Merge pull request #138 from camicroscope/develop

For 3.9.11

caracal.js

@@ -74,6 +74,7 @@ var HANDLERS = {
   "loginHandler": function() {
     return auth.loginHandler(auth.PUBKEY);
   },
+  "loginWithHeader": auth.loginWithHeader,
   "sanitizeBody": function() {
     return sanitizeBody;
   },

handlers/authHandlers.js

@@ -263,6 +263,35 @@ function firstSetupUserSignupExists() {
   };
 }
 
+// Use a trusted header instead of a jwt for login. Use carefully if at all.
+function loginWithHeader(header, signKey, userFunction) {
+  return function(req, res) {
+    // get the correct header, set it to use userFunction
+    let token = {"email": req.headers[header]};
+    // login using that
+    userFunction(token).then((x) => {
+      if (x === false) {
+        res.status(401).send({
+          'err': 'User Unauthorized',
+        });
+      } else {
+        data = x;
+        delete data['exp'];
+        // sign using the mounted key
+        var token = jwt.sign(data, signKey, {
+          algorithm: 'RS256',
+          expiresIn: EXPIRY,
+        });
+        res.send({
+          'token': token,
+        });
+      }
+    }).catch((e) => {
+      console.log(e);
+      res.status(401).send(e);
+    });
+  };
+}
 
 auth = {};
 auth.jwkTokenTrade = jwkTokenTrade;
@@ -271,6 +300,7 @@ auth.filterHandler = filterHandler;
 auth.loginHandler = loginHandler;
 auth.editHandler = editHandler;
 auth.firstSetupUserSignupExists = firstSetupUserSignupExists;
+auth.loginWithHeader = loginWithHeader;
 auth.CLIENT = CLIENT;
 auth.PRIKEY = PRIKEY;
 auth.PUBKEY = PUBKEY;

idx_mongo.js

@@ -5,7 +5,6 @@ const mongodb = require("./service/database");
 
 function indexes() {
   db = "camic";
-  mongodb.createIndex(db, "authorization", {"name": 1}, {unique: true});
   mongodb.createIndex(db, "user", {"email": 1}, {unique: true});
   mongodb.createIndex(db, "mark", {"provenance.image.slide": 1,
     "provenance.analysis.execution_id": 1, "footprint": 1, "x": 1, "y": 1});