diff --git a/notify-term/WNSAuth.js b/notify-term/WNSAuth.js index 02c212c..4a2068b 100644 --- a/notify-term/WNSAuth.js +++ b/notify-term/WNSAuth.js @@ -185,7 +185,7 @@ class WNSAuth extends EventEmitter __authWNS() { - var serviceAuth = cl.load( "notifyterm.config.auth" ); + var serviceAuth = cl.load( "notifyterm.config.auth", true ); var Request = new HttpRequest( serviceAuth.Uri ); diff --git a/notify-term/app.js b/notify-term/app.js index ce761b4..31404a2 100644 --- a/notify-term/app.js +++ b/notify-term/app.js @@ -9,6 +9,7 @@ var Base = cl.load( "notifysrv.postframe" ); var WNSAuth = cl.load( "notifyterm.WNSAuth" ); var Model = cl.load( "notifyterm.schema" ); var NotisQ = cl.load( "notifyterm.Notis" ); +var SrvAuth = cl.load( "notifyterm.config.auth" ); class App extends Base { @@ -32,6 +33,20 @@ class App extends Base var _self = this; var query = e.Data; + // Protected Actions + switch( query.action ) + { + case "register": + case "remove": + if(!( query.pass && query.pass == SrvAuth.Client )) + { + this.result = "Unauthorized Access"; + this.plantResult(); + return; + } + break; + } + switch( query.action ) { case "register": diff --git a/notify-term/config/auth.js.example b/notify-term/config/auth.js.example new file mode 100644 index 0000000..faeddba --- /dev/null +++ b/notify-term/config/auth.js.example @@ -0,0 +1,11 @@ +module.exports = { + // Defined in Docs + Uri: "https://login.live.com/accesstoken.srf" + + // Given by Dev center + , Id: "ms-app://s-1-11-1-1111111111-1111111111-1111111111-1111111111-11111111-1111111111-1111111111" + , Secret: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + + // basic protection pass + , Client: "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +} diff --git a/notify-term/config/db.js.example b/notify-term/config/db.js.example new file mode 100644 index 0000000..bd4fe7c --- /dev/null +++ b/notify-term/config/db.js.example @@ -0,0 +1,7 @@ +module.exports = { + host: "mongodb://123.456.789.0/database_name" + , auth:{ + user: "UserName" + , pass: "Password" + } +};