Add GitHub authentication in front of the /dashboard service
This commit is contained in:
parent
39112b800f
commit
0854281cd4
|
@ -3,6 +3,19 @@
|
|||
"port": 3030,
|
||||
"public": "../public/",
|
||||
"postgres": "postgres://postgres:jenkinsuplink@db:5432/uplink_development",
|
||||
"authentication": {
|
||||
"secret": "a poorly formed development secret",
|
||||
"session" : true,
|
||||
"cookie" : {
|
||||
"secure": false,
|
||||
"enabled": true,
|
||||
"name": "uplink-jwt"
|
||||
}
|
||||
},
|
||||
"github": {
|
||||
"clientID": "72bd7848c64951dded52",
|
||||
"clientSecret": "60a8dc07b6391bff756d4eab3b84a520ee87becc"
|
||||
},
|
||||
"paginate": {
|
||||
"default": 10,
|
||||
"max": 50
|
||||
|
|
|
@ -62,6 +62,29 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"@feathersjs/authentication-jwt": {
|
||||
"version": "2.0.3",
|
||||
"resolved": "https://registry.npmjs.org/@feathersjs/authentication-jwt/-/authentication-jwt-2.0.3.tgz",
|
||||
"integrity": "sha512-FRiIlPI0Vh7LJaaws6yL651i7dQjISgdr3MijKZrKujpsBuc+jbZKKkRZWT+8t+XPu96Ph1qHhy1OpRskS8mgg==",
|
||||
"requires": {
|
||||
"@feathersjs/errors": "^3.3.2",
|
||||
"debug": "^3.1.0",
|
||||
"lodash.merge": "^4.6.0",
|
||||
"lodash.omit": "^4.5.0",
|
||||
"lodash.pick": "^4.4.0",
|
||||
"passport-jwt": "^4.0.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"debug": {
|
||||
"version": "3.1.0",
|
||||
"resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz",
|
||||
"integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==",
|
||||
"requires": {
|
||||
"ms": "2.0.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"@feathersjs/authentication-oauth2": {
|
||||
"version": "1.2.2",
|
||||
"resolved": "https://registry.npmjs.org/@feathersjs/authentication-oauth2/-/authentication-oauth2-1.2.2.tgz",
|
||||
|
@ -2742,6 +2765,15 @@
|
|||
"resolved": "https://registry.npmjs.org/cookie/-/cookie-0.3.1.tgz",
|
||||
"integrity": "sha1-5+Ch+e9DtMi6klxcWpboBtFoc7s="
|
||||
},
|
||||
"cookie-parser": {
|
||||
"version": "1.4.3",
|
||||
"resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.4.3.tgz",
|
||||
"integrity": "sha1-D+MfoZ0AC5X0qt8fU/3CuKIDuqU=",
|
||||
"requires": {
|
||||
"cookie": "0.3.1",
|
||||
"cookie-signature": "1.0.6"
|
||||
}
|
||||
},
|
||||
"cookie-signature": {
|
||||
"version": "1.0.6",
|
||||
"resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
|
||||
|
@ -3994,6 +4026,24 @@
|
|||
"bser": "^2.0.0"
|
||||
}
|
||||
},
|
||||
"feathers-memory": {
|
||||
"version": "2.2.0",
|
||||
"resolved": "https://registry.npmjs.org/feathers-memory/-/feathers-memory-2.2.0.tgz",
|
||||
"integrity": "sha512-rkx6oKBMbQbqtXUCS8GfC9wRubcNNBD0cHIU7Mesyg1Wsk0Dm7JftqrLz0fax1R1j2VMmMM8EZXuljhdtfdGLw==",
|
||||
"requires": {
|
||||
"@feathersjs/commons": "^1.3.0",
|
||||
"@feathersjs/errors": "^3.2.0",
|
||||
"sift": "^6.0.0",
|
||||
"uberproto": "^2.0.1"
|
||||
},
|
||||
"dependencies": {
|
||||
"@feathersjs/commons": {
|
||||
"version": "1.4.4",
|
||||
"resolved": "https://registry.npmjs.org/@feathersjs/commons/-/commons-1.4.4.tgz",
|
||||
"integrity": "sha512-ZPpzyZA3CPfoa9AuFv3BJUI/ubzaaXixp8T/pqeMFPT6DOaU/6oF7lz1RxwimzfJNna4gy/HByt0EoLSI3BKWg=="
|
||||
}
|
||||
}
|
||||
},
|
||||
"feathers-sequelize": {
|
||||
"version": "3.1.2",
|
||||
"resolved": "https://registry.npmjs.org/feathers-sequelize/-/feathers-sequelize-3.1.2.tgz",
|
||||
|
@ -7477,6 +7527,15 @@
|
|||
"passport-oauth2": "1.x.x"
|
||||
}
|
||||
},
|
||||
"passport-jwt": {
|
||||
"version": "4.0.0",
|
||||
"resolved": "https://registry.npmjs.org/passport-jwt/-/passport-jwt-4.0.0.tgz",
|
||||
"integrity": "sha512-BwC0n2GP/1hMVjR4QpnvqA61TxenUMlmfNjYNgK0ZAs0HK4SOQkHcSv4L328blNTLtHq7DbmvyNJiH+bn6C5Mg==",
|
||||
"requires": {
|
||||
"jsonwebtoken": "^8.2.0",
|
||||
"passport-strategy": "^1.0.0"
|
||||
}
|
||||
},
|
||||
"passport-oauth2": {
|
||||
"version": "1.4.0",
|
||||
"resolved": "https://registry.npmjs.org/passport-oauth2/-/passport-oauth2-1.4.0.tgz",
|
||||
|
@ -8991,6 +9050,11 @@
|
|||
"resolved": "https://registry.npmjs.org/shimmer/-/shimmer-1.2.0.tgz",
|
||||
"integrity": "sha512-xTCx2vohXC2EWWDqY/zb4+5Mu28D+HYNSOuFzsyRDRvI/e1ICb69afwaUwfjr+25ZXldbOLyp+iDUZHq8UnTag=="
|
||||
},
|
||||
"sift": {
|
||||
"version": "6.0.0",
|
||||
"resolved": "https://registry.npmjs.org/sift/-/sift-6.0.0.tgz",
|
||||
"integrity": "sha1-+Tp3jly/BaUCTrw5HmsyURptH4I="
|
||||
},
|
||||
"sigmund": {
|
||||
"version": "1.0.1",
|
||||
"resolved": "https://registry.npmjs.org/sigmund/-/sigmund-1.0.1.tgz",
|
||||
|
|
|
@ -38,6 +38,7 @@
|
|||
},
|
||||
"dependencies": {
|
||||
"@feathersjs/authentication": "^2.1.9",
|
||||
"@feathersjs/authentication-jwt": "^2.0.3",
|
||||
"@feathersjs/authentication-oauth2": "^1.2.2",
|
||||
"@feathersjs/configuration": "^2.0.2",
|
||||
"@feathersjs/errors": "^3.3.2",
|
||||
|
@ -45,7 +46,9 @@
|
|||
"@feathersjs/feathers": "^3.2.1",
|
||||
"@feathersjs/socketio": "^3.2.4",
|
||||
"compression": "^1.7.3",
|
||||
"cookie-parser": "^1.4.3",
|
||||
"cors": "^2.8.4",
|
||||
"feathers-memory": "^2.2.0",
|
||||
"feathers-sequelize": "^3.1.2",
|
||||
"helmet": "^3.13.0",
|
||||
"passport-github": "^1.1.0",
|
||||
|
|
|
@ -64,6 +64,10 @@
|
|||
<main class="container">
|
||||
<h2 class="center-text">Uplink is a tiny little service to collect bursts of telemetry data from Jenkins</h2>
|
||||
|
||||
<div class="center-text">
|
||||
<a href="/auth/github">Log in with GitHub</a>
|
||||
</div>
|
||||
|
||||
<footer>
|
||||
<p class="center-text">For more information on Uplink see <a href="https://github.com/jenkins-infra/uplink" title="Uplink on GitHub" target="blank">github.com/jenkins-infra/uplink</a>.</p>
|
||||
</footer>
|
||||
|
|
26
src/app.ts
26
src/app.ts
|
@ -8,18 +8,25 @@ import logger from './logger';
|
|||
|
||||
import feathers from '@feathersjs/feathers';
|
||||
import configuration from '@feathersjs/configuration';
|
||||
import authentication from '@feathersjs/authentication';
|
||||
import jwt from '@feathersjs/authentication-jwt';
|
||||
import oauth2 from '@feathersjs/authentication-oauth2';
|
||||
import { Strategy } from 'passport-github';
|
||||
import express from '@feathersjs/express';
|
||||
import socketio from '@feathersjs/socketio';
|
||||
|
||||
import cookieParser from 'cookie-parser';
|
||||
|
||||
import middleware from './middleware';
|
||||
import services from './services';
|
||||
import { appHooks } from './app.hooks';
|
||||
import channels from './channels';
|
||||
|
||||
const app = express(feathers());
|
||||
const settings = configuration();
|
||||
|
||||
// Load app configuration
|
||||
app.configure(configuration());
|
||||
app.configure(settings);
|
||||
// Enable security, CORS, compression, favicon and body parsing
|
||||
app.use(helmet());
|
||||
app.use(cors());
|
||||
|
@ -34,6 +41,23 @@ app.use('/', express.static(app.get('public')));
|
|||
app.configure(express.rest());
|
||||
app.configure(socketio());
|
||||
|
||||
app.get('/dashboard', cookieParser());
|
||||
|
||||
/*
|
||||
* Allow overriding the JWT secret in the environment, a la Kubernetes
|
||||
*/
|
||||
app.get('authentication').secret = process.env.JWT_SECRET || app.get('authentication').secret;
|
||||
app.configure(authentication(app.get('authentication')));
|
||||
|
||||
app.configure(jwt());
|
||||
const githubSettings = app.get('github');
|
||||
app.configure(oauth2(Object.assign(githubSettings, {
|
||||
name: 'github',
|
||||
Strategy: Strategy,
|
||||
successRedirect: '/dashboard',
|
||||
scope: [],
|
||||
})));
|
||||
|
||||
// Configure other middleware (see `middleware/index.js`)
|
||||
app.configure(middleware);
|
||||
// Set up our services (see `services/index.js`)
|
||||
|
|
|
@ -0,0 +1,43 @@
|
|||
/**
|
||||
* The Dashboard module is for logged in users to view events
|
||||
*/
|
||||
|
||||
import logger from '../logger';
|
||||
|
||||
import { Application, HooksObject, Params } from '@feathersjs/feathers';
|
||||
import authentication from '@feathersjs/authentication';
|
||||
|
||||
|
||||
export class Dashboard {
|
||||
protected readonly app : Application;
|
||||
|
||||
constructor(app : Application) {
|
||||
this.app = app;
|
||||
}
|
||||
|
||||
public async find(params : Params) : Promise<any> {
|
||||
logger.info('Parameters passed into the Dashboard service', params);
|
||||
return Promise.resolve({});
|
||||
}
|
||||
}
|
||||
|
||||
export const dashboardHooks : HooksObject = {
|
||||
before: {
|
||||
all: [
|
||||
authentication.hooks.authenticate(['jwt']),
|
||||
],
|
||||
find: [],
|
||||
get: [],
|
||||
create: [],
|
||||
update: [],
|
||||
patch: [],
|
||||
remove: []
|
||||
},
|
||||
after: {},
|
||||
error: {},
|
||||
};
|
||||
|
||||
export default (app) => {
|
||||
app.use('/dashboard', new Dashboard(app));
|
||||
app.service('dashboard').hooks(dashboardHooks);
|
||||
};
|
|
@ -1,5 +1,9 @@
|
|||
import dashboard from './dashboard';
|
||||
import events from './events';
|
||||
import users from './users';
|
||||
|
||||
export default (app) => {
|
||||
app.configure(dashboard);
|
||||
app.configure(events);
|
||||
app.configure(users);
|
||||
};
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
|
||||
import { HooksObject } from '@feathersjs/feathers';
|
||||
import memory from 'feathers-memory';
|
||||
|
||||
export const usersHooks : HooksObject = {
|
||||
before: {
|
||||
},
|
||||
after: {
|
||||
},
|
||||
error: {
|
||||
},
|
||||
};
|
||||
|
||||
export default (app) => {
|
||||
app.use('/users', memory());
|
||||
app.service('users').hooks(usersHooks);
|
||||
}
|
Loading…
Reference in New Issue