ChK/appServerPortalUI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nach AI vibe coding

Browse Source
This commit is contained in:
ChK
2026-02-02 20:49:03 +01:00
parent 6cef59775a
commit 5b3a61b89d
6 changed files with 245 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
auth/auth.js
View File

@@ -1,42 +1,43 @@
const express = require("express");
const cookieParser = require("cookie-parser");
import express from "express";
import cookieParser from "cookie-parser";
const app = express();
app.use(express.json());
app.use(cookieParser());
const PORT = 3000;
const USERS = { "admin":"test123" }; // mocked
// Test-User
const USER = {
username: "admin",
password: "test123"
};
// Login
app.post("/api/login", (req, res) => {
const { username, password } = req.body;
if (username === USER.username && password === USER.password) {
res.cookie("session", "valid", {
httpOnly: true,
sameSite: "Lax",
path: "/"
});
return res.json({ success: true });
}
res.status(401).json({ success: false });
app.post("/api/login", (req,res)=>{
const { user, pass } = req.body;
console.log(`Auth-Service login attempt for ${user}`);
if(USERS[user] && USERS[user] === pass){
// Set Session Cookie
res.cookie("SESSIONID", "dummy-session-"+user, {
httpOnly: true,
secure: false, // in production: set to true when serving over HTTPS
// domain: ".server.schooltech.ch", // removed for local dev; set in production
sameSite: "Lax", // local dev; use "None" + secure:true for iframe production
path: "/"
});
res.status(200).send({ ok:true });
} else {
res.status(401).send({ ok:false });
}
});
// Auth-Check für späteres Nginx auth_request
app.get("/internal/auth", (req, res) => {
if (req.cookies.session === "valid") {
return res.sendStatus(200);
}
res.sendStatus(401);
// Event logging endpoint for frontend button presses
app.post('/api/event', (req,res)=>{
const svc = req.body.service || req.body.action || 'unknown';
const user = req.cookies.SESSIONID || 'anonymous';
console.log(`Event: user=${user} service=${svc} payload=${JSON.stringify(req.body)}`);
res.status(200).send({ ok:true });
});
app.listen(PORT, () => {
console.log(`Auth service listening on ${PORT}`);
// Optional für Nginx auth_request
app.get("/internal/auth", (req,res)=>{
if(req.cookies.SESSIONID) return res.sendStatus(200);
return res.sendStatus(401);
});
app.listen(3000, ()=>console.log("Auth-Service läuft auf 3000"));