lib/osso/routes/admin.rb in osso-0.0.5.pre.zeta vs lib/osso/routes/admin.rb in osso-0.0.5
- old
+ new
@@ -1,53 +1,59 @@
# frozen_string_literal: true
-require 'jwt'
+require 'roda'
+require 'sequel/core'
+DEFAULT_VIEWS_DIR = File.join(File.expand_path(Bundler.root), 'views/rodauth')
+
module Osso
- class Admin < Sinatra::Base
- include AppConfig
- helpers Helpers::Auth
- register Sinatra::Namespace
+ class Admin < Roda
+ DB = Sequel.postgres(extensions: :activerecord_connection)
+ use Rack::Session::Cookie, secret: ENV['SESSION_SECRET']
- before do
- chomp_token
- end
+ plugin :middleware
+ plugin :render, engine: 'erb', views: ENV['RODAUTH_VIEWS'] || DEFAULT_VIEWS_DIR
+ plugin :route_csrf
- namespace '/admin' do
- get '/login' do
- token_protected!
+ plugin :rodauth do
+ enable :login, :verify_account
+ verify_account_set_password? true
+ already_logged_in { redirect login_redirect }
+ use_database_authentication_functions? false
- erb :admin, layout: false
+ before_create_account_route do
+ request.halt unless DB[:accounts].empty?
end
+ end
- get '' do
- internal_protected!
+ alias erb render
- erb :admin, layout: false
- end
+ route do |r|
+ r.rodauth
- get '/enterprise' do
- token_protected!
-
- erb :admin, layout: false
+ def current_account
+ Osso::Models::Account.find(rodauth.session['account_id']).
+ context.
+ merge({ rodauth: rodauth })
end
- get '/enterprise/:domain' do
- enterprise_protected!(params[:domain])
-
+ r.on 'admin' do
+ rodauth.require_authentication
erb :admin, layout: false
end
- get '/config' do
- admin_protected!
+ r.post 'graphql' do
+ rodauth.require_authentication
- erb :admin, layout: false
- end
+ result = Osso::GraphQL::Schema.execute(
+ r.params['query'],
+ variables: r.params['variables'],
+ context: current_account,
+ )
- get '/config/:id' do
- admin_protected!
-
- erb :admin, layout: false
+ result.to_json
end
+
+ env['rodauth'] = rodauth
end
end
end