diff --git a/Dockerfile b/Dockerfile index a973757a4d..8bc6f85444 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # The base image is the latest 8.x node (LTS) -FROM node:8.15.1@sha256:287b8a533675e0c72cb374b5e5ab580961b2a203600e1758b95c475390bd9f9a +FROM node:8.15.1@sha256:c151597d05a3c8c4e7b2e988f71c8cd645235d96f39a47b16b1930ef9e7a5aab RUN mkdir -p /usr/src/app WORKDIR /usr/src/app diff --git a/install/package.json b/install/package.json index a06cdc0878..98ce967f5d 100644 --- a/install/package.json +++ b/install/package.json @@ -49,7 +49,7 @@ "connect-mongo": "2.0.3", "connect-multiparty": "^2.1.0", "connect-pg-simple": "^5.0.0", - "connect-redis": "3.4.0", + "connect-redis": "3.4.1", "continuation-local-storage": "^3.2.1", "cookie-parser": "^1.4.3", "cron": "^1.3.0", @@ -135,13 +135,13 @@ "@commitlint/cli": "7.5.2", "@commitlint/config-angular": "7.5.0", "coveralls": "3.0.3", - "eslint": "5.14.1", + "eslint": "5.15.1", "eslint-config-airbnb-base": "13.1.0", "eslint-plugin-import": "2.16.0", "grunt": "1.0.3", "grunt-contrib-watch": "1.1.0", "husky": "1.3.1", - "jsdom": "13.2.0", + "jsdom": "14.0.0", "lint-staged": "8.1.4", "mocha": "6.0.1", "mocha-lcov-reporter": "1.3.0", diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js index 5901cf5ead..56f7f12287 100644 --- a/src/controllers/authentication.js +++ b/src/controllers/authentication.js @@ -331,6 +331,15 @@ authenticationController.doLogin = function (req, uid, callback) { }; authenticationController.onSuccessfulLogin = function (req, uid, callback) { + // If already called once, return prematurely + if (req.res.locals.user) { + if (typeof callback === 'function') { + return setImmediate(callback); + } + + return true; + } + var uuid = utils.generateUUID(); req.uid = uid; @@ -392,7 +401,7 @@ authenticationController.onSuccessfulLogin = function (req, uid, callback) { if (typeof callback === 'function') { callback(err); } else { - return false; + return !!err; } }); }; diff --git a/src/middleware/index.js b/src/middleware/index.js index d2dd50b663..316d5a2ea6 100644 --- a/src/middleware/index.js +++ b/src/middleware/index.js @@ -217,3 +217,20 @@ middleware.trimUploadTimestamps = function trimUploadTimestamps(req, res, next) next(); }; + +middleware.validateAuth = function validateAuth(req, res, next) { + plugins.fireHook('static:auth.validate', { + user: res.locals.user, + strategy: res.locals.strategy, + }, function (err) { + if (err) { + return req.session.regenerate(function () { + req.uid = 0; + req.loggedIn = false; + next(err); + }); + } + + next(); + }); +}; diff --git a/src/routes/authentication.js b/src/routes/authentication.js index a4341ddf36..11e8c03432 100644 --- a/src/routes/authentication.js +++ b/src/routes/authentication.js @@ -100,14 +100,23 @@ Auth.reloadRoutes = function (router, callback) { return helpers.redirect(res, strategy.failureUrl !== undefined ? strategy.failureUrl : '/login'); } - req.login(user, function (err) { - if (err) { - return next(err); - } - - helpers.redirect(res, strategy.successUrl !== undefined ? strategy.successUrl : '/'); - }); + res.locals.user = user; + res.locals.strategy = strategy; + next(); })(req, res, next); + }, + Auth.middleware.validateAuth, + (req, res, next) => { + async.waterfall([ + async.apply(req.login.bind(req), res.locals.user), + async.apply(controllers.authentication.onSuccessfulLogin, req, req.uid), + ], function (err) { + if (err) { + return next(err); + } + + helpers.redirect(res, strategy.successUrl !== undefined ? strategy.successUrl : '/'); + }); }); });