2013-05-09 06:26:32 +00:00
|
|
|
(function(Auth) {
|
2014-03-02 14:45:57 -05:00
|
|
|
"use strict";
|
|
|
|
|
|
2013-05-09 06:26:32 +00:00
|
|
|
var passport = require('passport'),
|
|
|
|
|
passportLocal = require('passport-local').Strategy,
|
2013-07-21 14:25:42 -04:00
|
|
|
nconf = require('nconf'),
|
2014-01-27 13:37:31 -05:00
|
|
|
bcrypt = require('bcryptjs'),
|
|
|
|
|
winston = require('winston'),
|
|
|
|
|
|
2014-03-05 17:13:55 -05:00
|
|
|
meta = require('./../meta'),
|
|
|
|
|
user = require('./../user'),
|
|
|
|
|
plugins = require('./../plugins'),
|
|
|
|
|
utils = require('./../../public/src/utils'),
|
2014-01-31 09:03:06 -05:00
|
|
|
templates = require('./../../public/src/templates'),
|
2014-01-27 13:37:31 -05:00
|
|
|
|
|
|
|
|
login_strategies = [];
|
2013-05-09 06:26:32 +00:00
|
|
|
|
2013-11-28 10:30:29 -05:00
|
|
|
plugins.ready(function() {
|
|
|
|
|
plugins.fireHook('filter:auth.init', login_strategies, function(err) {
|
|
|
|
|
if (err) {
|
|
|
|
|
winston.error('filter:auth.init - plugin failure');
|
|
|
|
|
}
|
2013-11-28 11:13:03 -05:00
|
|
|
|
|
|
|
|
Auth.createRoutes(Auth.app);
|
2013-11-28 10:30:29 -05:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2013-05-09 06:26:32 +00:00
|
|
|
Auth.initialize = function(app) {
|
|
|
|
|
app.use(passport.initialize());
|
|
|
|
|
app.use(passport.session());
|
2014-03-02 14:45:57 -05:00
|
|
|
};
|
2013-08-23 13:14:36 -04:00
|
|
|
|
2013-05-09 06:26:32 +00:00
|
|
|
|
|
|
|
|
Auth.get_login_strategies = function() {
|
|
|
|
|
return login_strategies;
|
2014-03-02 14:45:57 -05:00
|
|
|
};
|
2013-05-09 06:26:32 +00:00
|
|
|
|
2013-11-28 11:13:03 -05:00
|
|
|
Auth.registerApp = function(app) {
|
|
|
|
|
Auth.app = app;
|
2014-03-02 14:45:57 -05:00
|
|
|
};
|
2013-11-28 11:13:03 -05:00
|
|
|
|
2013-11-12 12:41:16 -05:00
|
|
|
Auth.createRoutes = function(app) {
|
2014-01-04 17:10:56 -05:00
|
|
|
app.namespace(nconf.get('relative_path'), function () {
|
|
|
|
|
app.post('/logout', function(req, res) {
|
2014-02-10 16:32:47 -05:00
|
|
|
if (req.user && parseInt(req.user.uid, 10) > 0) {
|
2014-01-04 17:10:56 -05:00
|
|
|
winston.info('[Auth] Session ' + req.sessionID + ' logout (uid: ' + req.user.uid + ')');
|
2013-09-19 12:29:25 -04:00
|
|
|
|
2014-01-09 20:13:17 -05:00
|
|
|
var ws = require('../socket.io');
|
2014-01-04 17:10:56 -05:00
|
|
|
ws.logoutUser(req.user.uid);
|
2013-09-24 15:59:08 -04:00
|
|
|
|
2014-01-04 17:10:56 -05:00
|
|
|
req.logout();
|
|
|
|
|
}
|
2013-05-09 06:26:32 +00:00
|
|
|
|
2014-03-02 14:45:57 -05:00
|
|
|
res.send(200);
|
2013-07-24 18:54:14 -04:00
|
|
|
});
|
2013-05-09 06:26:32 +00:00
|
|
|
|
2014-01-04 17:10:56 -05:00
|
|
|
for (var i in login_strategies) {
|
2014-03-02 14:45:57 -05:00
|
|
|
if (login_strategies.hasOwnProperty(i)) {
|
|
|
|
|
var strategy = login_strategies[i];
|
|
|
|
|
app.get(strategy.url, passport.authenticate(strategy.name, {
|
|
|
|
|
scope: strategy.scope
|
|
|
|
|
}));
|
|
|
|
|
|
|
|
|
|
app.get(strategy.callbackURL, passport.authenticate(strategy.name, {
|
|
|
|
|
successRedirect: '/',
|
|
|
|
|
failureRedirect: '/login'
|
|
|
|
|
}));
|
|
|
|
|
}
|
2014-01-04 17:10:56 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
app.post('/login', function(req, res, next) {
|
2014-02-24 17:06:41 -05:00
|
|
|
passport.authenticate('local', function(err, userData, info) {
|
2014-01-04 17:10:56 -05:00
|
|
|
if (err) {
|
|
|
|
|
return next(err);
|
|
|
|
|
}
|
2014-02-20 18:30:15 -05:00
|
|
|
|
2014-02-24 17:06:41 -05:00
|
|
|
if (!userData) {
|
2014-02-20 18:30:15 -05:00
|
|
|
return res.json(403, info);
|
2014-01-04 17:10:56 -05:00
|
|
|
}
|
2014-01-31 15:27:13 -05:00
|
|
|
|
|
|
|
|
// Alter user cookie depending on passed-in option
|
|
|
|
|
if (req.body.remember === 'true') {
|
2014-02-13 21:06:41 -05:00
|
|
|
var duration = 1000*60*60*24*parseInt(meta.configs.loginDays || 14, 10);
|
|
|
|
|
req.session.cookie.maxAge = duration;
|
|
|
|
|
req.session.cookie.expires = new Date(Date.now() + duration);
|
2014-01-31 15:27:13 -05:00
|
|
|
} else {
|
2014-02-13 21:06:41 -05:00
|
|
|
req.session.cookie.maxAge = false;
|
2014-01-31 15:27:13 -05:00
|
|
|
req.session.cookie.expires = false;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-09 06:26:32 +00:00
|
|
|
req.login({
|
2014-02-24 17:06:41 -05:00
|
|
|
uid: userData.uid
|
2013-05-09 06:26:32 +00:00
|
|
|
}, function() {
|
2014-02-24 17:06:41 -05:00
|
|
|
if (userData.uid) {
|
|
|
|
|
user.logIP(userData.uid, req.ip);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
res.json(200, info);
|
2013-05-09 06:26:32 +00:00
|
|
|
});
|
2014-01-04 17:10:56 -05:00
|
|
|
})(req, res, next);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
app.post('/register', function(req, res) {
|
|
|
|
|
if(meta.config.allowRegistration !== undefined && parseInt(meta.config.allowRegistration, 10) === 0) {
|
|
|
|
|
return res.send(403);
|
2013-05-09 06:26:32 +00:00
|
|
|
}
|
2014-01-04 17:10:56 -05:00
|
|
|
|
2014-01-20 12:41:35 -05:00
|
|
|
user.create({username: req.body.username, password: req.body.password, email: req.body.email, ip: req.ip}, function(err, uid) {
|
2014-01-04 17:10:56 -05:00
|
|
|
if (err === null && uid) {
|
|
|
|
|
req.login({
|
|
|
|
|
uid: uid
|
|
|
|
|
}, function() {
|
|
|
|
|
|
2014-01-09 20:13:17 -05:00
|
|
|
require('../socket.io').emitUserCount();
|
2014-01-04 17:10:56 -05:00
|
|
|
|
2014-03-02 14:45:57 -05:00
|
|
|
if(req.body.referrer) {
|
2014-01-04 17:10:56 -05:00
|
|
|
res.redirect(req.body.referrer);
|
2014-03-02 14:45:57 -05:00
|
|
|
} else {
|
2014-01-04 17:10:56 -05:00
|
|
|
res.redirect(nconf.get('relative_path') + '/');
|
2014-03-02 14:45:57 -05:00
|
|
|
}
|
2014-01-04 17:10:56 -05:00
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
res.redirect(nconf.get('relative_path') + '/register');
|
|
|
|
|
}
|
|
|
|
|
});
|
2013-05-09 06:26:32 +00:00
|
|
|
});
|
|
|
|
|
});
|
2014-03-02 14:45:57 -05:00
|
|
|
};
|
2014-01-27 13:37:31 -05:00
|
|
|
|
|
|
|
|
Auth.login = function(username, password, next) {
|
|
|
|
|
if (!username || !password) {
|
2014-02-20 18:30:15 -05:00
|
|
|
return next(new Error('invalid-user'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var userslug = utils.slugify(username);
|
|
|
|
|
|
|
|
|
|
user.getUidByUserslug(userslug, function(err, uid) {
|
|
|
|
|
if (err) {
|
|
|
|
|
return next(err);
|
|
|
|
|
}
|
2014-01-27 13:37:31 -05:00
|
|
|
|
2014-02-20 18:30:15 -05:00
|
|
|
if(!uid) {
|
2014-02-24 17:06:41 -05:00
|
|
|
// Even if a user doesn't exist, compare passwords anyway, so we don't immediately return
|
2014-02-20 18:30:15 -05:00
|
|
|
return next(null, false, 'user doesn\'t exist');
|
|
|
|
|
}
|
2014-01-27 13:37:31 -05:00
|
|
|
|
2014-02-20 18:30:15 -05:00
|
|
|
user.getUserFields(uid, ['password', 'banned'], function(err, userData) {
|
2014-01-27 13:37:31 -05:00
|
|
|
if (err) {
|
2014-02-20 18:30:15 -05:00
|
|
|
return next(err);
|
2014-01-27 13:37:31 -05:00
|
|
|
}
|
|
|
|
|
|
2014-02-20 18:30:15 -05:00
|
|
|
if (!userData || !userData.password) {
|
|
|
|
|
return next(new Error('invalid userdata or password'));
|
|
|
|
|
}
|
2014-01-27 13:37:31 -05:00
|
|
|
|
2014-02-20 18:30:15 -05:00
|
|
|
if (userData.banned && parseInt(userData.banned, 10) === 1) {
|
|
|
|
|
return next(null, false, 'User banned');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bcrypt.compare(password, userData.password, function(err, res) {
|
|
|
|
|
if (err) {
|
|
|
|
|
winston.err(err.message);
|
|
|
|
|
return next(new Error('bcrypt compare error'));
|
2014-01-27 13:37:31 -05:00
|
|
|
}
|
|
|
|
|
|
2014-02-20 18:30:15 -05:00
|
|
|
if (!res) {
|
2014-02-24 17:06:41 -05:00
|
|
|
return next(null, false, 'invalid-password');
|
2014-02-20 18:30:15 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
next(null, {
|
|
|
|
|
uid: uid
|
|
|
|
|
}, 'Authentication successful');
|
2014-01-27 13:37:31 -05:00
|
|
|
});
|
|
|
|
|
});
|
2014-02-20 18:30:15 -05:00
|
|
|
});
|
2014-03-02 14:45:57 -05:00
|
|
|
};
|
2014-02-20 18:30:15 -05:00
|
|
|
|
|
|
|
|
passport.use(new passportLocal(Auth.login));
|
|
|
|
|
|
|
|
|
|
passport.serializeUser(function(user, done) {
|
|
|
|
|
done(null, user.uid);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
passport.deserializeUser(function(uid, done) {
|
|
|
|
|
done(null, {
|
|
|
|
|
uid: uid
|
|
|
|
|
});
|
|
|
|
|
});
|
2013-05-09 06:26:32 +00:00
|
|
|
}(exports));
|
