You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
233 lines
5.8 KiB
JavaScript
233 lines
5.8 KiB
JavaScript
(function(Auth) {
|
|
"use strict";
|
|
|
|
var passport = require('passport'),
|
|
passportLocal = require('passport-local').Strategy,
|
|
nconf = require('nconf'),
|
|
bcrypt = require('bcryptjs'),
|
|
winston = require('winston'),
|
|
async = require('async'),
|
|
|
|
meta = require('./../meta'),
|
|
user = require('./../user'),
|
|
plugins = require('./../plugins'),
|
|
db = require('../database'),
|
|
utils = require('./../../public/src/utils'),
|
|
|
|
login_strategies = [];
|
|
|
|
function logout(req, res) {
|
|
if (req.user && parseInt(req.user.uid, 10) > 0) {
|
|
winston.info('[Auth] Session ' + req.sessionID + ' logout (uid: ' + req.user.uid + ')');
|
|
|
|
var ws = require('../socket.io');
|
|
ws.logoutUser(req.user.uid);
|
|
|
|
req.logout();
|
|
}
|
|
|
|
res.send(200);
|
|
}
|
|
|
|
function login(req, res, next) {
|
|
var continueLogin = function() {
|
|
passport.authenticate('local', function(err, userData, info) {
|
|
if (err) {
|
|
return res.json(403, err.message);
|
|
}
|
|
|
|
if (!userData) {
|
|
return res.json(403, info);
|
|
}
|
|
|
|
// Alter user cookie depending on passed-in option
|
|
if (req.body.remember === 'true') {
|
|
var duration = 1000*60*60*24*parseInt(meta.configs.loginDays || 14, 10);
|
|
req.session.cookie.maxAge = duration;
|
|
req.session.cookie.expires = new Date(Date.now() + duration);
|
|
} else {
|
|
req.session.cookie.maxAge = false;
|
|
req.session.cookie.expires = false;
|
|
}
|
|
|
|
req.login({
|
|
uid: userData.uid
|
|
}, function() {
|
|
if (userData.uid) {
|
|
user.logIP(userData.uid, req.ip);
|
|
}
|
|
|
|
res.json(200, info);
|
|
});
|
|
})(req, res, next);
|
|
};
|
|
|
|
if(meta.config.allowLocalLogin !== undefined && parseInt(meta.config.allowLocalLogin, 10) === 0) {
|
|
return res.send(404);
|
|
}
|
|
|
|
if (req.body.username && utils.isEmailValid(req.body.username)) {
|
|
user.getUsernameByEmail(req.body.username, function(err, username) {
|
|
if (err) {
|
|
return next(err);
|
|
}
|
|
req.body.username = username ? username : req.body.username;
|
|
continueLogin();
|
|
});
|
|
} else {
|
|
continueLogin();
|
|
}
|
|
}
|
|
|
|
function register(req, res) {
|
|
if(meta.config.allowRegistration !== undefined && parseInt(meta.config.allowRegistration, 10) === 0) {
|
|
return res.send(403);
|
|
}
|
|
|
|
var userData = {};
|
|
|
|
for (var key in req.body) {
|
|
if (req.body.hasOwnProperty(key)) {
|
|
userData[key] = req.body[key];
|
|
}
|
|
}
|
|
|
|
plugins.fireHook('filter:register.check', req, res, userData, function(err, req, res, userData) {
|
|
if (err) {
|
|
return res.redirect(nconf.get('relative_path') + '/register' + (err.message ? '?error=' + err.message : ''));
|
|
}
|
|
|
|
user.create(userData, function(err, uid) {
|
|
if (err || !uid) {
|
|
return res.redirect(nconf.get('relative_path') + '/register');
|
|
}
|
|
|
|
req.login({
|
|
uid: uid
|
|
}, function() {
|
|
user.logIP(uid, req.ip);
|
|
|
|
require('../socket.io').emitUserCount();
|
|
|
|
plugins.fireHook('filter:register.complete', uid, req.body.referrer, function(err, uid, destination) {
|
|
if(destination) {
|
|
res.redirect(destination);
|
|
} else {
|
|
res.redirect(nconf.get('relative_path') + '/');
|
|
}
|
|
});
|
|
});
|
|
});
|
|
});
|
|
}
|
|
|
|
Auth.initialize = function(app) {
|
|
app.use(passport.initialize());
|
|
app.use(passport.session());
|
|
};
|
|
|
|
|
|
Auth.get_login_strategies = function() {
|
|
return login_strategies;
|
|
};
|
|
|
|
Auth.registerApp = function(app) {
|
|
Auth.app = app;
|
|
};
|
|
|
|
Auth.createRoutes = function(app, middleware, controllers) {
|
|
plugins.ready(function() {
|
|
plugins.fireHook('filter:auth.init', login_strategies, function(err) {
|
|
if (err) {
|
|
winston.error('filter:auth.init - plugin failure');
|
|
}
|
|
|
|
for (var i in login_strategies) {
|
|
if (login_strategies.hasOwnProperty(i)) {
|
|
var strategy = login_strategies[i];
|
|
app.get(strategy.url, passport.authenticate(strategy.name, {
|
|
scope: strategy.scope
|
|
}));
|
|
|
|
app.get(strategy.callbackURL, passport.authenticate(strategy.name, {
|
|
successRedirect: '/',
|
|
failureRedirect: '/login'
|
|
}));
|
|
}
|
|
}
|
|
|
|
app.post('/logout', logout);
|
|
app.post('/register', register);
|
|
app.post('/login', login);
|
|
});
|
|
});
|
|
};
|
|
|
|
Auth.login = function(username, password, next) {
|
|
if (!username || !password) {
|
|
return next(new Error('[[error:invalid-user-data]]'));
|
|
}
|
|
|
|
var userslug = utils.slugify(username);
|
|
|
|
user.getUidByUserslug(userslug, function(err, uid) {
|
|
if (err) {
|
|
return next(err);
|
|
}
|
|
|
|
if(!uid) {
|
|
// To-do: Even if a user doesn't exist, compare passwords anyway, so we don't immediately return
|
|
return next(null, false, '[[error:no-user]]');
|
|
}
|
|
|
|
user.auth.logAttempt(uid, function(err) {
|
|
if (err) {
|
|
return next(null, false, err.message);
|
|
}
|
|
|
|
db.getObjectFields('user:' + uid, ['password', 'banned'], function(err, userData) {
|
|
if (err) {
|
|
return next(err);
|
|
}
|
|
|
|
if (!userData || !userData.password) {
|
|
return next(new Error('[[error:invalid-user-data]]'));
|
|
}
|
|
|
|
if (userData.banned && parseInt(userData.banned, 10) === 1) {
|
|
return next(null, false, '[[error:user-banned]]');
|
|
}
|
|
|
|
bcrypt.compare(password, userData.password, function(err, res) {
|
|
if (err) {
|
|
return next(new Error('bcrypt compare error'));
|
|
}
|
|
|
|
if (!res) {
|
|
return next(null, false, '[[error:invalid-password]]');
|
|
}
|
|
|
|
user.auth.clearLoginAttempts(uid);
|
|
|
|
next(null, {
|
|
uid: uid
|
|
}, '[[success:authentication-successful]]');
|
|
});
|
|
});
|
|
});
|
|
});
|
|
};
|
|
|
|
passport.use(new passportLocal(Auth.login));
|
|
|
|
passport.serializeUser(function(user, done) {
|
|
done(null, user.uid);
|
|
});
|
|
|
|
passport.deserializeUser(function(uid, done) {
|
|
done(null, {
|
|
uid: uid
|
|
});
|
|
});
|
|
}(exports));
|