PoC of school digital workspace without a CAS, using Macaroons

server.js 1.3KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051
  1. var MacaroonsBuilder = require('macaroons.js').MacaroonsBuilder;
  2. var MacaroonsVerifier = require('macaroons.js').MacaroonsVerifier;
  3. var express = require('express');
  4. var app = express();
  5. var bodyParser = require('body-parser');
  6. var location = "https://ent.brendanabolivier.com";
  7. var secretKey = "pocsecret";
  8. // parse application/x-www-form-urlencoded
  9. app.use(bodyParser.urlencoded({ extended: false }));
  10. // parse application/json
  11. app.use(bodyParser.json());
  12. app.get('/', function(req, res, next) {
  13. res.sendFile(__dirname + '/form.html');
  14. });
  15. app.post('/', function(req, res, next) {
  16. var identifier = req.body.username;
  17. var m = new MacaroonsBuilder(location, secretKey, identifier)
  18. .add_first_party_caveat("status = student")
  19. .getMacaroon();
  20. res.cookie('das-macaroon', m.serialize());
  21. res.send('Logged in as ' + req.body.username + ' (student)');
  22. });
  23. app.get('/teacher', function(req, res, next) {
  24. res.sendFile(__dirname + '/form.html');
  25. });
  26. app.post('/teacher', function(req, res, next) {
  27. var identifier = req.body.username;
  28. var m = new MacaroonsBuilder(location, secretKey, identifier)
  29. .add_first_party_caveat("status = teacher")
  30. .getMacaroon();
  31. res.cookie('das-macaroon', m.serialize());
  32. res.send('Logged in as ' + req.body.username + ' (teacher)');
  33. });
  34. app.listen(1337, function() {
  35. console.log('Server started');
  36. });