From 080f58baa06ab41015af0bd061d7e489f4d2b560 Mon Sep 17 00:00:00 2001
From: Enstrayed <48845980+Enstrayed@users.noreply.github.com>
Date: Sun, 4 May 2025 19:15:26 -0700
Subject: [PATCH] more auth changes + add tokenman page

---
 routes/auth.js                     | 27 +++++++++++++-
 routes/frontpage.js                |  4 --
 website/static/pages/tokenman.html | 60 ++++++++++++++++++++++++++++++
 3 files changed, 86 insertions(+), 5 deletions(-)
 create mode 100644 website/static/pages/tokenman.html

diff --git a/routes/auth.js b/routes/auth.js
index 55b81a2..515e74d 100644
--- a/routes/auth.js
+++ b/routes/auth.js
@@ -5,7 +5,7 @@ import { randomStringBase62, getHumanReadableUserAgent } from "../liberals/misc.
 
 app.get("/api/auth/whoami", (rreq,rres) => {
     if (!rreq.cookies["APIToken"] && !rreq.get("Authorization")) {
-        rres.send({ "loggedIn": false, "username": "", "scopes": "" })
+        rres.status(400).send({ "loggedIn": false, "username": "", "scopes": "" })
     } else {
         db`select s.scopes, u.username from sessions s join users u on s.owner = u.id where s.token = ${rreq.cookies["APIToken"] ?? rreq.get("Authorization")}`.then(dbRes => {
             if (dbRes.length > 0 && dbRes.length < 2) {
@@ -37,6 +37,23 @@ app.get("/api/auth/login", (rreq,rres) => {
 
 })
 
+app.get("/api/auth/logout", (rreq,rres) => {
+    if (rreq.cookies["APIToken"] || rreq.get("Authorization")) {
+        db`delete from sessions where token = ${rreq.cookies["APIToken"] ?? rreq.get("Authorization")}`.then(dbRes => {
+            if (dbRes.count > 0) {
+                rres.send("Success")
+            } else {
+                rres.status(400).send("Error: Token does not exist.")
+            }
+        }).catch(dbErr => {
+            logRequest(rres,rreq,500,dbErr)
+            rres.status(500).send("Error: Exception occured while invalidating token, details: "+dbErr)
+        })
+    } else {
+        rres.status(400).send("Error: Missing token or authorization header, you may not be logged in.")
+    }
+})
+
 app.get("/api/auth/callback", (rreq,rres) => {
     fetch(globalConfig.oidc.tokenUrl, { // Call token endpoint at IdP using code provdided during callback
         method: "POST",
@@ -99,4 +116,12 @@ app.delete("/api/auth/token", (rreq,rres) => {
     rres.send("Non functional endpoint")
 })
 
+app.get("/api/auth/tokenlist", (rreq,rres) => {
+    rres.send("Non functional endpoint")
+})
+
+app.get("/api/auth/nuke", (rreq,rres) => {
+    rres.send("Non functional endpoint")
+})
+
 export { app }
\ No newline at end of file
diff --git a/routes/frontpage.js b/routes/frontpage.js
index 91fc172..1682a47 100644
--- a/routes/frontpage.js
+++ b/routes/frontpage.js
@@ -39,10 +39,6 @@ app.get("/posts/*", (rreq,rres) => {
     
 })
 
-app.get("/urltoolbox", (rreq,rres) => {
-    rres.send("Under construction")
-})
-
 function parseFiles() {
     let files = fs.readdirSync(process.cwd()+"/website/posts")
     let result = ""
diff --git a/website/static/pages/tokenman.html b/website/static/pages/tokenman.html
new file mode 100644
index 0000000..b2b8879
--- /dev/null
+++ b/website/static/pages/tokenman.html
@@ -0,0 +1,60 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>TokenMan</title>
+    <style>
+        body {
+            font-family: "Segoe UI Variable", sans-serif;
+            background-color: #111;
+            color: #fff;
+        }
+    </style>
+    <script>
+        function loginFunction() {
+            let loginWindow = window.open(`http://bottleneck.pizzly-catfish.ts.net:8081/api/auth/login?state=close`,`_blank`)
+            let loginWatcher = setInterval(() => {
+                if (loginWindow.closed) {
+                    fetch(`http://bottleneck.pizzly-catfish.ts.net:8081/api/auth/whoami`).then(fetchRes => {
+                        fetchRes.json().then(jsonRes => {
+                            if (jsonRes.loggedIn) {
+                                document.getElementById("loggedInText").innerText = `Logged in as ${jsonRes.username} with scopes ${jsonRes.scopes.join(", ")}`
+                                document.getElementById("loginButton").disabled = true
+                                document.getElementById("logoutButton").disabled = false
+                                
+                            } else {
+                                alert("An error occured during login.")
+                            }
+                            clearInterval(loginWatcher);
+                        })
+                    })
+                    
+                }
+            }, 500);
+        }
+
+        function logoutFunction() {
+            fetch(`http://bottleneck.pizzly-catfish.ts.net:8081/api/auth/logout`).then(fetchRes => {
+                if (fetchRes.status == 200) {
+                    document.getElementById("loggedInText").innerText = `Not Logged In`
+                    document.getElementById("loginButton").disabled = false
+                    document.getElementById("logoutButton").disabled = true
+                } else {
+                    fetchRes.text().then(text => {
+                        alert("An error occured during logout: " + text)
+                    })
+                }
+            })
+        }
+    </script>
+</head>
+<body>
+    <h1>TokenMan</h1>
+    <div>
+        <button onclick="loginFunction()" id="loginButton">Login</button>
+        <button onclick="logoutFunction()" id="logoutButton" disabled="true">Logout</button>
+        <span id="loggedInText">Not Logged In</span>
+    </div>
+</body>
+</html>
\ No newline at end of file