Moved onSuccessfulLogin call from plugins to core, + auth verification hook (#7416)

* fix: #7412, calling controllers.onSuccessfulLogin in core * feat: added plugin hook for auth validation
6 years ago · d2cfe6b946
parent d8486e887a
commit d2cfe6b946
3 changed files with 43 additions and 8 deletions
--- a/src/controllers/authentication.js
+++ b/src/controllers/authentication.js
@ -331,6 +331,15 @@ authenticationController.doLogin = function (req, uid, callback) {
 };

 authenticationController.onSuccessfulLogin = function (req, uid, callback) {
+	// If already called once, return prematurely
+	if (req.res.locals.user) {
+		if (typeof callback === 'function') {
+			return setImmediate(callback);
+		}
+
+		return true;
+	}
+
 	var uuid = utils.generateUUID();

 	req.uid = uid;
@ -392,7 +401,7 @@ authenticationController.onSuccessfulLogin = function (req, uid, callback) {
 		if (typeof callback === 'function') {
 			callback(err);
 		} else {
-			return false;
+			return !!err;
 		}
 	});
 };
--- a/src/middleware/index.js
+++ b/src/middleware/index.js
@ -217,3 +217,20 @@ middleware.trimUploadTimestamps = function trimUploadTimestamps(req, res, next)

 	next();
 };
+
+middleware.validateAuth = function validateAuth(req, res, next) {
+	plugins.fireHook('static:auth.validate', {
+		user: res.locals.user,
+		strategy: res.locals.strategy,
+	}, function (err) {
+		if (err) {
+			return req.session.regenerate(function () {
+				req.uid = 0;
+				req.loggedIn = false;
+				next(err);
+			});
+		}
+
+		next();
+	});
+};
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@ -100,14 +100,23 @@ Auth.reloadRoutes = function (router, callback) {
 							return helpers.redirect(res, strategy.failureUrl !== undefined ? strategy.failureUrl : '/login');
 						}

-						req.login(user, function (err) {
-							if (err) {
-								return next(err);
-							}
-
-							helpers.redirect(res, strategy.successUrl !== undefined ? strategy.successUrl : '/');
-						});
+						res.locals.user = user;
+						res.locals.strategy = strategy;
+						next();
 					})(req, res, next);
+				},
+				Auth.middleware.validateAuth,
+				(req, res, next) => {
+					async.waterfall([
+						async.apply(req.login.bind(req), res.locals.user),
+						async.apply(controllers.authentication.onSuccessfulLogin, req, req.uid),
+					], function (err) {
+						if (err) {
+							return next(err);
+						}
+
+						helpers.redirect(res, strategy.successUrl !== undefined ? strategy.successUrl : '/');
+					});
 				});
 			});