2017-02-18 01:56:23 -07:00
|
|
|
'use strict';
|
2015-06-17 14:13:29 -04:00
|
|
|
|
2016-03-08 12:17:12 +02:00
|
|
|
var async = require('async');
|
|
|
|
|
var winston = require('winston');
|
|
|
|
|
var passport = require('passport');
|
|
|
|
|
var nconf = require('nconf');
|
|
|
|
|
var validator = require('validator');
|
2017-05-26 01:39:40 -06:00
|
|
|
var _ = require('lodash');
|
2016-03-08 12:17:12 +02:00
|
|
|
|
|
|
|
|
var db = require('../database');
|
|
|
|
|
var meta = require('../meta');
|
|
|
|
|
var user = require('../user');
|
|
|
|
|
var plugins = require('../plugins');
|
2017-04-08 20:22:21 -06:00
|
|
|
var utils = require('../utils');
|
2017-05-05 19:50:50 -04:00
|
|
|
var translator = require('../translator');
|
2017-07-20 08:51:04 -04:00
|
|
|
var helpers = require('./helpers');
|
2018-09-29 06:49:41 -04:00
|
|
|
var privileges = require('../privileges');
|
2016-11-11 16:47:59 -05:00
|
|
|
var sockets = require('../socket.io');
|
|
|
|
|
|
2017-04-24 13:31:38 -04:00
|
|
|
var authenticationController = module.exports;
|
2015-06-17 14:13:29 -04:00
|
|
|
|
2017-02-18 15:05:36 -07:00
|
|
|
authenticationController.register = function (req, res) {
|
2015-06-27 21:26:19 -04:00
|
|
|
var registrationType = meta.config.registrationType || 'normal';
|
|
|
|
|
|
|
|
|
|
if (registrationType === 'disabled') {
|
2015-06-17 14:13:29 -04:00
|
|
|
return res.sendStatus(403);
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-23 15:53:29 -04:00
|
|
|
var userData = req.body;
|
2015-06-17 14:13:29 -04:00
|
|
|
|
|
|
|
|
async.waterfall([
|
2016-10-13 11:43:39 +02:00
|
|
|
function (next) {
|
2016-04-19 21:03:00 -04:00
|
|
|
if (registrationType === 'invite-only' || registrationType === 'admin-invite-only') {
|
2015-06-28 21:54:21 -04:00
|
|
|
user.verifyInvitation(userData, next);
|
|
|
|
|
} else {
|
|
|
|
|
next();
|
|
|
|
|
}
|
|
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
function (next) {
|
2015-06-17 14:13:29 -04:00
|
|
|
if (!userData.email) {
|
|
|
|
|
return next(new Error('[[error:invalid-email]]'));
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-01 18:40:34 -04:00
|
|
|
if (!userData.username || userData.username.length < meta.config.minimumUsernameLength || utils.slugify(userData.username).length < meta.config.minimumUsernameLength) {
|
2015-06-17 14:13:29 -04:00
|
|
|
return next(new Error('[[error:username-too-short]]'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (userData.username.length > meta.config.maximumUsernameLength) {
|
2017-05-12 09:56:19 -04:00
|
|
|
return next(new Error('[[error:username-too-long]]'));
|
2015-06-17 14:13:29 -04:00
|
|
|
}
|
|
|
|
|
|
2017-07-20 08:51:04 -04:00
|
|
|
if (userData.password !== userData['password-confirm']) {
|
|
|
|
|
return next(new Error('[[user:change_password_error_match]]'));
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-14 15:50:02 -04:00
|
|
|
user.isPasswordValid(userData.password, next);
|
2015-06-17 14:13:29 -04:00
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
function (next) {
|
2017-12-11 11:40:42 -05:00
|
|
|
res.locals.processLogin = true; // set it to false in plugin if you wish to just register only
|
|
|
|
|
plugins.fireHook('filter:register.check', { req: req, res: res, userData: userData }, next);
|
|
|
|
|
},
|
|
|
|
|
function (result, next) {
|
2017-12-05 13:18:37 -05:00
|
|
|
registerAndLoginUser(req, res, userData, next);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
], function (err, data) {
|
2015-06-27 21:26:19 -04:00
|
|
|
if (err) {
|
2017-07-20 08:51:04 -04:00
|
|
|
return helpers.noScriptErrors(req, res, err.message, 400);
|
2015-06-27 21:26:19 -04:00
|
|
|
}
|
|
|
|
|
|
2017-05-23 17:41:40 -04:00
|
|
|
if (data.uid && req.body.userLang) {
|
2015-10-06 06:13:25 -04:00
|
|
|
user.setSetting(data.uid, 'userLang', req.body.userLang);
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-27 21:26:19 -04:00
|
|
|
res.json(data);
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
2016-02-10 15:26:14 -05:00
|
|
|
function registerAndLoginUser(req, res, userData, callback) {
|
2015-06-27 21:26:19 -04:00
|
|
|
var uid;
|
|
|
|
|
async.waterfall([
|
2016-10-13 11:43:39 +02:00
|
|
|
function (next) {
|
2016-06-08 16:05:40 -04:00
|
|
|
plugins.fireHook('filter:register.interstitial', {
|
|
|
|
|
userData: userData,
|
2017-02-17 19:31:21 -07:00
|
|
|
interstitials: [],
|
2017-05-23 17:37:16 -04:00
|
|
|
}, next);
|
|
|
|
|
},
|
|
|
|
|
function (data, next) {
|
|
|
|
|
// If interstitials are found, save registration attempt into session and abort
|
|
|
|
|
var deferRegistration = data.interstitials.length;
|
|
|
|
|
|
|
|
|
|
if (!deferRegistration) {
|
|
|
|
|
return next();
|
|
|
|
|
}
|
|
|
|
|
userData.register = true;
|
|
|
|
|
req.session.registration = userData;
|
2017-07-20 08:51:04 -04:00
|
|
|
|
|
|
|
|
if (req.body.noscript === 'true') {
|
|
|
|
|
return res.redirect(nconf.get('relative_path') + '/register/complete');
|
|
|
|
|
}
|
2017-05-23 17:37:16 -04:00
|
|
|
return res.json({ referrer: nconf.get('relative_path') + '/register/complete' });
|
2016-06-08 16:05:40 -04:00
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
function (next) {
|
2017-12-05 13:18:37 -05:00
|
|
|
user.shouldQueueUser(req.ip, next);
|
|
|
|
|
},
|
|
|
|
|
function (queue, next) {
|
2017-12-11 11:40:42 -05:00
|
|
|
plugins.fireHook('filter:register.shouldQueue', { req: req, res: res, userData: userData, queue: queue }, next);
|
2017-12-05 13:18:37 -05:00
|
|
|
},
|
|
|
|
|
function (data, next) {
|
|
|
|
|
if (data.queue) {
|
|
|
|
|
addToApprovalQueue(req, userData, callback);
|
|
|
|
|
} else {
|
|
|
|
|
user.create(userData, next);
|
|
|
|
|
}
|
2015-06-17 14:13:29 -04:00
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
function (_uid, next) {
|
2015-06-17 14:13:29 -04:00
|
|
|
uid = _uid;
|
2016-03-08 12:17:12 +02:00
|
|
|
if (res.locals.processLogin) {
|
|
|
|
|
authenticationController.doLogin(req, uid, next);
|
2016-02-10 15:26:14 -05:00
|
|
|
} else {
|
|
|
|
|
next();
|
|
|
|
|
}
|
2015-06-17 14:13:29 -04:00
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
function (next) {
|
2016-03-06 11:59:31 -06:00
|
|
|
user.deleteInvitationKey(userData.email);
|
2017-02-18 12:30:49 -07:00
|
|
|
plugins.fireHook('filter:register.complete', { uid: uid, referrer: req.body.referrer || nconf.get('relative_path') + '/' }, next);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2015-06-27 21:26:19 -04:00
|
|
|
], callback);
|
|
|
|
|
}
|
2015-06-17 14:13:29 -04:00
|
|
|
|
2016-02-01 21:12:23 +02:00
|
|
|
function addToApprovalQueue(req, userData, callback) {
|
2015-06-27 21:26:19 -04:00
|
|
|
async.waterfall([
|
2016-10-13 11:43:39 +02:00
|
|
|
function (next) {
|
2015-06-27 21:26:19 -04:00
|
|
|
userData.ip = req.ip;
|
|
|
|
|
user.addToApprovalQueue(userData, next);
|
|
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
function (next) {
|
2017-02-18 12:30:49 -07:00
|
|
|
next(null, { message: '[[register:registration-added-to-queue]]' });
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2015-06-27 21:26:19 -04:00
|
|
|
], callback);
|
|
|
|
|
}
|
2015-06-17 14:13:29 -04:00
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
authenticationController.registerComplete = function (req, res, next) {
|
2016-06-22 14:40:34 -04:00
|
|
|
// For the interstitials that respond, execute the callback with the form body
|
|
|
|
|
plugins.fireHook('filter:register.interstitial', {
|
|
|
|
|
userData: req.session.registration,
|
2017-02-17 19:31:21 -07:00
|
|
|
interstitials: [],
|
2016-10-13 11:43:39 +02:00
|
|
|
}, function (err, data) {
|
2016-08-16 19:46:59 +02:00
|
|
|
if (err) {
|
|
|
|
|
return next(err);
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
var callbacks = data.interstitials.reduce(function (memo, cur) {
|
2016-06-22 14:40:34 -04:00
|
|
|
if (cur.hasOwnProperty('callback') && typeof cur.callback === 'function') {
|
2018-04-06 10:16:26 -04:00
|
|
|
memo.push(function (next) {
|
|
|
|
|
cur.callback(req.session.registration, req.body, function (err) {
|
|
|
|
|
// Pass error as second argument so all callbacks are executed
|
|
|
|
|
next(null, err);
|
|
|
|
|
});
|
|
|
|
|
});
|
2016-06-22 14:40:34 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return memo;
|
|
|
|
|
}, []);
|
|
|
|
|
|
2017-12-05 13:18:37 -05:00
|
|
|
var done = function (err, data) {
|
2016-06-22 16:47:24 -04:00
|
|
|
delete req.session.registration;
|
2017-12-05 13:18:37 -05:00
|
|
|
if (!err && data && data.message) {
|
|
|
|
|
return res.redirect(nconf.get('relative_path') + '/?register=' + encodeURIComponent(data.message));
|
|
|
|
|
}
|
2016-06-22 16:47:24 -04:00
|
|
|
if (req.session.returnTo) {
|
|
|
|
|
res.redirect(req.session.returnTo);
|
|
|
|
|
} else {
|
|
|
|
|
res.redirect(nconf.get('relative_path') + '/');
|
|
|
|
|
}
|
2016-08-22 16:24:28 -04:00
|
|
|
};
|
2016-06-22 16:47:24 -04:00
|
|
|
|
2018-04-06 10:16:26 -04:00
|
|
|
async.parallel(callbacks, function (_blank, err) {
|
|
|
|
|
if (err.length) {
|
2018-05-01 15:21:15 -04:00
|
|
|
err = err.filter(Boolean).map(function (err) {
|
2018-04-06 10:16:26 -04:00
|
|
|
return err.message;
|
2018-05-01 15:21:15 -04:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-01 15:25:11 -04:00
|
|
|
if (err.length) {
|
2018-05-01 15:21:15 -04:00
|
|
|
req.flash('errors', err);
|
2016-06-22 14:40:34 -04:00
|
|
|
return res.redirect(nconf.get('relative_path') + '/register/complete');
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-22 16:47:24 -04:00
|
|
|
if (req.session.registration.register === true) {
|
|
|
|
|
res.locals.processLogin = true;
|
|
|
|
|
registerAndLoginUser(req, res, req.session.registration, done);
|
2016-06-22 14:40:34 -04:00
|
|
|
} else {
|
2018-05-02 13:02:07 -04:00
|
|
|
// Update user hash, clear registration data in session
|
|
|
|
|
const payload = req.session.registration;
|
|
|
|
|
const uid = payload.uid;
|
|
|
|
|
delete payload.uid;
|
|
|
|
|
|
|
|
|
|
Object.keys(payload).forEach((prop) => {
|
|
|
|
|
if (typeof payload[prop] === 'boolean') {
|
|
|
|
|
payload[prop] = payload[prop] ? 1 : 0;
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
user.setUserFields(uid, payload, done);
|
2016-06-22 14:40:34 -04:00
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
});
|
2016-06-22 12:42:37 -04:00
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
authenticationController.registerAbort = function (req, res) {
|
2016-06-22 16:47:24 -04:00
|
|
|
// End the session and redirect to home
|
2016-10-13 11:43:39 +02:00
|
|
|
req.session.destroy(function () {
|
2016-06-22 16:47:24 -04:00
|
|
|
res.redirect(nconf.get('relative_path') + '/');
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
authenticationController.login = function (req, res, next) {
|
2015-06-17 14:13:29 -04:00
|
|
|
if (plugins.hasListeners('action:auth.overrideLogin')) {
|
|
|
|
|
return continueLogin(req, res, next);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var loginWith = meta.config.allowLoginWith || 'username-email';
|
|
|
|
|
|
2018-10-20 14:40:48 -04:00
|
|
|
if (req.body.username && utils.isEmailValid(req.body.username) && loginWith.includes('email')) {
|
2017-05-23 22:09:25 -04:00
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
|
|
|
|
user.getUsernameByEmail(req.body.username, next);
|
|
|
|
|
},
|
|
|
|
|
function (username, next) {
|
|
|
|
|
req.body.username = username || req.body.username;
|
|
|
|
|
continueLogin(req, res, next);
|
|
|
|
|
},
|
|
|
|
|
], next);
|
2018-10-20 14:40:48 -04:00
|
|
|
} else if (loginWith.includes('username') && !validator.isEmail(req.body.username)) {
|
2015-06-17 14:13:29 -04:00
|
|
|
continueLogin(req, res, next);
|
|
|
|
|
} else {
|
2017-07-20 08:51:04 -04:00
|
|
|
var err = '[[error:wrong-login-type-' + loginWith + ']]';
|
|
|
|
|
helpers.noScriptErrors(req, res, err, 500);
|
2015-06-17 14:13:29 -04:00
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
function continueLogin(req, res, next) {
|
2016-10-13 11:43:39 +02:00
|
|
|
passport.authenticate('local', function (err, userData, info) {
|
2015-06-17 14:13:29 -04:00
|
|
|
if (err) {
|
2017-07-20 08:51:04 -04:00
|
|
|
return helpers.noScriptErrors(req, res, err.message, 403);
|
2015-06-17 14:13:29 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!userData) {
|
|
|
|
|
if (typeof info === 'object') {
|
|
|
|
|
info = '[[error:invalid-username-or-password]]';
|
|
|
|
|
}
|
2017-07-20 08:51:04 -04:00
|
|
|
return helpers.noScriptErrors(req, res, info, 403);
|
2015-06-17 14:13:29 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var passwordExpiry = userData.passwordExpiry !== undefined ? parseInt(userData.passwordExpiry, 10) : null;
|
|
|
|
|
|
|
|
|
|
// Alter user cookie depending on passed-in option
|
|
|
|
|
if (req.body.remember === 'on') {
|
2018-10-21 16:47:51 -04:00
|
|
|
var duration = 1000 * 60 * 60 * 24 * meta.config.loginDays;
|
2015-06-17 14:13:29 -04:00
|
|
|
req.session.cookie.maxAge = duration;
|
|
|
|
|
req.session.cookie.expires = new Date(Date.now() + duration);
|
|
|
|
|
} else {
|
|
|
|
|
req.session.cookie.maxAge = false;
|
|
|
|
|
req.session.cookie.expires = false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (passwordExpiry && passwordExpiry < Date.now()) {
|
|
|
|
|
winston.verbose('[auth] Triggering password reset for uid ' + userData.uid + ' due to password policy');
|
|
|
|
|
req.session.passwordExpired = true;
|
2016-10-13 11:43:39 +02:00
|
|
|
user.reset.generate(userData.uid, function (err, code) {
|
2016-08-16 19:46:59 +02:00
|
|
|
if (err) {
|
2017-07-20 08:51:04 -04:00
|
|
|
return helpers.noScriptErrors(req, res, err.message, 403);
|
2016-08-16 19:46:59 +02:00
|
|
|
}
|
|
|
|
|
|
2015-06-17 14:13:29 -04:00
|
|
|
res.status(200).send(nconf.get('relative_path') + '/reset/' + code);
|
|
|
|
|
});
|
|
|
|
|
} else {
|
2016-10-13 11:43:39 +02:00
|
|
|
authenticationController.doLogin(req, userData.uid, function (err) {
|
2015-06-17 14:13:29 -04:00
|
|
|
if (err) {
|
2017-07-20 08:51:04 -04:00
|
|
|
return helpers.noScriptErrors(req, res, err.message, 403);
|
2015-06-17 14:13:29 -04:00
|
|
|
}
|
2015-12-23 10:48:45 -05:00
|
|
|
|
2017-07-20 08:51:04 -04:00
|
|
|
var destination;
|
2015-06-17 14:13:29 -04:00
|
|
|
if (!req.session.returnTo) {
|
2017-07-20 08:51:04 -04:00
|
|
|
destination = nconf.get('relative_path') + '/';
|
2015-06-17 14:13:29 -04:00
|
|
|
} else {
|
2017-07-20 08:51:04 -04:00
|
|
|
destination = req.session.returnTo;
|
2015-06-17 14:13:29 -04:00
|
|
|
delete req.session.returnTo;
|
2017-07-20 08:51:04 -04:00
|
|
|
}
|
2015-06-17 14:13:29 -04:00
|
|
|
|
2017-07-20 08:51:04 -04:00
|
|
|
if (req.body.noscript === 'true') {
|
|
|
|
|
res.redirect(destination + '?loggedin');
|
|
|
|
|
} else {
|
|
|
|
|
res.status(200).send(destination);
|
2015-06-17 14:13:29 -04:00
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
})(req, res, next);
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
authenticationController.doLogin = function (req, uid, callback) {
|
2016-03-08 12:17:12 +02:00
|
|
|
if (!uid) {
|
|
|
|
|
return callback();
|
|
|
|
|
}
|
2017-05-23 15:37:32 -04:00
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
|
|
|
|
req.login({ uid: uid }, next);
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
|
|
|
|
authenticationController.onSuccessfulLogin(req, uid, next);
|
|
|
|
|
},
|
|
|
|
|
], callback);
|
2016-03-08 12:29:19 +02:00
|
|
|
};
|
2016-02-26 16:45:44 +02:00
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
authenticationController.onSuccessfulLogin = function (req, uid, callback) {
|
2016-03-08 12:29:19 +02:00
|
|
|
var uuid = utils.generateUUID();
|
|
|
|
|
|
2017-05-23 15:37:32 -04:00
|
|
|
async.waterfall([
|
2016-03-08 12:29:19 +02:00
|
|
|
function (next) {
|
2017-11-30 14:24:13 -05:00
|
|
|
meta.blacklist.test(req.ip, next);
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
|
|
|
|
user.logIP(uid, req.ip, next);
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
|
|
|
|
req.session.meta = {};
|
|
|
|
|
|
|
|
|
|
delete req.session.forceLogin;
|
|
|
|
|
// Associate IP used during login with user account
|
|
|
|
|
req.session.meta.ip = req.ip;
|
|
|
|
|
|
|
|
|
|
// Associate metadata retrieved via user-agent
|
|
|
|
|
req.session.meta = _.extend(req.session.meta, {
|
|
|
|
|
uuid: uuid,
|
|
|
|
|
datetime: Date.now(),
|
|
|
|
|
platform: req.useragent.platform,
|
|
|
|
|
browser: req.useragent.browser,
|
|
|
|
|
version: req.useragent.version,
|
|
|
|
|
});
|
|
|
|
|
|
2017-05-23 15:37:32 -04:00
|
|
|
async.parallel([
|
|
|
|
|
function (next) {
|
|
|
|
|
user.auth.addSession(uid, req.sessionID, next);
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
|
|
|
|
db.setObjectField('uid:' + uid + ':sessionUUID:sessionId', uuid, req.sessionID, next);
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
|
|
|
|
user.updateLastOnlineTime(uid, next);
|
|
|
|
|
},
|
|
|
|
|
], function (err) {
|
|
|
|
|
next(err);
|
|
|
|
|
});
|
2016-09-21 17:09:30 +03:00
|
|
|
},
|
|
|
|
|
function (next) {
|
2017-05-23 15:37:32 -04:00
|
|
|
// Force session check for all connected socket.io clients with the same session id
|
|
|
|
|
sockets.in('sess_' + req.sessionID).emit('checkSession', uid);
|
2016-11-11 16:47:59 -05:00
|
|
|
|
2017-05-23 15:37:32 -04:00
|
|
|
plugins.fireHook('action:user.loggedIn', { uid: uid, req: req });
|
|
|
|
|
next();
|
|
|
|
|
},
|
2017-08-23 12:13:52 -04:00
|
|
|
], function (err) {
|
|
|
|
|
if (err) {
|
|
|
|
|
req.session.destroy();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (typeof callback === 'function') {
|
|
|
|
|
callback(err);
|
|
|
|
|
} else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-03-08 12:17:12 +02:00
|
|
|
};
|
2016-02-26 16:45:44 +02:00
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
authenticationController.localLogin = function (req, username, password, next) {
|
2016-01-10 10:26:47 +02:00
|
|
|
if (!username) {
|
|
|
|
|
return next(new Error('[[error:invalid-username]]'));
|
2015-06-17 14:13:29 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var userslug = utils.slugify(username);
|
2017-02-17 20:20:42 -07:00
|
|
|
var uid;
|
|
|
|
|
var userData = {};
|
2015-06-17 14:13:29 -04:00
|
|
|
|
2017-04-22 14:38:43 -04:00
|
|
|
if (!password || !utils.isPasswordValid(password)) {
|
|
|
|
|
return next(new Error('[[error:invalid-password]]'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (password.length > 4096) {
|
|
|
|
|
return next(new Error('[[error:password-too-long]]'));
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-17 14:13:29 -04:00
|
|
|
async.waterfall([
|
2016-01-10 10:26:47 +02:00
|
|
|
function (next) {
|
2015-06-17 14:13:29 -04:00
|
|
|
user.getUidByUserslug(userslug, next);
|
|
|
|
|
},
|
2016-01-10 10:26:47 +02:00
|
|
|
function (_uid, next) {
|
2015-06-17 14:13:29 -04:00
|
|
|
uid = _uid;
|
2017-04-24 13:31:38 -04:00
|
|
|
|
2015-06-17 14:13:29 -04:00
|
|
|
async.parallel({
|
2018-07-27 12:34:51 -04:00
|
|
|
userData: async.apply(db.getObjectFields, 'user:' + uid, ['passwordExpiry']),
|
2018-04-18 17:59:38 -04:00
|
|
|
isAdminOrGlobalMod: function (next) {
|
|
|
|
|
user.isAdminOrGlobalMod(uid, next);
|
2016-06-29 12:07:23 -04:00
|
|
|
},
|
2016-10-13 11:43:39 +02:00
|
|
|
banned: function (next) {
|
2016-06-29 12:07:23 -04:00
|
|
|
user.isBanned(uid, next);
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2018-09-29 06:49:41 -04:00
|
|
|
hasLoginPrivilege: function (next) {
|
|
|
|
|
privileges.global.can('local:login', uid, next);
|
|
|
|
|
},
|
2015-06-17 14:13:29 -04:00
|
|
|
}, next);
|
|
|
|
|
},
|
2016-01-10 10:26:47 +02:00
|
|
|
function (result, next) {
|
2018-07-27 12:34:51 -04:00
|
|
|
userData = Object.assign(result.userData, {
|
2018-07-26 16:38:36 -04:00
|
|
|
uid: uid,
|
|
|
|
|
isAdminOrGlobalMod: result.isAdminOrGlobalMod,
|
2018-07-27 12:34:51 -04:00
|
|
|
});
|
2015-06-17 14:13:29 -04:00
|
|
|
|
2018-09-29 06:49:41 -04:00
|
|
|
if (parseInt(uid, 10) && !result.hasLoginPrivilege) {
|
2015-06-17 14:13:29 -04:00
|
|
|
return next(new Error('[[error:local-login-disabled]]'));
|
|
|
|
|
}
|
2017-05-05 19:50:50 -04:00
|
|
|
|
2016-06-29 12:07:23 -04:00
|
|
|
if (result.banned) {
|
2017-05-23 22:09:25 -04:00
|
|
|
return getBanInfo(uid, next);
|
2015-06-17 14:13:29 -04:00
|
|
|
}
|
2016-06-29 12:07:23 -04:00
|
|
|
|
2018-07-27 11:54:23 -04:00
|
|
|
user.isPasswordCorrect(uid, password, req.ip, next);
|
2015-06-17 14:13:29 -04:00
|
|
|
},
|
2016-01-10 10:26:47 +02:00
|
|
|
function (passwordMatch, next) {
|
2015-06-17 14:13:29 -04:00
|
|
|
if (!passwordMatch) {
|
2017-04-24 13:31:38 -04:00
|
|
|
return next(new Error('[[error:invalid-login-credentials]]'));
|
2015-06-17 14:13:29 -04:00
|
|
|
}
|
2018-07-27 11:54:23 -04:00
|
|
|
|
2015-06-17 14:13:29 -04:00
|
|
|
next(null, userData, '[[success:authentication-successful]]');
|
2017-02-17 19:31:21 -07:00
|
|
|
},
|
2015-06-17 14:13:29 -04:00
|
|
|
], next);
|
|
|
|
|
};
|
|
|
|
|
|
2016-10-13 11:43:39 +02:00
|
|
|
authenticationController.logout = function (req, res, next) {
|
2018-01-31 15:20:17 -05:00
|
|
|
if (!req.loggedIn || !req.sessionID) {
|
2017-05-23 22:09:25 -04:00
|
|
|
return res.status(200).send('not-logged-in');
|
|
|
|
|
}
|
2016-11-11 16:47:59 -05:00
|
|
|
|
2017-05-23 22:09:25 -04:00
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
|
|
|
|
user.auth.revokeSession(req.sessionID, req.uid, next);
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
2015-06-17 14:13:29 -04:00
|
|
|
req.logout();
|
2017-11-02 18:21:25 -04:00
|
|
|
req.session.destroy(function (err) {
|
|
|
|
|
next(err);
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
2017-05-23 22:09:25 -04:00
|
|
|
user.setUserField(req.uid, 'lastonline', Date.now() - 300000, next);
|
|
|
|
|
},
|
|
|
|
|
function (next) {
|
|
|
|
|
plugins.fireHook('static:user.loggedOut', { req: req, res: res, uid: req.uid }, next);
|
|
|
|
|
},
|
|
|
|
|
function () {
|
|
|
|
|
// Force session check for all connected socket.io clients with the same session id
|
|
|
|
|
sockets.in('sess_' + req.sessionID).emit('checkSession', 0);
|
2017-07-20 08:51:04 -04:00
|
|
|
if (req.body.noscript === 'true') {
|
|
|
|
|
res.redirect(nconf.get('relative_path') + '/');
|
|
|
|
|
} else {
|
|
|
|
|
res.status(200).send('');
|
|
|
|
|
}
|
2017-05-23 22:09:25 -04:00
|
|
|
},
|
|
|
|
|
], next);
|
2015-06-17 14:13:29 -04:00
|
|
|
};
|
|
|
|
|
|
2017-05-23 22:09:25 -04:00
|
|
|
function getBanInfo(uid, callback) {
|
|
|
|
|
var banInfo;
|
|
|
|
|
async.waterfall([
|
|
|
|
|
function (next) {
|
|
|
|
|
user.getLatestBanInfo(uid, next);
|
|
|
|
|
},
|
|
|
|
|
function (_banInfo, next) {
|
|
|
|
|
banInfo = _banInfo;
|
|
|
|
|
if (banInfo.reason) {
|
|
|
|
|
return next();
|
2017-05-05 19:50:50 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
translator.translate('[[user:info.banned-no-reason]]', function (translated) {
|
|
|
|
|
banInfo.reason = translated;
|
2017-05-23 22:09:25 -04:00
|
|
|
next();
|
2017-05-05 19:50:50 -04:00
|
|
|
});
|
2017-05-23 22:09:25 -04:00
|
|
|
},
|
|
|
|
|
function (next) {
|
2017-05-05 19:50:50 -04:00
|
|
|
next(new Error(banInfo.expiry ? '[[error:user-banned-reason-until, ' + banInfo.expiry_readable + ', ' + banInfo.reason + ']]' : '[[error:user-banned-reason, ' + banInfo.reason + ']]'));
|
2017-05-23 22:09:25 -04:00
|
|
|
},
|
|
|
|
|
], function (err) {
|
|
|
|
|
if (err) {
|
|
|
|
|
if (err.message === 'no-ban-info') {
|
|
|
|
|
err.message = '[[error:user-banned]]';
|
|
|
|
|
}
|
2017-05-05 19:50:50 -04:00
|
|
|
}
|
2017-05-23 22:09:25 -04:00
|
|
|
callback(err);
|
2017-05-05 19:50:50 -04:00
|
|
|
});
|
|
|
|
|
}
|
