public/mailtrain
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

All about user login

Browse source 
Not runnable at the moment
This commit is contained in:
Tomas Bures 2017-07-08 15:48:34 +02:00
parent fbb8f5799e
commit d79bbad575
49 changed files with 1554 additions and 686 deletions
Download patch file Download diff file Expand all files Collapse all files

26
lib/client-helpers.js Normal file
View file

@ -0,0 +1,26 @@
'use strict';
const passport = require('./passport');
function _getConfig() {
return {
authMethod: passport.authMethod,
isAuthMethodLocal: passport.isAuthMethodLocal
}
}
function registerRootRoute(router, title, entryPoint) {
router.get('/*', passport.csrfProtection, (req, res) => {
res.render('react-root', {
title,
reactEntryPoint: entryPoint,
reactCsrfToken: req.csrfToken(),
mailtrainConfig: JSON.stringify(_getConfig())
});
});
}
module.exports = {
registerRootRoute
};

46
lib/models/users-legacy.js → lib/models/users-legacy-REMOVE.js
View file

@ -39,52 +39,6 @@ module.exports.get = (id, callback) => {
});
};
module.exports.findByAccessToken = (accessToken, callback) => {
db.getConnection((err, connection) => {
if (err) {
return callback(err);
}
connection.query('SELECT `id`, `username`, `email`, `access_token` FROM `users` WHERE `access_token`=? LIMIT 1', [accessToken], (err, rows) => {
connection.release();
if (err) {
return callback(err);
}
if (!rows.length) {
return callback(null, false);
}
let user = tools.convertKeys(rows[0]);
return callback(null, user);
});
});
};
module.exports.findByUsername = (username, callback) => {
db.getConnection((err, connection) => {
if (err) {
return callback(err);
}
connection.query('SELECT `id`, `username`, `email`, `access_token` FROM `users` WHERE `username`=? LIMIT 1', [username], (err, rows) => {
connection.release();
if (err) {
return callback(err);
}
if (!rows.length) {
return callback(null, false);
}
let user = tools.convertKeys(rows[0]);
return callback(null, user);
});
});
};
module.exports.add = (username, password, email, callback) => {
db.getConnection((err, connection) => {
if (err) {

15
lib/nodeify.js Normal file
View file

@ -0,0 +1,15 @@
'use strict';
const nodeify = require('nodeify');
module.exports.nodeifyPromise = nodeify;
module.exports.nodeifyFunction = (asyncFun) => {
return (...args) => {
const callback = args.pop();
const promise = asyncFun(...args);
return module.exports.nodeifyPromise(promise, callback);
};
};

117
lib/passport.js
View file

@ -10,7 +10,10 @@ let LocalStrategy = require('passport-local').Strategy;
let csrf = require('csurf');
let bodyParser = require('body-parser');
let users = require('./models/users-legacy');
const users = require('../models/users');
const { nodeifyFunction, nodeifyPromise } = require('./nodeify');
const interoperableErrors = require('../shared/interoperable-errors');
let LdapStrategy;
try {
@ -30,28 +33,30 @@ module.exports.parseForm = bodyParser.urlencoded({
limit: config.www.postsize
});
module.exports.loggedIn = (req, res, next) => {
if (!req.user) {
next(new interoperableErrors.NotLoggedInError());
} else {
next();
}
};
module.exports.setup = app => {
app.use(passport.initialize());
app.use(passport.session());
};
module.exports.logout = (req, res) => {
if (req.user) {
req.flash('info', util.format(_('%s logged out'), req.user.username));
req.logout();
}
res.redirect('/');
module.exports.restLogout = (req, res) => {
req.logout();
res.json();
};
module.exports.login = (req, res, next) => {
module.exports.restLogin = (req, res, next) => {
passport.authenticate(config.ldap.enabled ? 'ldap' : 'local', (err, user, info) => {
if (err) {
req.flash('danger', err.message);
return next(err);
}
return next(err);
if (!user) {
req.flash('danger', info && info.message || _('Failed to authenticate user'));
return res.redirect('/users/login' + (req.body.next ? '?next=' + encodeURIComponent(req.body.next) : ''));
return next(new interoperableErrors.IncorrectPasswordError());
}
req.logIn(user, err => {
if (err) {
@ -66,14 +71,15 @@ module.exports.login = (req, res, next) => {
req.session.cookie.expires = false;
}
req.flash('success', util.format(_('Logged in as %s'), user.username));
return res.redirect(req.body.next || '/');
return res.json();
});
})(req, res, next);
};
if (config.ldap.enabled && LdapStrategy) {
log.info('Using LDAP auth');
module.exports.authMethod = 'ldap';
module.exports.isAuthMethodLocal = false;
let opts = {
server: {
@ -82,62 +88,55 @@ if (config.ldap.enabled && LdapStrategy) {
base: config.ldap.baseDN,
search: {
filter: config.ldap.filter,
attributes: [config.ldap.uidTag, 'mail'],
attributes: [config.ldap.uidTag, config.ldap.nameTag, 'mail'],
scope: 'sub'
},
uidTag: config.ldap.uidTag
};
passport.use(new LdapStrategy(opts, (profile, done) => {
users.findByUsername(profile[config.ldap.uidTag], (err, user) => {
if (err) {
return done(err);
}
passport.use(new LdapStrategy(opts, nodeifyFunction(async (profile) => {
try {
const user = await users.getByUsername(profile[config.ldap.uidTag]);
if (!user) {
// password is empty for ldap
users.add(profile[config.ldap.uidTag], '', profile.mail, (err, id) => {
if (err) {
return done(err);
}
return {
id: user.id,
username: user.username,
name: profile[config.ldap.nameTag],
email: profile.mail
};
return done(null, {
id,
username: profile[config.ldap.uidTag]
});
} catch (err) {
if (err instanceof interoperableErrors.NotFoundError) {
const userId = await users.createExternal({
username: profile[config.ldap.uidTag],
});
return {
id: userId,
username: profile[config.ldap.uidTag],
name: profile[config.ldap.nameTag],
email: profile.mail
};
} else {
return done(null, {
id: user.id,
username: user.username
});
throw err;
}
});
}));
}
})));
passport.serializeUser((user, done) => { /* FIXME */ console.log(user); done(null, user); });
passport.deserializeUser((user, done) => done(null, user));
} else {
log.info('Using local auth');
module.exports.authMethod = 'local';
module.exports.isAuthMethodLocal = true;
passport.use(new LocalStrategy((username, password, done) => {
users.authenticate(username, password, (err, user) => {
if (err) {
return done(err);
}
passport.use(new LocalStrategy(nodeifyFunction(async (username, password) => {
return await users.getByUsernameIfPasswordMatch(username, password);
})));
if (!user) {
return done(null, false, {
message: _('Incorrect username or password')
});
}
return done(null, user);
});
}));
passport.serializeUser((user, done) => done(null, user.id));
passport.deserializeUser((id, done) => nodeifyPromise(users.getById(id), done));
}
passport.serializeUser((user, done) => {
done(null, user.id);
});
passport.deserializeUser((id, done) => {
users.get(id, done);
});

3
lib/router-async.js
View file

@ -9,13 +9,14 @@ function replaceLastBySafeHandler(handlers) {
const lastHandler = handlers[handlers.length - 1];
const ret = handlers.slice();
ret[handlers.length - 1] = (req, res, next) => lastHandler(req, res).catch(error => next(error));
ret[handlers.length - 1] = (req, res, next) => lastHandler(req, res, next).catch(error => next(error));
return ret;
}
function create() {
const router = new express.Router();
router.allAsync = (path, ...handlers) => router.all(path, ...replaceLastBySafeHandler(handlers));
router.getAsync = (path, ...handlers) => router.get(path, ...replaceLastBySafeHandler(handlers));
router.postAsync = (path, ...handlers) => router.post(path, ...replaceLastBySafeHandler(handlers));
router.putAsync = (path, ...handlers) => router.put(path, ...replaceLastBySafeHandler(handlers));

1
lib/tools-async.js
View file

@ -2,7 +2,6 @@
const _ = require('./translate')._;
const util = require('util');
const Promise = require('bluebird');
const isemail = require('isemail')
module.exports = {