All about user login
Not runnable at the moment
This commit is contained in:
Tomas Bures
parent
fbb8f5799e
commit
d79bbad575
49 changed files with 1554 additions and 686 deletions
117
lib/passport.js
117
lib/passport.js
|
|
@ -10,7 +10,10 @@ let LocalStrategy = require('passport-local').Strategy;
|
|||
|
||||
let csrf = require('csurf');
|
||||
let bodyParser = require('body-parser');
|
||||
let users = require('./models/users-legacy');
|
||||
|
||||
const users = require('../models/users');
|
||||
const { nodeifyFunction, nodeifyPromise } = require('./nodeify');
|
||||
const interoperableErrors = require('../shared/interoperable-errors');
|
||||
|
||||
let LdapStrategy;
|
||||
try {
|
||||
|
|
@ -30,28 +33,30 @@ module.exports.parseForm = bodyParser.urlencoded({
|
|||
limit: config.www.postsize
|
||||
});
|
||||
|
||||
module.exports.loggedIn = (req, res, next) => {
|
||||
if (!req.user) {
|
||||
next(new interoperableErrors.NotLoggedInError());
|
||||
} else {
|
||||
next();
|
||||
}
|
||||
};
|
||||
|
||||
module.exports.setup = app => {
|
||||
app.use(passport.initialize());
|
||||
app.use(passport.session());
|
||||
};
|
||||
|
||||
module.exports.logout = (req, res) => {
|
||||
if (req.user) {
|
||||
req.flash('info', util.format(_('%s logged out'), req.user.username));
|
||||
req.logout();
|
||||
}
|
||||
res.redirect('/');
|
||||
module.exports.restLogout = (req, res) => {
|
||||
req.logout();
|
||||
res.json();
|
||||
};
|
||||
|
||||
module.exports.login = (req, res, next) => {
|
||||
module.exports.restLogin = (req, res, next) => {
|
||||
passport.authenticate(config.ldap.enabled ? 'ldap' : 'local', (err, user, info) => {
|
||||
if (err) {
|
||||
req.flash('danger', err.message);
|
||||
return next(err);
|
||||
}
|
||||
return next(err);
|
||||
|
||||
if (!user) {
|
||||
req.flash('danger', info && info.message || _('Failed to authenticate user'));
|
||||
return res.redirect('/users/login' + (req.body.next ? '?next=' + encodeURIComponent(req.body.next) : ''));
|
||||
return next(new interoperableErrors.IncorrectPasswordError());
|
||||
}
|
||||
req.logIn(user, err => {
|
||||
if (err) {
|
||||
|
|
@ -66,14 +71,15 @@ module.exports.login = (req, res, next) => {
|
|||
req.session.cookie.expires = false;
|
||||
}
|
||||
|
||||
req.flash('success', util.format(_('Logged in as %s'), user.username));
|
||||
return res.redirect(req.body.next || '/');
|
||||
return res.json();
|
||||
});
|
||||
})(req, res, next);
|
||||
};
|
||||
|
||||
if (config.ldap.enabled && LdapStrategy) {
|
||||
log.info('Using LDAP auth');
|
||||
module.exports.authMethod = 'ldap';
|
||||
module.exports.isAuthMethodLocal = false;
|
||||
|
||||
let opts = {
|
||||
server: {
|
||||
|
|
@ -82,62 +88,55 @@ if (config.ldap.enabled && LdapStrategy) {
|
|||
base: config.ldap.baseDN,
|
||||
search: {
|
||||
filter: config.ldap.filter,
|
||||
attributes: [config.ldap.uidTag, 'mail'],
|
||||
attributes: [config.ldap.uidTag, config.ldap.nameTag, 'mail'],
|
||||
scope: 'sub'
|
||||
},
|
||||
uidTag: config.ldap.uidTag
|
||||
};
|
||||
|
||||
passport.use(new LdapStrategy(opts, (profile, done) => {
|
||||
users.findByUsername(profile[config.ldap.uidTag], (err, user) => {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
passport.use(new LdapStrategy(opts, nodeifyFunction(async (profile) => {
|
||||
try {
|
||||
const user = await users.getByUsername(profile[config.ldap.uidTag]);
|
||||
|
||||
if (!user) {
|
||||
// password is empty for ldap
|
||||
users.add(profile[config.ldap.uidTag], '', profile.mail, (err, id) => {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
return {
|
||||
id: user.id,
|
||||
username: user.username,
|
||||
name: profile[config.ldap.nameTag],
|
||||
email: profile.mail
|
||||
};
|
||||
|
||||
return done(null, {
|
||||
id,
|
||||
username: profile[config.ldap.uidTag]
|
||||
});
|
||||
} catch (err) {
|
||||
if (err instanceof interoperableErrors.NotFoundError) {
|
||||
const userId = await users.createExternal({
|
||||
username: profile[config.ldap.uidTag],
|
||||
});
|
||||
|
||||
return {
|
||||
id: userId,
|
||||
username: profile[config.ldap.uidTag],
|
||||
name: profile[config.ldap.nameTag],
|
||||
email: profile.mail
|
||||
};
|
||||
} else {
|
||||
return done(null, {
|
||||
id: user.id,
|
||||
username: user.username
|
||||
});
|
||||
throw err;
|
||||
}
|
||||
});
|
||||
}));
|
||||
|
||||
}
|
||||
})));
|
||||
|
||||
passport.serializeUser((user, done) => { /* FIXME */ console.log(user); done(null, user); });
|
||||
passport.deserializeUser((user, done) => done(null, user));
|
||||
|
||||
} else {
|
||||
log.info('Using local auth');
|
||||
module.exports.authMethod = 'local';
|
||||
module.exports.isAuthMethodLocal = true;
|
||||
|
||||
passport.use(new LocalStrategy((username, password, done) => {
|
||||
users.authenticate(username, password, (err, user) => {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
passport.use(new LocalStrategy(nodeifyFunction(async (username, password) => {
|
||||
return await users.getByUsernameIfPasswordMatch(username, password);
|
||||
})));
|
||||
|
||||
if (!user) {
|
||||
return done(null, false, {
|
||||
message: _('Incorrect username or password')
|
||||
});
|
||||
}
|
||||
|
||||
return done(null, user);
|
||||
});
|
||||
}));
|
||||
passport.serializeUser((user, done) => done(null, user.id));
|
||||
passport.deserializeUser((id, done) => nodeifyPromise(users.getById(id), done));
|
||||
}
|
||||
|
||||
passport.serializeUser((user, done) => {
|
||||
done(null, user.id);
|
||||
});
|
||||
|
||||
passport.deserializeUser((id, done) => {
|
||||
users.get(id, done);
|
||||
});
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue