mailtrain/lib/passport.js

'use strict';

let config = require('config');
let log = require('npmlog');
let _ = require('./translate')._;
let util = require('util');

let passport = require('passport');
let LocalStrategy = require('passport-local').Strategy;

let csrf = require('csurf');
let bodyParser = require('body-parser');

const users = require('../models/users');
const { nodeifyFunction, nodeifyPromise } = require('./nodeify');
const interoperableErrors = require('../shared/interoperable-errors');

let LdapStrategy;
try {
    LdapStrategy = require('passport-ldapjs').Strategy; // eslint-disable-line global-require
} catch (E) {
    if (config.ldap.enabled) {
        log.info('LDAP', 'Module "passport-ldapjs" not installed. LDAP auth will fail.');
    }
}

module.exports.csrfProtection = csrf({
    cookie: true
});

module.exports.parseForm = bodyParser.urlencoded({
    extended: false,
    limit: config.www.postsize
});

module.exports.loggedIn = (req, res, next) => {
    if (!req.user) {
        next(new interoperableErrors.NotLoggedInError());
    } else {
        next();
    }
};

module.exports.setup = app => {
    app.use(passport.initialize());
    app.use(passport.session());
};

module.exports.restLogout = (req, res) => {
    req.logout();
    res.json();
};

module.exports.restLogin = (req, res, next) => {
    passport.authenticate(config.ldap.enabled ? 'ldap' : 'local', (err, user, info) => {
        return next(err);

        if (!user) {
            return next(new interoperableErrors.IncorrectPasswordError());
        }
        req.logIn(user, err => {
            if (err) {
                return next(err);
            }

            if (req.body.remember) {
                // Cookie expires after 30 days
                req.session.cookie.maxAge = 30 * 24 * 60 * 60 * 1000;
            } else {
                // Cookie expires at end of session
                req.session.cookie.expires = false;
            }

            return res.json();
        });
    })(req, res, next);
};

if (config.ldap.enabled && LdapStrategy) {
    log.info('Using LDAP auth');
    module.exports.authMethod = 'ldap';
    module.exports.isAuthMethodLocal = false;

    let opts = {
        server: {
            url: 'ldap://' + config.ldap.host + ':' + config.ldap.port
        },
        base: config.ldap.baseDN,
        search: {
            filter: config.ldap.filter,
            attributes: [config.ldap.uidTag, config.ldap.nameTag, 'mail'],
            scope: 'sub'
        },
        uidTag: config.ldap.uidTag
    };

    passport.use(new LdapStrategy(opts, nodeifyFunction(async (profile) => {
        try {
            const user = await users.getByUsername(profile[config.ldap.uidTag]);

            return {
                id: user.id,
                username: user.username,
                name: profile[config.ldap.nameTag],
                email: profile.mail
            };

        } catch (err) {
            if (err instanceof interoperableErrors.NotFoundError) {
                const userId = await users.createExternal({
                    username: profile[config.ldap.uidTag],
                });

                return {
                    id: userId,
                    username: profile[config.ldap.uidTag],
                    name: profile[config.ldap.nameTag],
                    email: profile.mail
                };
            } else {
                throw err;
            }

        }
    })));

    passport.serializeUser((user, done) => { /* FIXME */ console.log(user); done(null, user); });
    passport.deserializeUser((user, done) => done(null, user));

} else {
    log.info('Using local auth');
    module.exports.authMethod = 'local';
    module.exports.isAuthMethodLocal = true;

    passport.use(new LocalStrategy(nodeifyFunction(async (username, password) => {
        return await users.getByUsernameIfPasswordMatch(username, password);
    })));

    passport.serializeUser((user, done) => done(null, user.id));
    passport.deserializeUser((id, done) => nodeifyPromise(users.getById(id), done));
}
Initial import 2016-04-04 12:36:30 +00:00			`'use strict';`

added max post size option 2016-04-13 05:36:55 +00:00			`let config = require('config');`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`let log = require('npmlog');`
Updated translation support 2017-03-07 14:30:56 +00:00			`let _ = require('./translate')._;`
			`let util = require('util');`
Add ldap authentication 2016-08-11 11:21:48 +00:00
Initial import 2016-04-04 12:36:30 +00:00			`let passport = require('passport');`
			`let LocalStrategy = require('passport-local').Strategy;`
v1.16.0 2016-08-29 10:57:27 +00:00
Initial import 2016-04-04 12:36:30 +00:00			`let csrf = require('csurf');`
			`let bodyParser = require('body-parser');`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00
			`const users = require('../models/users');`
			`const { nodeifyFunction, nodeifyPromise } = require('./nodeify');`
			`const interoperableErrors = require('../shared/interoperable-errors');`
Initial import 2016-04-04 12:36:30 +00:00
v1.16.0 2016-08-29 10:57:27 +00:00			`let LdapStrategy;`
			`try {`
			`LdapStrategy = require('passport-ldapjs').Strategy; // eslint-disable-line global-require`
			`} catch (E) {`
Fix logging for ldap module 2017-03-15 18:44:12 +00:00			`if (config.ldap.enabled) {`
Satisfy ESLint indentation rule 2017-03-19 15:03:11 +00:00			`log.info('LDAP', 'Module "passport-ldapjs" not installed. LDAP auth will fail.');`
Fix logging for ldap module 2017-03-15 18:44:12 +00:00			`}`
v1.16.0 2016-08-29 10:57:27 +00:00			`}`

Initial import 2016-04-04 12:36:30 +00:00			`module.exports.csrfProtection = csrf({`
			`cookie: true`
			`});`

			`module.exports.parseForm = bodyParser.urlencoded({`
added max post size option 2016-04-13 05:36:55 +00:00			`extended: false,`
			`limit: config.www.postsize`
Initial import 2016-04-04 12:36:30 +00:00			`});`

All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`module.exports.loggedIn = (req, res, next) => {`
			`if (!req.user) {`
			`next(new interoperableErrors.NotLoggedInError());`
			`} else {`
			`next();`
			`}`
			`};`

Initial import 2016-04-04 12:36:30 +00:00			`module.exports.setup = app => {`
			`app.use(passport.initialize());`
			`app.use(passport.session());`
			`};`

All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`module.exports.restLogout = (req, res) => {`
			`req.logout();`
			`res.json();`
Initial import 2016-04-04 12:36:30 +00:00			`};`

All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`module.exports.restLogin = (req, res, next) => {`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`passport.authenticate(config.ldap.enabled ? 'ldap' : 'local', (err, user, info) => {`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`return next(err);`

Initial import 2016-04-04 12:36:30 +00:00			`if (!user) {`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`return next(new interoperableErrors.IncorrectPasswordError());`
Initial import 2016-04-04 12:36:30 +00:00			`}`
			`req.logIn(user, err => {`
			`if (err) {`
			`return next(err);`
			`}`

			`if (req.body.remember) {`
			`// Cookie expires after 30 days`
			`req.session.cookie.maxAge = 30 * 24 * 60 * 60 * 1000;`
			`} else {`
			`// Cookie expires at end of session`
			`req.session.cookie.expires = false;`
			`}`

All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`return res.json();`
Initial import 2016-04-04 12:36:30 +00:00			`});`
			`})(req, res, next);`
			`};`

v1.16.0 2016-08-29 10:57:27 +00:00			`if (config.ldap.enabled && LdapStrategy) {`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`log.info('Using LDAP auth');`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`module.exports.authMethod = 'ldap';`
			`module.exports.isAuthMethodLocal = false;`
Initial import 2016-04-04 12:36:30 +00:00
v1.16.0 2016-08-29 10:57:27 +00:00			`let opts = {`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`server: {`
v1.16.0 2016-08-29 10:57:27 +00:00			`url: 'ldap://' + config.ldap.host + ':' + config.ldap.port`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`},`
			`base: config.ldap.baseDN,`
			`search: {`
			`filter: config.ldap.filter,`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`attributes: [config.ldap.uidTag, config.ldap.nameTag, 'mail'],`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`scope: 'sub'`
[bugfix] Fix LDAP issue with OpenLDAP/MS AD 2017-03-15 17:10:00 +00:00			`},`
			`uidTag: config.ldap.uidTag`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`};`

All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`passport.use(new LdapStrategy(opts, nodeifyFunction(async (profile) => {`
			`try {`
			`const user = await users.getByUsername(profile[config.ldap.uidTag]);`

			`return {`
			`id: user.id,`
			`username: user.username,`
			`name: profile[config.ldap.nameTag],`
			`email: profile.mail`
			`};`

			`} catch (err) {`
			`if (err instanceof interoperableErrors.NotFoundError) {`
			`const userId = await users.createExternal({`
			`username: profile[config.ldap.uidTag],`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`});`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00
			`return {`
			`id: userId,`
			`username: profile[config.ldap.uidTag],`
			`name: profile[config.ldap.nameTag],`
			`email: profile.mail`
			`};`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`} else {`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`throw err;`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`}`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00
			`}`
			`})));`

			`passport.serializeUser((user, done) => { /* FIXME */ console.log(user); done(null, user); });`
			`passport.deserializeUser((user, done) => done(null, user));`

Add ldap authentication 2016-08-11 11:21:48 +00:00			`} else {`
			`log.info('Using local auth');`
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`module.exports.authMethod = 'local';`
			`module.exports.isAuthMethodLocal = true;`
Initial import 2016-04-04 12:36:30 +00:00
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`passport.use(new LocalStrategy(nodeifyFunction(async (username, password) => {`
			`return await users.getByUsernameIfPasswordMatch(username, password);`
			`})));`
Add ldap authentication 2016-08-11 11:21:48 +00:00
All about user login Not runnable at the moment 2017-07-08 13:48:34 +00:00			`passport.serializeUser((user, done) => done(null, user.id));`
			`passport.deserializeUser((id, done) => nodeifyPromise(users.getById(id), done));`
Add ldap authentication 2016-08-11 11:21:48 +00:00			`}`
Initial import 2016-04-04 12:36:30 +00:00