src/login.js

var user = require('./user'),
	bcrypt = require('bcrypt'),
	db = require('./database'),
	path = require('path'),
	winston = require('winston'),
	utils = require('./../public/src/utils');

(function(Login) {

	Login.loginViaLocal = function(username, password, next) {
		if (!username || !password) {
			return next({
				status: 'error',
				message: 'invalid-user'
			});
		} else {

			var userslug = utils.slugify(username);

			user.getUidByUserslug(userslug, function(err, uid) {

				if (err) {
					return next(new Error('redis-error'));
				} else if (uid == null) {
					return next(new Error('invalid-user'));
				}

				user.getUserFields(uid, ['password', 'banned'], function(err, userData) {
					if (err) return next(err);

					if (userData.banned && parseInt(userData.banned, 10) === 1) {
						return next({
							status: "error",
							message: "user-banned"
						});
					}

					bcrypt.compare(password, userData.password, function(err, res) {
						if (err) {
							winston.err(err.message);
							next(new Error('bcrypt compare error'));
							return;
						}

						if (res) {
							next(null, {
								user: {
									uid: uid
								}
							});
						} else {
							next(new Error('invalid-password'));
						}
					});
				});
			});
		}
	}

	Login.loginViaTwitter = function(twid, handle, photos, callback) {
		user.getUidByTwitterId(twid, function(err, uid) {
			if(err) {
				return callback(err);
			}

			if (uid !== null) {
				// Existing User
				callback(null, {
					uid: uid
				});
			} else {
				// New User
				user.create({username: handle}, function(err, uid) {
					if(err) {
						return callback(err);
					}

					// Save twitter-specific information to the user
					user.setUserField(uid, 'twid', twid);
					db.setObjectField('twid:uid', twid, uid);

					// Save their photo, if present
					if (photos && photos.length > 0) {
						var photoUrl = photos[0].value;
						photoUrl = path.dirname(photoUrl) + '/' + path.basename(photoUrl, path.extname(photoUrl)).slice(0, -6) + 'bigger' + path.extname(photoUrl);
						user.setUserField(uid, 'uploadedpicture', photoUrl);
						user.setUserField(uid, 'picture', photoUrl);
					}

					callback(null, {
						uid: uid
					});
				});
			}
		});
	}

	Login.loginViaGoogle = function(gplusid, handle, email, callback) {
		user.getUidByGoogleId(gplusid, function(err, uid) {
			if(err) {
				return callback(err);
			}

			if (uid !== null) {
				// Existing User
				callback(null, {
					uid: uid
				});
			} else {
				// New User
				var success = function(uid) {
					// Save google-specific information to the user
					user.setUserField(uid, 'gplusid', gplusid);
					db.setObjectField('gplusid:uid', gplusid, uid);
					callback(null, {
						uid: uid
					});
				}

				user.getUidByEmail(email, function(err, uid) {
					if(err) {
						return callback(err);
					}

					if (!uid) {
						user.create({username: handle, email: email}, function(err, uid) {
							if(err) {
								return callback(err);
							}

							success(uid);
						});
					} else {
						success(uid); // Existing account -- merge
					}
				});
			}
		});
	}

	Login.loginViaFacebook = function(fbid, name, email, callback) {
		user.getUidByFbid(fbid, function(err, uid) {
			if(err) {
				return callback(err);
			}

			if (uid !== null) {
				// Existing User
				callback(null, {
					uid: uid
				});
			} else {
				// New User
				var success = function(uid) {
					// Save facebook-specific information to the user
					user.setUserField(uid, 'fbid', fbid);
					db.setObjectField('fbid:uid', fbid, uid);
					callback(null, {
						uid: uid
					});
				}

				user.getUidByEmail(email, function(err, uid) {
					if(err) {
						return callback(err);
					}

					if (!uid) {
						user.create({username: name, email: email}, function(err, uid) {
							if(err) {
								return callback(err);
							}

							success(uid);
						});
					} else {
						success(uid); // Existing account -- merge
					}
				});
			}
		});
	}

}(exports));
tons more changes 2013-12-02 21:20:55 -05:00			`var user = require('./user'),`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`bcrypt = require('bcrypt'),`
tons more changes 2013-12-02 21:20:55 -05:00			`db = require('./database'),`
more winston 2013-08-13 15:25:40 -04:00			`path = require('path'),`
closes #448 2013-10-25 18:08:23 -04:00			`winston = require('winston'),`
tons more changes 2013-12-02 21:20:55 -05:00			`utils = require('./../public/src/utils');`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00
formatting - server side core 2013-09-17 13:09:37 -04:00			`(function(Login) {`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00
			`Login.loginViaLocal = function(username, password, next) {`
			`if (!username \|\| !password) {`
			`return next({`
			`status: 'error',`
			`message: 'invalid-user'`
			`});`
			`} else {`
closes #448 2013-10-25 18:08:23 -04:00
			`var userslug = utils.slugify(username);`

camel case for user.js methods 2013-10-30 18:31:36 -04:00			`user.getUidByUserslug(userslug, function(err, uid) {`
removed console.log 2013-10-25 18:09:07 -04:00
closed #297 2013-09-15 10:11:29 -04:00			`if (err) {`
			`return next(new Error('redis-error'));`
removed console.log 2013-10-25 18:09:07 -04:00			`} else if (uid == null) {`
closed #297 2013-09-15 10:11:29 -04:00			`return next(new Error('invalid-user'));`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`}`
meta config changes, refactors 2013-08-23 13:14:36 -04:00
			`user.getUserFields(uid, ['password', 'banned'], function(err, userData) {`
formatting - server side core 2013-09-17 13:09:37 -04:00			`if (err) return next(err);`
meta config changes, refactors 2013-08-23 13:14:36 -04:00
added parseInt 2013-12-05 13:11:27 -05:00			`if (userData.banned && parseInt(userData.banned, 10) === 1) {`
banned users cant login, show error messages on failed logins 2013-08-14 15:49:56 -04:00			`return next({`
			`status: "error",`
			`message: "user-banned"`
			`});`
			`}`
meta config changes, refactors 2013-08-23 13:14:36 -04:00
banned users cant login, show error messages on failed logins 2013-08-14 15:49:56 -04:00			`bcrypt.compare(password, userData.password, function(err, res) {`
formatting - server side core 2013-09-17 13:09:37 -04:00			`if (err) {`
refactoring installation scripts to use node prompt module, lots of other fixes fixed #263, fixed #264, fixed #265 2013-09-06 22:22:42 -04:00			`winston.err(err.message);`
closed #297 2013-09-15 10:11:29 -04:00			`next(new Error('bcrypt compare error'));`
log bcrypt error, closes59 2013-07-06 00:00:38 -04:00			`return;`
			`}`
meta config changes, refactors 2013-08-23 13:14:36 -04:00
password change, closes #66 2013-07-08 12:10:21 -04:00			`if (res) {`
formatting - server side core 2013-09-17 13:09:37 -04:00			`next(null, {`
			`user: {`
			`uid: uid`
			`}`
			`});`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`} else {`
closed #297 2013-09-15 10:11:29 -04:00			`next(new Error('invalid-password'));`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`}`
			`});`
			`});`
			`});`
			`}`
			`}`

fixed #31 - twitter profile picture now used as nodebb avatar in lieu of email address for gravatar 2013-07-24 12:52:16 -04:00			`Login.loginViaTwitter = function(twid, handle, photos, callback) {`
tons more changes 2013-12-02 19:40:11 -05:00			`user.getUidByTwitterId(twid, function(err, uid) {`
			`if(err) {`
			`return callback(err);`
			`}`

moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`if (uid !== null) {`
			`// Existing User`
			`callback(null, {`
			`uid: uid`
			`});`
			`} else {`
			`// New User`
Changed User.create signature to accept a hash, added a couple of utility functions as well 2014-01-20 12:41:35 -05:00			`user.create({username: handle}, function(err, uid) {`
tons more changes 2013-12-02 19:40:11 -05:00			`if(err) {`
			`return callback(err);`
			`}`
fixed #31 - twitter profile picture now used as nodebb avatar in lieu of email address for gravatar 2013-07-24 12:52:16 -04:00
tons more changes 2013-12-02 19:40:11 -05:00			`// Save twitter-specific information to the user`
			`user.setUserField(uid, 'twid', twid);`
tons more changes 2013-12-02 21:20:55 -05:00			`db.setObjectField('twid:uid', twid, uid);`
tons more changes 2013-12-02 19:40:11 -05:00
			`// Save their photo, if present`
			`if (photos && photos.length > 0) {`
			`var photoUrl = photos[0].value;`
			`photoUrl = path.dirname(photoUrl) + '/' + path.basename(photoUrl, path.extname(photoUrl)).slice(0, -6) + 'bigger' + path.extname(photoUrl);`
			`user.setUserField(uid, 'uploadedpicture', photoUrl);`
			`user.setUserField(uid, 'picture', photoUrl);`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`}`
tons more changes 2013-12-02 19:40:11 -05:00
			`callback(null, {`
			`uid: uid`
			`});`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`});`
			`}`
			`});`
			`}`

			`Login.loginViaGoogle = function(gplusid, handle, email, callback) {`
tons more changes 2013-12-02 19:40:11 -05:00			`user.getUidByGoogleId(gplusid, function(err, uid) {`
			`if(err) {`
			`return callback(err);`
			`}`

moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`if (uid !== null) {`
			`// Existing User`
			`callback(null, {`
			`uid: uid`
			`});`
			`} else {`
			`// New User`
			`var success = function(uid) {`
			`// Save google-specific information to the user`
			`user.setUserField(uid, 'gplusid', gplusid);`
tons more changes 2013-12-02 21:20:55 -05:00			`db.setObjectField('gplusid:uid', gplusid, uid);`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`callback(null, {`
			`uid: uid`
			`});`
			`}`

tons more changes 2013-12-02 19:40:11 -05:00			`user.getUidByEmail(email, function(err, uid) {`
			`if(err) {`
			`return callback(err);`
			`}`

moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`if (!uid) {`
Changed User.create signature to accept a hash, added a couple of utility functions as well 2014-01-20 12:41:35 -05:00			`user.create({username: handle, email: email}, function(err, uid) {`
tons more changes 2013-12-02 19:40:11 -05:00			`if(err) {`
			`return callback(err);`
			`}`

			`success(uid);`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`});`
tons more changes 2013-12-02 19:40:11 -05:00			`} else {`
			`success(uid); // Existing account -- merge`
			`}`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`});`
			`}`
			`});`
			`}`

			`Login.loginViaFacebook = function(fbid, name, email, callback) {`
tons more changes 2013-12-02 19:40:11 -05:00			`user.getUidByFbid(fbid, function(err, uid) {`
			`if(err) {`
			`return callback(err);`
			`}`

moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`if (uid !== null) {`
			`// Existing User`
			`callback(null, {`
			`uid: uid`
			`});`
			`} else {`
			`// New User`
			`var success = function(uid) {`
			`// Save facebook-specific information to the user`
			`user.setUserField(uid, 'fbid', fbid);`
tons more changes 2013-12-02 21:20:55 -05:00			`db.setObjectField('fbid:uid', fbid, uid);`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`callback(null, {`
			`uid: uid`
			`});`
			`}`

tons more changes 2013-12-02 19:40:11 -05:00			`user.getUidByEmail(email, function(err, uid) {`
			`if(err) {`
			`return callback(err);`
			`}`

moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`if (!uid) {`
Changed User.create signature to accept a hash, added a couple of utility functions as well 2014-01-20 12:41:35 -05:00			`user.create({username: name, email: email}, function(err, uid) {`
tons more changes 2013-12-02 19:40:11 -05:00			`if(err) {`
			`return callback(err);`
			`}`

			`success(uid);`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`});`
tons more changes 2013-12-02 19:40:11 -05:00			`} else {`
			`success(uid); // Existing account -- merge`
			`}`
moved login code from user.js to login.js 2013-06-24 11:14:03 -04:00			`});`
			`}`
			`});`
			`}`

formatting - server side core 2013-09-17 13:09:37 -04:00			`}(exports));`