src/controllers/authentication.js

"use strict";

var async = require('async');
var winston = require('winston');
var passport = require('passport');
var nconf = require('nconf');
var validator = require('validator');
var _ = require('underscore');

var db = require('../database');
var meta = require('../meta');
var user = require('../user');
var plugins = require('../plugins');
var utils = require('../../public/src/utils');
var Password = require('../password');

var authenticationController = {};

authenticationController.register = function(req, res, next) {
	var registrationType = meta.config.registrationType || 'normal';

	if (registrationType === 'disabled') {
		return res.sendStatus(403);
	}

	var userData = {};

	for (var key in req.body) {
		if (req.body.hasOwnProperty(key)) {
			userData[key] = req.body[key];
		}
	}

	async.waterfall([
		function(next) {
			if (registrationType === 'invite-only' || registrationType === 'admin-invite-only') {
				user.verifyInvitation(userData, next);
			} else {
				next();
			}
		},
		function(next) {
			if (!userData.email) {
				return next(new Error('[[error:invalid-email]]'));
			}

			if (!userData.username || userData.username.length < meta.config.minimumUsernameLength) {
				return next(new Error('[[error:username-too-short]]'));
			}

			if (userData.username.length > meta.config.maximumUsernameLength) {
				return next(new Error('[[error:username-too-long'));
			}

			user.isPasswordValid(userData.password, next);
		},
		function(next) {
			res.locals.processLogin = true;	// set it to false in plugin if you wish to just register only
			plugins.fireHook('filter:register.check', {req: req, res: res, userData: userData}, next);
		},
		function(data, next) {
			if (registrationType === 'normal' || registrationType === 'invite-only' || registrationType === 'admin-invite-only') {
				registerAndLoginUser(req, res, userData, next);
			} else if (registrationType === 'admin-approval') {
				addToApprovalQueue(req, userData, next);
			}
		}
	], function(err, data) {
		if (err) {
			return res.status(400).send(err.message);
		}

		if (req.body.userLang) {
			user.setSetting(data.uid, 'userLang', req.body.userLang);
		}

		res.json(data);
	});
};

function registerAndLoginUser(req, res, userData, callback) {
	var uid;
	async.waterfall([
		function(next) {
			user.create(userData, next);
		},
		function(_uid, next) {
			uid = _uid;
			if (res.locals.processLogin) {
				authenticationController.doLogin(req, uid, next);
			} else {
				next();
			}
		},
		function(next) {
			user.deleteInvitationKey(userData.email);
			plugins.fireHook('filter:register.complete', {uid: uid, referrer: req.body.referrer || nconf.get('relative_path') + '/'}, next);
		}
	], callback);
}

function addToApprovalQueue(req, userData, callback) {
	async.waterfall([
		function(next) {
			userData.ip = req.ip;
			user.addToApprovalQueue(userData, next);
		},
		function(next) {
			next(null, {message: '[[register:registration-added-to-queue]]'});
		}
	], callback);
}

authenticationController.login = function(req, res, next) {
	// Handle returnTo data
	if (req.body.hasOwnProperty('returnTo') && !req.session.returnTo) {
		req.session.returnTo = req.body.returnTo;
	}

	if (plugins.hasListeners('action:auth.overrideLogin')) {
		return continueLogin(req, res, next);
	}

	var loginWith = meta.config.allowLoginWith || 'username-email';

	if (req.body.username && utils.isEmailValid(req.body.username) && loginWith.indexOf('email') !== -1) {
		user.getUsernameByEmail(req.body.username, function(err, username) {
			if (err) {
				return next(err);
			}
			req.body.username = username ? username : req.body.username;
			continueLogin(req, res, next);
		});
	} else if (loginWith.indexOf('username') !== -1 && !validator.isEmail(req.body.username)) {
		continueLogin(req, res, next);
	} else {
		res.status(500).send('[[error:wrong-login-type-' + loginWith + ']]');
	}
};

function continueLogin(req, res, next) {
	passport.authenticate('local', function(err, userData, info) {
		if (err) {
			return res.status(403).send(err.message);
		}

		if (!userData) {
			if (typeof info === 'object') {
				info = '[[error:invalid-username-or-password]]';
			}

			return res.status(403).send(info);
		}

		var passwordExpiry = userData.passwordExpiry !== undefined ? parseInt(userData.passwordExpiry, 10) : null;

		// Alter user cookie depending on passed-in option
		if (req.body.remember === 'on') {
			var duration = 1000 * 60 * 60 * 24 * (parseInt(meta.config.loginDays, 10) || 14);
			req.session.cookie.maxAge = duration;
			req.session.cookie.expires = new Date(Date.now() + duration);
		} else {
			req.session.cookie.maxAge = false;
			req.session.cookie.expires = false;
		}

		if (passwordExpiry && passwordExpiry < Date.now()) {
			winston.verbose('[auth] Triggering password reset for uid ' + userData.uid + ' due to password policy');
			req.session.passwordExpired = true;
			user.reset.generate(userData.uid, function(err, code) {
				res.status(200).send(nconf.get('relative_path') + '/reset/' + code);
			});
		} else {
			authenticationController.doLogin(req, userData.uid, function(err) {
				if (err) {
					return res.status(403).send(err.message);
				}

				if (!req.session.returnTo) {
					res.status(200).send(nconf.get('relative_path') + '/');
				} else {
					var next = req.session.returnTo;
					delete req.session.returnTo;

					res.status(200).send(next);
				}
			});
		}
	})(req, res, next);
}

authenticationController.doLogin = function(req, uid, callback) {
	if (!uid) {
		return callback();
	}

	req.login({uid: uid}, function(err) {
		if (err) {
			return callback(err);
		}

		authenticationController.onSuccessfulLogin(req, uid, callback);
	});
};

authenticationController.onSuccessfulLogin = function(req, uid, callback) {
	callback = callback || function() {};
	var uuid = utils.generateUUID();
	req.session.meta = {};

	delete req.session.forceLogin;

	// Associate IP used during login with user account
	user.logIP(uid, req.ip);
	req.session.meta.ip = req.ip;

	// Associate metadata retrieved via user-agent
	req.session.meta = _.extend(req.session.meta, {
		uuid: uuid,
		datetime: Date.now(),
		platform: req.useragent.platform,
		browser: req.useragent.browser,
		version: req.useragent.version
	});

	// Associate login session with user
	async.parallel([
		function (next) {
			user.auth.addSession(uid, req.sessionID, next);
		},
		function (next) {
			db.setObjectField('uid:' + uid + 'sessionUUID:sessionId', uuid, req.sessionID, next);
		}
	], function(err) {
		if (err) {
			return callback(err);
		}
		plugins.fireHook('action:user.loggedIn', uid);
		callback();
	});
};

authenticationController.localLogin = function(req, username, password, next) {
	if (!username) {
		return next(new Error('[[error:invalid-username]]'));
	}

	var userslug = utils.slugify(username);
	var uid, userData = {};

	async.waterfall([
		function (next) {
			user.isPasswordValid(password, next);
		},
		function (next) {
			user.getUidByUserslug(userslug, next);
		},
		function (_uid, next) {
			if (!_uid) {
				return next(new Error('[[error:no-user]]'));
			}
			uid = _uid;
			user.auth.logAttempt(uid, req.ip, next);
		},
		function (next) {
			async.parallel({
				userData: function(next) {
					db.getObjectFields('user:' + uid, ['password', 'banned', 'passwordExpiry'], next);
				},
				isAdmin: function(next) {
					user.isAdministrator(uid, next);
				}
			}, next);
		},
		function (result, next) {
			userData = result.userData;
			userData.uid = uid;
			userData.isAdmin = result.isAdmin;

			if (!result.isAdmin && parseInt(meta.config.allowLocalLogin, 10) === 0) {
				return next(new Error('[[error:local-login-disabled]]'));
			}

			if (!userData || !userData.password) {
				return next(new Error('[[error:invalid-user-data]]'));
			}
			if (userData.banned && parseInt(userData.banned, 10) === 1) {
				return next(new Error('[[error:user-banned]]'));
			}
			Password.compare(password, userData.password, next);
		},
		function (passwordMatch, next) {
			if (!passwordMatch) {
				return next(new Error('[[error:invalid-password]]'));
			}
			user.auth.clearLoginAttempts(uid);
			next(null, userData, '[[success:authentication-successful]]');
		}
	], next);
};

authenticationController.logout = function(req, res, next) {
	if (req.user && parseInt(req.user.uid, 10) > 0 && req.sessionID) {
		var uid = parseInt(req.user.uid, 10);
		user.auth.revokeSession(req.sessionID, uid, function(err) {
			if (err) {
				return next(err);
			}
			req.logout();
			req.session.destroy();

			user.setUserField(uid, 'lastonline', Date.now() - 300000);

			plugins.fireHook('static:user.loggedOut', {req: req, res: res, uid: uid}, function() {
				res.status(200).send('');
			});
		});
	} else {
		res.status(200).send('');
	}
};


module.exports = authenticationController;
closes #3217 2015-06-17 14:13:29 -04:00			`"use strict";`

#4261 2016-03-08 12:17:12 +02:00			`var async = require('async');`
			`var winston = require('winston');`
			`var passport = require('passport');`
			`var nconf = require('nconf');`
			`var validator = require('validator');`
			`var _ = require('underscore');`

			`var db = require('../database');`
			`var meta = require('../meta');`
			`var user = require('../user');`
			`var plugins = require('../plugins');`
			`var utils = require('../../public/src/utils');`
			`var Password = require('../password');`

			`var authenticationController = {};`
closes #3217 2015-06-17 14:13:29 -04:00
			`authenticationController.register = function(req, res, next) {`
closes #1306 2015-06-27 21:26:19 -04:00			`var registrationType = meta.config.registrationType \|\| 'normal';`

			`if (registrationType === 'disabled') {`
closes #3217 2015-06-17 14:13:29 -04:00			`return res.sendStatus(403);`
			`}`

			`var userData = {};`

			`for (var key in req.body) {`
			`if (req.body.hasOwnProperty(key)) {`
			`userData[key] = req.body[key];`
			`}`
			`}`

			`async.waterfall([`
			`function(next) {`
Fixes #4548 2016-04-19 21:03:00 -04:00			`if (registrationType === 'invite-only' \|\| registrationType === 'admin-invite-only') {`
closes #3271 2015-06-28 21:54:21 -04:00			`user.verifyInvitation(userData, next);`
			`} else {`
			`next();`
			`}`
			`},`
			`function(next) {`
closes #3217 2015-06-17 14:13:29 -04:00			`if (!userData.email) {`
			`return next(new Error('[[error:invalid-email]]'));`
			`}`

			`if (!userData.username \|\| userData.username.length < meta.config.minimumUsernameLength) {`
			`return next(new Error('[[error:username-too-short]]'));`
			`}`

			`if (userData.username.length > meta.config.maximumUsernameLength) {`
			`return next(new Error('[[error:username-too-long'));`
			`}`

closes #3607 2015-09-14 15:50:02 -04:00			`user.isPasswordValid(userData.password, next);`
closes #3217 2015-06-17 14:13:29 -04:00			`},`
			`function(next) {`
closes #4157 2016-02-10 15:26:14 -05:00			`res.locals.processLogin = true; // set it to false in plugin if you wish to just register only`
closes #3217 2015-06-17 14:13:29 -04:00			`plugins.fireHook('filter:register.check', {req: req, res: res, userData: userData}, next);`
			`},`
			`function(data, next) {`
Fixes #4548 2016-04-19 21:03:00 -04:00			`if (registrationType === 'normal' \|\| registrationType === 'invite-only' \|\| registrationType === 'admin-invite-only') {`
closes #4157 2016-02-10 15:26:14 -05:00			`registerAndLoginUser(req, res, userData, next);`
closes #1306 2015-06-27 21:26:19 -04:00			`} else if (registrationType === 'admin-approval') {`
remove unused params 2016-02-01 21:12:23 +02:00			`addToApprovalQueue(req, userData, next);`
closes #1306 2015-06-27 21:26:19 -04:00			`}`
			`}`
			`], function(err, data) {`
			`if (err) {`
			`return res.status(400).send(err.message);`
			`}`

closes #3690 2015-10-06 06:13:25 -04:00			`if (req.body.userLang) {`
			`user.setSetting(data.uid, 'userLang', req.body.userLang);`
			`}`

closes #1306 2015-06-27 21:26:19 -04:00			`res.json(data);`
			`});`
			`};`

closes #4157 2016-02-10 15:26:14 -05:00			`function registerAndLoginUser(req, res, userData, callback) {`
closes #1306 2015-06-27 21:26:19 -04:00			`var uid;`
			`async.waterfall([`
			`function(next) {`
			`user.create(userData, next);`
closes #3217 2015-06-17 14:13:29 -04:00			`},`
			`function(_uid, next) {`
			`uid = _uid;`
#4261 2016-03-08 12:17:12 +02:00			`if (res.locals.processLogin) {`
			`authenticationController.doLogin(req, uid, next);`
closes #4157 2016-02-10 15:26:14 -05:00			`} else {`
			`next();`
			`}`
closes #3217 2015-06-17 14:13:29 -04:00			`},`
			`function(next) {`
Finished adding a new delete to also remove the reference from the invites list on the APM. 2016-03-06 11:59:31 -06:00			`user.deleteInvitationKey(userData.email);`
closes #1306 2015-06-27 21:26:19 -04:00			`plugins.fireHook('filter:register.complete', {uid: uid, referrer: req.body.referrer \|\| nconf.get('relative_path') + '/'}, next);`
closes #3217 2015-06-17 14:13:29 -04:00			`}`
closes #1306 2015-06-27 21:26:19 -04:00			`], callback);`
			`}`
closes #3217 2015-06-17 14:13:29 -04:00
remove unused params 2016-02-01 21:12:23 +02:00			`function addToApprovalQueue(req, userData, callback) {`
closes #1306 2015-06-27 21:26:19 -04:00			`async.waterfall([`
			`function(next) {`
			`userData.ip = req.ip;`
			`user.addToApprovalQueue(userData, next);`
			`},`
			`function(next) {`
			`next(null, {message: '[[register:registration-added-to-queue]]'});`
			`}`
			`], callback);`
			`}`
closes #3217 2015-06-17 14:13:29 -04:00
			`authenticationController.login = function(req, res, next) {`
			`// Handle returnTo data`
			`if (req.body.hasOwnProperty('returnTo') && !req.session.returnTo) {`
			`req.session.returnTo = req.body.returnTo;`
			`}`

			`if (plugins.hasListeners('action:auth.overrideLogin')) {`
			`return continueLogin(req, res, next);`
			`}`

			`var loginWith = meta.config.allowLoginWith \|\| 'username-email';`

			`if (req.body.username && utils.isEmailValid(req.body.username) && loginWith.indexOf('email') !== -1) {`
			`user.getUsernameByEmail(req.body.username, function(err, username) {`
			`if (err) {`
			`return next(err);`
			`}`
			`req.body.username = username ? username : req.body.username;`
			`continueLogin(req, res, next);`
			`});`
			`} else if (loginWith.indexOf('username') !== -1 && !validator.isEmail(req.body.username)) {`
			`continueLogin(req, res, next);`
			`} else {`
			`res.status(500).send('[[error:wrong-login-type-' + loginWith + ']]');`
			`}`
			`};`

			`function continueLogin(req, res, next) {`
			`passport.authenticate('local', function(err, userData, info) {`
			`if (err) {`
			`return res.status(403).send(err.message);`
			`}`

			`if (!userData) {`
			`if (typeof info === 'object') {`
			`info = '[[error:invalid-username-or-password]]';`
			`}`

			`return res.status(403).send(info);`
			`}`

			`var passwordExpiry = userData.passwordExpiry !== undefined ? parseInt(userData.passwordExpiry, 10) : null;`

			`// Alter user cookie depending on passed-in option`
			`if (req.body.remember === 'on') {`
closes #3893 2015-11-23 11:59:00 -05:00			`var duration = 1000 * 60 * 60 * 24 * (parseInt(meta.config.loginDays, 10) \|\| 14);`
closes #3217 2015-06-17 14:13:29 -04:00			`req.session.cookie.maxAge = duration;`
			`req.session.cookie.expires = new Date(Date.now() + duration);`
			`} else {`
			`req.session.cookie.maxAge = false;`
			`req.session.cookie.expires = false;`
			`}`

			`if (passwordExpiry && passwordExpiry < Date.now()) {`
			`winston.verbose('[auth] Triggering password reset for uid ' + userData.uid + ' due to password policy');`
			`req.session.passwordExpired = true;`
			`user.reset.generate(userData.uid, function(err, code) {`
			`res.status(200).send(nconf.get('relative_path') + '/reset/' + code);`
			`});`
			`} else {`
#4261 2016-03-08 12:17:12 +02:00			`authenticationController.doLogin(req, userData.uid, function(err) {`
closes #3217 2015-06-17 14:13:29 -04:00			`if (err) {`
			`return res.status(403).send(err.message);`
			`}`
closes #3989 Squashed commit of the following: commit 23de0708708ed190eafbcd6ea93d43333cb87aa3 Author: Julian Lam <julian@designcreateplay.com> Date: Wed Dec 23 10:48:16 2015 -0500 wired up session revocation, #3989 commit 45a3f18321b74a9b6893d404b6c870f1ec4d95cd Author: Julian Lam <julian@designcreateplay.com> Date: Wed Dec 23 09:49:27 2015 -0500 session deletion via session uuid commit 2bf87338cf9bfa2df0b299639421d8da7553c69a Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 13:53:35 2015 -0500 WIP #3989 commit 623f45c3fa8b96f8b6eec0613eb7f9463348ab93 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 10:22:24 2015 -0500 saving more metadata and displaying sessions in UCP #3989 commit d0567ed7cc33a1aea66e921b657f782038f32191 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 10:21:38 2015 -0500 updated fontawesome to v4.5.0 commit 7131c97fe8ab42838eb2915a04e74f80f3d9a133 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 09:39:16 2015 -0500 saving user-agent metadata into user session #3989 commit 661b7e6dba774b80b5dc6d04f89a79f809ff791e Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 09:23:24 2015 -0500 New user auth methods to add/revoke sessions, #3989 2015-12-23 10:48:45 -05:00
closes #3217 2015-06-17 14:13:29 -04:00			`if (!req.session.returnTo) {`
			`res.status(200).send(nconf.get('relative_path') + '/');`
			`} else {`
			`var next = req.session.returnTo;`
			`delete req.session.returnTo;`

			`res.status(200).send(next);`
			`}`
			`});`
			`}`
			`})(req, res, next);`
			`}`

#4261 2016-03-08 12:17:12 +02:00			`authenticationController.doLogin = function(req, uid, callback) {`
			`if (!uid) {`
			`return callback();`
			`}`

closes #4261 2016-02-26 16:45:44 +02:00			`req.login({uid: uid}, function(err) {`
			`if (err) {`
			`return callback(err);`
			`}`

#4261 2016-03-08 12:29:19 +02:00			`authenticationController.onSuccessfulLogin(req, uid, callback);`
			`});`
			`};`
closes #4261 2016-02-26 16:45:44 +02:00
#4261 2016-03-08 12:29:19 +02:00			`authenticationController.onSuccessfulLogin = function(req, uid, callback) {`
			`callback = callback \|\| function() {};`
			`var uuid = utils.generateUUID();`
			`req.session.meta = {};`

closes #1972 2016-05-03 19:13:10 +03:00			`delete req.session.forceLogin;`

#4261 2016-03-08 12:29:19 +02:00			`// Associate IP used during login with user account`
			`user.logIP(uid, req.ip);`
			`req.session.meta.ip = req.ip;`

			`// Associate metadata retrieved via user-agent`
			`req.session.meta = _.extend(req.session.meta, {`
			`uuid: uuid,`
			`datetime: Date.now(),`
			`platform: req.useragent.platform,`
			`browser: req.useragent.browser,`
			`version: req.useragent.version`
			`});`

			`// Associate login session with user`
			`async.parallel([`
			`function (next) {`
			`user.auth.addSession(uid, req.sessionID, next);`
			`},`
			`function (next) {`
			`db.setObjectField('uid:' + uid + 'sessionUUID:sessionId', uuid, req.sessionID, next);`
			`}`
			`], function(err) {`
			`if (err) {`
			`return callback(err);`
			`}`
			`plugins.fireHook('action:user.loggedIn', uid);`
			`callback();`
closes #4261 2016-02-26 16:45:44 +02:00			`});`
#4261 2016-03-08 12:17:12 +02:00			`};`
closes #4261 2016-02-26 16:45:44 +02:00
closes #3217 2015-06-17 14:13:29 -04:00			`authenticationController.localLogin = function(req, username, password, next) {`
closes #4041 2016-01-10 10:26:47 +02:00			`if (!username) {`
			`return next(new Error('[[error:invalid-username]]'));`
closes #3217 2015-06-17 14:13:29 -04:00			`}`

			`var userslug = utils.slugify(username);`
			`var uid, userData = {};`

			`async.waterfall([`
closes #4041 2016-01-10 10:26:47 +02:00			`function (next) {`
			`user.isPasswordValid(password, next);`
			`},`
			`function (next) {`
closes #3217 2015-06-17 14:13:29 -04:00			`user.getUidByUserslug(userslug, next);`
			`},`
closes #4041 2016-01-10 10:26:47 +02:00			`function (_uid, next) {`
closes #3217 2015-06-17 14:13:29 -04:00			`if (!_uid) {`
			`return next(new Error('[[error:no-user]]'));`
			`}`
			`uid = _uid;`
			`user.auth.logAttempt(uid, req.ip, next);`
			`},`
closes #4041 2016-01-10 10:26:47 +02:00			`function (next) {`
closes #3217 2015-06-17 14:13:29 -04:00			`async.parallel({`
			`userData: function(next) {`
			`db.getObjectFields('user:' + uid, ['password', 'banned', 'passwordExpiry'], next);`
			`},`
			`isAdmin: function(next) {`
			`user.isAdministrator(uid, next);`
			`}`
			`}, next);`
			`},`
closes #4041 2016-01-10 10:26:47 +02:00			`function (result, next) {`
closes #3217 2015-06-17 14:13:29 -04:00			`userData = result.userData;`
			`userData.uid = uid;`
			`userData.isAdmin = result.isAdmin;`

			`if (!result.isAdmin && parseInt(meta.config.allowLocalLogin, 10) === 0) {`
			`return next(new Error('[[error:local-login-disabled]]'));`
			`}`

			`if (!userData \|\| !userData.password) {`
			`return next(new Error('[[error:invalid-user-data]]'));`
			`}`
			`if (userData.banned && parseInt(userData.banned, 10) === 1) {`
			`return next(new Error('[[error:user-banned]]'));`
			`}`
			`Password.compare(password, userData.password, next);`
			`},`
closes #4041 2016-01-10 10:26:47 +02:00			`function (passwordMatch, next) {`
closes #3217 2015-06-17 14:13:29 -04:00			`if (!passwordMatch) {`
			`return next(new Error('[[error:invalid-password]]'));`
			`}`
			`user.auth.clearLoginAttempts(uid);`
			`next(null, userData, '[[success:authentication-successful]]');`
			`}`
			`], next);`
			`};`

			`authenticationController.logout = function(req, res, next) {`
			`if (req.user && parseInt(req.user.uid, 10) > 0 && req.sessionID) {`
closes #3342 2015-07-20 15:53:03 -04:00			`var uid = parseInt(req.user.uid, 10);`
closes #3989 Squashed commit of the following: commit 23de0708708ed190eafbcd6ea93d43333cb87aa3 Author: Julian Lam <julian@designcreateplay.com> Date: Wed Dec 23 10:48:16 2015 -0500 wired up session revocation, #3989 commit 45a3f18321b74a9b6893d404b6c870f1ec4d95cd Author: Julian Lam <julian@designcreateplay.com> Date: Wed Dec 23 09:49:27 2015 -0500 session deletion via session uuid commit 2bf87338cf9bfa2df0b299639421d8da7553c69a Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 13:53:35 2015 -0500 WIP #3989 commit 623f45c3fa8b96f8b6eec0613eb7f9463348ab93 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 10:22:24 2015 -0500 saving more metadata and displaying sessions in UCP #3989 commit d0567ed7cc33a1aea66e921b657f782038f32191 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 10:21:38 2015 -0500 updated fontawesome to v4.5.0 commit 7131c97fe8ab42838eb2915a04e74f80f3d9a133 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 09:39:16 2015 -0500 saving user-agent metadata into user session #3989 commit 661b7e6dba774b80b5dc6d04f89a79f809ff791e Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 09:23:24 2015 -0500 New user auth methods to add/revoke sessions, #3989 2015-12-23 10:48:45 -05:00			`user.auth.revokeSession(req.sessionID, uid, function(err) {`
closes #3217 2015-06-17 14:13:29 -04:00			`if (err) {`
			`return next(err);`
			`}`
			`req.logout();`
when logging out, end the express session 2016-06-21 21:02:07 -04:00			`req.session.destroy();`
added action:user.loggedOut 2015-07-18 14:06:51 -04:00
closes #4507 2016-04-27 11:13:08 +03:00			`user.setUserField(uid, 'lastonline', Date.now() - 300000);`

Deprecated action:user.loggedOut, updated plugin deprecation notices ... to show replacement, if available. 2016-01-07 15:41:51 -05:00			`plugins.fireHook('static:user.loggedOut', {req: req, res: res, uid: uid}, function() {`
			`res.status(200).send('');`
			`});`
closes #3217 2015-06-17 14:13:29 -04:00			`});`
			`} else {`
			`res.status(200).send('');`
			`}`
			`};`


			`module.exports = authenticationController;`