nodebb/src/routes/authentication.js

(function(Auth) {
	var passport = require('passport'),
		passportLocal = require('passport-local').Strategy,
		passportTwitter = require('passport-twitter').Strategy,
		passportGoogle = require('passport-google-oauth').OAuth2Strategy,
		passportFacebook = require('passport-facebook').Strategy,
		login_strategies = [],
		nconf = require('nconf'),
		meta = require('../meta'),
		user = require('../user'),
		winston = require('winston'),
		login_module = require('./../login.js');

	passport.use(new passportLocal(function(user, password, next) {
		login_module.loginViaLocal(user, password, function(err, login) {
			if (!err) next(null, login.user);
			else next(null, false, err);
		});
	}));

	if (meta.config['social:twitter:key'] && meta.config['social:twitter:secret']) {
		passport.use(new passportTwitter({
			consumerKey: meta.config['social:twitter:key'],
			consumerSecret: meta.config['social:twitter:secret'],
			callbackURL: nconf.get('url') + 'auth/twitter/callback'
		}, function(token, tokenSecret, profile, done) {
			login_module.loginViaTwitter(profile.id, profile.username, profile.photos, function(err, user) {
				if (err) {
					return done(err);
				}
				done(null, user);
			});
		}));

		login_strategies.push('twitter');
	}

	if (meta.config['social:google:id'] && meta.config['social:google:secret']) {
		passport.use(new passportGoogle({
			clientID: meta.config['social:google:id'],
			clientSecret: meta.config['social:google:secret'],
			callbackURL: nconf.get('url') + 'auth/google/callback'
		}, function(accessToken, refreshToken, profile, done) {
			login_module.loginViaGoogle(profile.id, profile.displayName, profile.emails[0].value, function(err, user) {
				if (err) {
					return done(err);
				}
				done(null, user);
			});
		}));

		login_strategies.push('google');
	}

	if (meta.config['social:facebook:app_id'] && meta.config['social:facebook:secret']) {
		passport.use(new passportFacebook({
			clientID: meta.config['social:facebook:app_id'],
			clientSecret: meta.config['social:facebook:secret'],
			callbackURL: nconf.get('url') + 'auth/facebook/callback'
		}, function(accessToken, refreshToken, profile, done) {
			login_module.loginViaFacebook(profile.id, profile.displayName, profile.emails[0].value, function(err, user) {
				if (err) {
					return done(err);
				}
				done(null, user);
			});
		}));

		login_strategies.push('facebook');
	}

	passport.serializeUser(function(user, done) {
		done(null, user.uid);
	});

	passport.deserializeUser(function(uid, done) {
		done(null, {
			uid: uid
		});
	});

	Auth.initialize = function(app) {
		app.use(passport.initialize());
		app.use(passport.session());
	}


	Auth.get_login_strategies = function() {
		return login_strategies;
	}

	Auth.createRoutes = function(app) {
		app.post('/logout', function(req, res) {
			if (req.user && req.user.uid > 0) {
				winston.info('[Auth] Session ' + req.sessionID + ' logout (uid: ' + req.user.uid + ')');

				var ws = require('./../websockets');
				ws.logoutUser(req.user.uid);

				req.logout();
			}

			res.send(200)
		});

		if (login_strategies.indexOf('twitter') !== -1) {
			app.get('/auth/twitter', passport.authenticate('twitter'));

			app.get('/auth/twitter/callback', passport.authenticate('twitter', {
				successRedirect: '/',
				failureRedirect: '/login'
			}));
		}

		if (login_strategies.indexOf('google') !== -1) {
			app.get('/auth/google', passport.authenticate('google', {
				scope: 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email'
			}));

			app.get('/auth/google/callback', passport.authenticate('google', {
				successRedirect: '/',
				failureRedirect: '/login'
			}));
		}

		if (login_strategies.indexOf('facebook') !== -1) {
			app.get('/auth/facebook', passport.authenticate('facebook', {
				scope: 'email'
			}));

			app.get('/auth/facebook/callback', passport.authenticate('facebook', {
				successRedirect: '/',
				failureRedirect: '/login'
			}));
		}


		app.get('/reset/:code', function(req, res) {
			app.build_header({
				req: req,
				res: res
			}, function(err, header) {
				res.send(header + app.create_route('reset/' + req.params.code) + templates['footer']);
			});
		});

		app.get('/reset', function(req, res) {
			app.build_header({
				req: req,
				res: res
			}, function(err, header) {
				res.send(header + app.create_route('reset') + templates['footer']);
			});
		});

		app.post('/login', function(req, res, next) {
			passport.authenticate('local', function(err, user, info) {
				if (err) {
					return next(err);
				}
				if (!user) {
					return res.send({
						success: false,
						message: info.message
					});
				}
				req.login({
					uid: user.uid
				}, function() {
					res.send({
						success: true,
						message: 'authentication succeeded'
					});
				});
			})(req, res, next);
		});

		app.post('/register', function(req, res) {
			user.create(req.body.username, req.body.password, req.body.email, function(err, uid) {
				if (err === null && uid) {
					req.login({
						uid: uid
					}, function() {

						require('./../websockets').emitUserCount();

						if(req.body.referrer)
							res.redirect(req.body.referrer);
						else
							res.redirect(nconf.get('relative_path') + '/');
					});
				} else {
					res.redirect(nconf.get('relative_path') + '/register');
				}
			});
		});
	}
}(exports));
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`(function(Auth) {`
			`var passport = require('passport'),`
			`passportLocal = require('passport-local').Strategy,`
			`passportTwitter = require('passport-twitter').Strategy,`
			`passportGoogle = require('passport-google-oauth').OAuth2Strategy,`
			`passportFacebook = require('passport-facebook').Strategy,`
			`login_strategies = [],`
possible fix for #101 12 years ago			`nconf = require('nconf'),`
meta config changes, refactors 12 years ago			`meta = require('../meta'),`
ban users, closes #125, banning a user hides all posts topics of a user and their profile page becomes inaccessible 12 years ago			`user = require('../user'),`
more winston, issue #62 12 years ago			`winston = require('winston'),`
moved login code from user.js to login.js 12 years ago			`login_module = require('./../login.js');`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago
			`passport.use(new passportLocal(function(user, password, next) {`
closed #297 12 years ago			`login_module.loginViaLocal(user, password, function(err, login) {`
			`if (!err) next(null, login.user);`
			`else next(null, false, err);`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`});`
			`}));`

meta config changes, refactors 12 years ago			`if (meta.config['social:twitter:key'] && meta.config['social:twitter:secret']) {`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`passport.use(new passportTwitter({`
meta config changes, refactors 12 years ago			`consumerKey: meta.config['social:twitter:key'],`
			`consumerSecret: meta.config['social:twitter:secret'],`
possible fix for #101 12 years ago			`callbackURL: nconf.get('url') + 'auth/twitter/callback'`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`}, function(token, tokenSecret, profile, done) {`
fixed #31 - twitter profile picture now used as nodebb avatar in lieu of email address for gravatar 12 years ago			`login_module.loginViaTwitter(profile.id, profile.username, profile.photos, function(err, user) {`
formatting - routes 12 years ago			`if (err) {`
			`return done(err);`
			`}`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`done(null, user);`
			`});`
			`}));`

			`login_strategies.push('twitter');`
			`}`

meta config changes, refactors 12 years ago			`if (meta.config['social:google:id'] && meta.config['social:google:secret']) {`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`passport.use(new passportGoogle({`
meta config changes, refactors 12 years ago			`clientID: meta.config['social:google:id'],`
			`clientSecret: meta.config['social:google:secret'],`
possible fix for #101 12 years ago			`callbackURL: nconf.get('url') + 'auth/google/callback'`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`}, function(accessToken, refreshToken, profile, done) {`
moved login code from user.js to login.js 12 years ago			`login_module.loginViaGoogle(profile.id, profile.displayName, profile.emails[0].value, function(err, user) {`
formatting - routes 12 years ago			`if (err) {`
			`return done(err);`
			`}`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`done(null, user);`
			`});`
			`}));`

			`login_strategies.push('google');`
			`}`

meta config changes, refactors 12 years ago			`if (meta.config['social:facebook:app_id'] && meta.config['social:facebook:secret']) {`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`passport.use(new passportFacebook({`
meta config changes, refactors 12 years ago			`clientID: meta.config['social:facebook:app_id'],`
			`clientSecret: meta.config['social:facebook:secret'],`
possible fix for #101 12 years ago			`callbackURL: nconf.get('url') + 'auth/facebook/callback'`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`}, function(accessToken, refreshToken, profile, done) {`
moved login code from user.js to login.js 12 years ago			`login_module.loginViaFacebook(profile.id, profile.displayName, profile.emails[0].value, function(err, user) {`
formatting - routes 12 years ago			`if (err) {`
			`return done(err);`
			`}`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`done(null, user);`
			`});`
			`}));`

			`login_strategies.push('facebook');`
			`}`

			`passport.serializeUser(function(user, done) {`
			`done(null, user.uid);`
			`});`

			`passport.deserializeUser(function(uid, done) {`
			`done(null, {`
			`uid: uid`
			`});`
			`});`

			`Auth.initialize = function(app) {`
			`app.use(passport.initialize());`
			`app.use(passport.session());`
			`}`
meta config changes, refactors 12 years ago
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago
			`Auth.get_login_strategies = function() {`
			`return login_strategies;`
			`}`

closes #495 11 years ago			`Auth.createRoutes = function(app) {`
closed #315 12 years ago			`app.post('/logout', function(req, res) {`
closed #132 - issue where all auth routes were not rendering the header properly 12 years ago			`if (req.user && req.user.uid > 0) {`
more winston, issue #62 12 years ago			`winston.info('[Auth] Session ' + req.sessionID + ' logout (uid: ' + req.user.uid + ')');`
closes #303 12 years ago
logout/login changes, updateHeader changes 11 years ago			`var ws = require('./../websockets');`
			`ws.logoutUser(req.user.uid);`

closes #303 12 years ago			`req.logout();`
closed #315 12 years ago			`}`

			`res.send(200)`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`});`

			`if (login_strategies.indexOf('twitter') !== -1) {`
			`app.get('/auth/twitter', passport.authenticate('twitter'));`

			`app.get('/auth/twitter/callback', passport.authenticate('twitter', {`
			`successRedirect: '/',`
			`failureRedirect: '/login'`
			`}));`
			`}`

			`if (login_strategies.indexOf('google') !== -1) {`
formatting - routes 12 years ago			`app.get('/auth/google', passport.authenticate('google', {`
			`scope: 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email'`
			`}));`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago
			`app.get('/auth/google/callback', passport.authenticate('google', {`
			`successRedirect: '/',`
			`failureRedirect: '/login'`
			`}));`
			`}`

			`if (login_strategies.indexOf('facebook') !== -1) {`
formatting - routes 12 years ago			`app.get('/auth/facebook', passport.authenticate('facebook', {`
			`scope: 'email'`
			`}));`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago
			`app.get('/auth/facebook/callback', passport.authenticate('facebook', {`
			`successRedirect: '/',`
			`failureRedirect: '/login'`
			`}));`
			`}`



			`app.get('/reset/:code', function(req, res) {`
formatting - routes 12 years ago			`app.build_header({`
			`req: req,`
			`res: res`
			`}, function(err, header) {`
			`res.send(header + app.create_route('reset/' + req.params.code) + templates['footer']);`
refactored all calls to app.build_header (in regular and auth routes) 12 years ago			`});`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`});`

			`app.get('/reset', function(req, res) {`
formatting - routes 12 years ago			`app.build_header({`
			`req: req,`
			`res: res`
			`}, function(err, header) {`
closes #171 12 years ago			`res.send(header + app.create_route('reset') + templates['footer']);`
refactored all calls to app.build_header (in regular and auth routes) 12 years ago			`});`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`});`
meta config changes, refactors 12 years ago
banned users cant login, show error messages on failed logins 12 years ago			`app.post('/login', function(req, res, next) {`
			`passport.authenticate('local', function(err, user, info) {`
formatting - routes 12 years ago			`if (err) {`
banned users cant login, show error messages on failed logins 12 years ago			`return next(err);`
			`}`
			`if (!user) {`
formatting - routes 12 years ago			`return res.send({`
			`success: false,`
			`message: info.message`
			`});`
banned users cant login, show error messages on failed logins 12 years ago			`}`
			`req.login({`
			`uid: user.uid`
			`}, function() {`
formatting - routes 12 years ago			`res.send({`
			`success: true,`
			`message: 'authentication succeeded'`
			`});`
banned users cant login, show error messages on failed logins 12 years ago			`});`
			`})(req, res, next);`
changed login to ajax added error message for incorret login, closes #36 12 years ago			`});`
meta config changes, refactors 12 years ago
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`app.post('/register', function(req, res) {`
ban users, closes #125, banning a user hides all posts topics of a user and their profile page becomes inaccessible 12 years ago			`user.create(req.body.username, req.body.password, req.body.email, function(err, uid) {`
			`if (err === null && uid) {`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`req.login({`
			`uid: uid`
			`}, function() {`
removed io from user.js, figure out why notifications are breaking when websockets.js is required from it 11 years ago
			`require('./../websockets').emitUserCount();`

closes #215 11 years ago			`if(req.body.referrer)`
			`res.redirect(req.body.referrer);`
			`else`
			`res.redirect(nconf.get('relative_path') + '/');`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`});`
			`} else {`
closes #171 12 years ago			`res.redirect(nconf.get('relative_path') + '/register');`
cleaned up webserver a bit, moved over authentication stuff into its own file, got rid of unused routes, user routes still need to be moved out but am waiting for baris to finish 12 years ago			`}`
			`});`
			`});`
			`}`
			`}(exports));`