Merge branch 'master' of https://github.com/NodeBB/NodeBB

6 years ago · 6cd3ac5b9b
parent b71e0eb179 d2cfe6b946
commit 6cd3ac5b9b
5 changed files with 47 additions and 12 deletions
--- a/2
+++ b/2
@ -1,5 +1,5 @@
 # The base image is the latest 8.x node (LTS)
-FROM node:8.15.1@sha256:287b8a533675e0c72cb374b5e5ab580961b2a203600e1758b95c475390bd9f9a
+FROM node:8.15.1@sha256:c151597d05a3c8c4e7b2e988f71c8cd645235d96f39a47b16b1930ef9e7a5aab

 RUN mkdir -p /usr/src/app
 WORKDIR /usr/src/app
--- a/install/package.json
+++ b/install/package.json
@ -49,7 +49,7 @@
        "connect-mongo": "2.0.3",
        "connect-multiparty": "^2.1.0",
        "connect-pg-simple": "^5.0.0",
-        "connect-redis": "3.4.0",
+        "connect-redis": "3.4.1",
        "continuation-local-storage": "^3.2.1",
        "cookie-parser": "^1.4.3",
        "cron": "^1.3.0",
@ -135,13 +135,13 @@
        "@commitlint/cli": "7.5.2",
        "@commitlint/config-angular": "7.5.0",
        "coveralls": "3.0.3",
-        "eslint": "5.14.1",
+        "eslint": "5.15.1",
        "eslint-config-airbnb-base": "13.1.0",
        "eslint-plugin-import": "2.16.0",
        "grunt": "1.0.3",
        "grunt-contrib-watch": "1.1.0",
        "husky": "1.3.1",
-        "jsdom": "13.2.0",
+        "jsdom": "14.0.0",
        "lint-staged": "8.1.4",
        "mocha": "6.0.1",
        "mocha-lcov-reporter": "1.3.0",
--- a/src/controllers/authentication.js
+++ b/src/controllers/authentication.js
@ -331,6 +331,15 @@ authenticationController.doLogin = function (req, uid, callback) {
 };

 authenticationController.onSuccessfulLogin = function (req, uid, callback) {
+	// If already called once, return prematurely
+	if (req.res.locals.user) {
+		if (typeof callback === 'function') {
+			return setImmediate(callback);
+		}
+
+		return true;
+	}
+
 	var uuid = utils.generateUUID();

 	req.uid = uid;
@ -392,7 +401,7 @@ authenticationController.onSuccessfulLogin = function (req, uid, callback) {
 		if (typeof callback === 'function') {
 			callback(err);
 		} else {
-			return false;
+			return !!err;
 		}
 	});
 };
--- a/src/middleware/index.js
+++ b/src/middleware/index.js
@ -217,3 +217,20 @@ middleware.trimUploadTimestamps = function trimUploadTimestamps(req, res, next)

 	next();
 };
+
+middleware.validateAuth = function validateAuth(req, res, next) {
+	plugins.fireHook('static:auth.validate', {
+		user: res.locals.user,
+		strategy: res.locals.strategy,
+	}, function (err) {
+		if (err) {
+			return req.session.regenerate(function () {
+				req.uid = 0;
+				req.loggedIn = false;
+				next(err);
+			});
+		}
+
+		next();
+	});
+};
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@ -100,14 +100,23 @@ Auth.reloadRoutes = function (router, callback) {
 							return helpers.redirect(res, strategy.failureUrl !== undefined ? strategy.failureUrl : '/login');
 						}

-						req.login(user, function (err) {
-							if (err) {
-								return next(err);
-							}
-
-							helpers.redirect(res, strategy.successUrl !== undefined ? strategy.successUrl : '/');
-						});
+						res.locals.user = user;
+						res.locals.strategy = strategy;
+						next();
 					})(req, res, next);
+				},
+				Auth.middleware.validateAuth,
+				(req, res, next) => {
+					async.waterfall([
+						async.apply(req.login.bind(req), res.locals.user),
+						async.apply(controllers.authentication.onSuccessfulLogin, req, req.uid),
+					], function (err) {
+						if (err) {
+							return next(err);
+						}
+
+						helpers.redirect(res, strategy.successUrl !== undefined ? strategy.successUrl : '/');
+					});
 				});
 			});