=%s', $key, $val);
- }
- $query = implode("\n", $pFields) . "\n";
- curl_setopt ($ch, CURLOPT_POSTFIELDS, $query);
- }
- $response = curl_exec ($ch);
- // If connexion failed (HTTP code 200 <=> OK)
- if (curl_getinfo ($ch, CURLINFO_HTTP_CODE) != '200') {
- $response = false;
+ /**
+ * Returns the Tequila authentication form URL.
+ * @return string
+ */
+ function getAuthenticationUrl() {
+ return sprintf('%s%s?requestkey=%s',
+ $this->tequilaUrl,
+ $this->TEQUILA_REDIRECT,
+ $this->key);
}
- curl_close ($ch);
- return $response;
- }
}
?>
diff --git a/canapGEST/API/routes/web.php b/canapGEST/API/routes/web.php
index db79681..c7403df 100644
--- a/canapGEST/API/routes/web.php
+++ b/canapGEST/API/routes/web.php
@@ -1,6 +1,7 @@
<?php
-$router->get('api/auth/login', 'AuthController@authenticate');
-$router->get('api/auth/logout', 'AuthController@logout');
+$router->get('api/auth/login', 'AuthController@login');
+$router->get('api/auth/tequilareturn', 'AuthController@tequilareturn');
+// logout
$router->group(['middleware' => 'jwt.auth'], function () use ($router) {
diff --git a/canapGEST/DB/Valeurs de tests/table_activity.sql b/canapGEST/Documentation/DB/Valeurs de tests/table_activity.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/table_activity.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/table_activity.sql
diff --git a/canapGEST/DB/Valeurs de tests/table_applicants.sql b/canapGEST/Documentation/DB/Valeurs de tests/table_applicants.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/table_applicants.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/table_applicants.sql
diff --git a/canapGEST/DB/Valeurs de tests/table_file.sql b/canapGEST/Documentation/DB/Valeurs de tests/table_file.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/table_file.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/table_file.sql
diff --git a/canapGEST/DB/Valeurs de tests/table_job.sql b/canapGEST/Documentation/DB/Valeurs de tests/table_job.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/table_job.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/table_job.sql
diff --git a/canapGEST/DB/Valeurs de tests/table_location.sql b/canapGEST/Documentation/DB/Valeurs de tests/table_location.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/table_location.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/table_location.sql
diff --git a/canapGEST/DB/Valeurs de tests/table_position.sql b/canapGEST/Documentation/DB/Valeurs de tests/table_position.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/table_position.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/table_position.sql
diff --git a/canapGEST/DB/Valeurs de tests/table_responsible.sql b/canapGEST/Documentation/DB/Valeurs de tests/table_responsible.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/table_responsible.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/table_responsible.sql
diff --git a/canapGEST/DB/Valeurs de tests/table_scolarity.sql b/canapGEST/Documentation/DB/Valeurs de tests/table_scolarity.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/table_scolarity.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/table_scolarity.sql
diff --git a/canapGEST/DB/Valeurs de tests/table_status.sql b/canapGEST/Documentation/DB/Valeurs de tests/table_status.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/table_status.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/table_status.sql
diff --git a/canapGEST/DB/Valeurs de tests/test6.sql b/canapGEST/Documentation/DB/Valeurs de tests/test6.sql
similarity index 100%
rename from canapGEST/DB/Valeurs de tests/test6.sql
rename to canapGEST/Documentation/DB/Valeurs de tests/test6.sql
diff --git a/canapGEST/DB/createSqlUser.sql b/canapGEST/Documentation/DB/createSqlUser.sql
similarity index 100%
rename from canapGEST/DB/createSqlUser.sql
rename to canapGEST/Documentation/DB/createSqlUser.sql
diff --git a/canapGEST/DB/create_db_script.sql b/canapGEST/Documentation/DB/create_db_script.sql
similarity index 100%
rename from canapGEST/DB/create_db_script.sql
rename to canapGEST/Documentation/DB/create_db_script.sql
diff --git a/canapGEST/DB/model.mwb b/canapGEST/Documentation/DB/model.mwb
similarity index 100%
rename from canapGEST/DB/model.mwb
rename to canapGEST/Documentation/DB/model.mwb
diff --git a/canapGEST/DB/model.mwb.bak b/canapGEST/Documentation/DB/model.mwb.bak
similarity index 100%
rename from canapGEST/DB/model.mwb.bak
rename to canapGEST/Documentation/DB/model.mwb.bak
diff --git a/canapGEST/DB/model.png b/canapGEST/Documentation/DB/model.png
similarity index 100%
rename from canapGEST/DB/model.png
rename to canapGEST/Documentation/DB/model.png
diff --git a/canapGEST/Site/package-lock.json b/canapGEST/Site/package-lock.json
index 9f36c6d..006ad35 100644
--- a/canapGEST/Site/package-lock.json
+++ b/canapGEST/Site/package-lock.json
@@ -11015,9 +11015,9 @@
}
},
"vuex": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/vuex/-/vuex-3.1.0.tgz",
- "integrity": "sha512-mdHeHT/7u4BncpUZMlxNaIdcN/HIt1GsGG5LKByArvYG/v6DvHcOxvDCts+7SRdCoIRGllK8IMZvQtQXLppDYg=="
+ "version": "3.1.1",
+ "resolved": "https://registry.npmjs.org/vuex/-/vuex-3.1.1.tgz",
+ "integrity": "sha512-ER5moSbLZuNSMBFnEBVGhQ1uCBNJslH9W/Dw2W7GZN23UQA69uapP5GTT9Vm8Trc0PzBSVt6LzF3hGjmv41xcg=="
},
"watchpack": {
"version": "1.6.0",
diff --git a/canapGEST/Site/package.json b/canapGEST/Site/package.json
index 82b4faf..4405c5f 100644
--- a/canapGEST/Site/package.json
+++ b/canapGEST/Site/package.json
@@ -12,7 +12,7 @@
"vue": "^2.6.6",
"vue-router": "^3.0.1",
"vuetify": "^1.5.5",
- "vuex": "^3.0.1"
+ "vuex": "^3.1.1"
},
"devDependencies": {
"@vue/cli-plugin-babel": "^3.4.0",
diff --git a/canapGEST/Site/src/App.vue b/canapGEST/Site/src/App.vue
index d77a918..ba51bbc 100644
--- a/canapGEST/Site/src/App.vue
+++ b/canapGEST/Site/src/App.vue
@@ -20,10 +20,15 @@ import alertSnackbar from '@/components/alertSnackbar.vue'
export default {
created() {
+ let key = null
+ if (location.hash !== '#/') {
+ key = location.hash.replace('#/?key=', '')
+ if (this.$store.getters['moduleUser/userIsLogedIn'] && location.hash.includes('?key=')) {
+ this.$router.push('/')
+ }
+ }
if (!this.$store.getters['moduleUser/userIsLogedIn']) {
- this.$store.dispatch('moduleUser/login')
- } else {
- this.$store.dispatch('moduleUser/getLastConnection')
+ this.$store.dispatch('moduleUser/login', key)
}
},
components: {
diff --git a/canapGEST/Site/src/plugins/axios.js b/canapGEST/Site/src/plugins/axios.js
index 1f73227..c07074f 100644
--- a/canapGEST/Site/src/plugins/axios.js
+++ b/canapGEST/Site/src/plugins/axios.js
@@ -1,30 +1,30 @@
import axios from 'axios'
-import store from '@/store/store.js'
-import router from '@/router/index.js'
+// import store from '@/store/store.js'
+// import router from '@/router/index.js'
const instance = axios.create({
headers: { 'Authorization': "Bearer " + localStorage.getItem('stored_token') },
- baseURL: 'http://localhost:8000/api'
+ baseURL: 'https://canap-gest.epfl.ch:8443/api'
})
-instance.interceptors.response.use(function (response) {
- return response
-}, function (error) {
- if (!error.response) {
- store.commit('moduleSnackbar/toggle', { open: true, message: 'API non atteignable', type: 'warning' }, { root: true })
- } else if (error.response.status == 400 || error.response.status == 401) {
- // Erreur de token
- store.commit('moduleSnackbar/toggle', { open: true, message: error.response.data.error, type: 'warning' }, { root: true })
- store.dispatch('moduleUser/logout', false)
- } else if (error.response.status == 403 || error.response.status == 404) {
- router.push({ name: 'error', params: { status: error.response.data.error, message: error.response.data.message, route: '' } })
- } else {
- // Affichage des erreurs (snackbar)
- Object.values(error.response.data).forEach(errMsg => {
- store.commit('moduleSnackbar/toggle', { open: true, message: errMsg[0], type: 'error' }, { root: true })
- })
- }
- return Promise.reject(error)
-})
+// instance.interceptors.response.use(function (response) {
+// return response
+// }, function (error) {
+// if (!error.response) {
+// store.commit('moduleSnackbar/toggle', { open: true, message: 'API non atteignable', type: 'warning' }, { root: true })
+// } else if (error.response.status == 400 || error.response.status == 401) {
+// // Erreur de token
+// store.commit('moduleSnackbar/toggle', { open: true, message: error.response.data.error, type: 'warning' }, { root: true })
+// store.dispatch('moduleUser/logout', false)
+// } else if (error.response.status == 403 || error.response.status == 404) {
+// router.push({ name: 'error', params: { status: error.response.data.error, message: error.response.data.message, route: '' } })
+// } else {
+// // Affichage des erreurs (snackbar)
+// Object.values(error.response.data).forEach(errMsg => {
+// store.commit('moduleSnackbar/toggle', { open: true, message: errMsg[0], type: 'error' }, { root: true })
+// })
+// }
+// return Promise.reject(error)
+// })
export default instance
\ No newline at end of file
diff --git a/canapGEST/Site/src/router/index.js b/canapGEST/Site/src/router/index.js
index 8a8b73b..5baaa12 100644
--- a/canapGEST/Site/src/router/index.js
+++ b/canapGEST/Site/src/router/index.js
@@ -10,7 +10,7 @@ const router = new Router({ routes })
router.beforeEach((to, from, next) => {
if (store.getters['moduleUser/userIsLogedIn']) {
// get & set user data
- store.dispatch('moduleUser/getUserData').then(() => {
+ return store.dispatch('moduleUser/getUserData').then(() => {
// Valide l'accès à la route selon le rôle
let routeLimitation = to.meta.requiresRole
let userRole = store.state.moduleUser.userData.role
@@ -32,6 +32,7 @@ router.beforeEach((to, from, next) => {
return next()
})
}
+ next()
})
export default router
diff --git a/canapGEST/Site/src/store/modules/user/actions.js b/canapGEST/Site/src/store/modules/user/actions.js
index 7ed267a..b314b19 100644
--- a/canapGEST/Site/src/store/modules/user/actions.js
+++ b/canapGEST/Site/src/store/modules/user/actions.js
@@ -1,29 +1,24 @@
import axios from '../../../plugins/axios'
-export function login() {
- axios({
- method: 'get',
- url: '/auth/login'
- })
- .then(response => {
- if (!response.data.token) {
- window.location = 'http://localhost:8000/api/auth/login'
- } else {
- localStorage.setItem('stored_token', response.data.token);
- location.reload()
- // setLastConnection().then(() => {
- // })
- }
+export function login(context, key) {
+ if (key) {
+ axios.get("/auth/login?key=" + key).then(response => {
+ localStorage.setItem('stored_token', response.data)
+ location.reload()
})
+ }
+ else {
+ window.location.href = "https://canap-gest.epfl.ch:8443/api/auth/login"
+ }
}
export function logout(context, fullLogout) {
setLastConnection().then(() => {
- localStorage.removeItem('stored_token');
+ localStorage.removeItem('stored_token')
if (fullLogout) {
window.location = 'https://tequila.epfl.ch/logout'
}
- location.reload()
+ // location.reload()
})
}
--
GitLab