mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-11-03 20:45:58 +01:00
refactor: simplified utilities API > login rout
Removed continueLogin override in favour of a simpler `redirectAfterLogin` override Use passport to authenticate username and password instead of duplicated logic.
This commit is contained in:
Julian Lam
@@ -259,7 +259,7 @@ authenticationController.login = async (req, res, next) => {
|
||||
}
|
||||
}
|
||||
if (isEmailLogin || isUsernameLogin) {
|
||||
(res.locals.continueLogin || continueLogin)(strategy, req, res, next);
|
||||
continueLogin(strategy, req, res, next);
|
||||
} else {
|
||||
errorHandler(req, res, `[[error:wrong-login-type-${loginWith}]]`, 400);
|
||||
}
|
||||
@@ -303,9 +303,7 @@ function continueLogin(strategy, req, res, next) {
|
||||
req.session.passwordExpired = true;
|
||||
|
||||
const code = await user.reset.generate(userData.uid);
|
||||
res.status(200).send({
|
||||
next: `${nconf.get('relative_path')}/reset/${code}`,
|
||||
});
|
||||
(res.locals.redirectAfterLogin || redirectAfterLogin)(req, res, `${nconf.get('relative_path')}/reset/${code}`);
|
||||
} else {
|
||||
delete req.query.lang;
|
||||
await authenticationController.doLogin(req, userData.uid);
|
||||
@@ -319,6 +317,12 @@ function continueLogin(strategy, req, res, next) {
|
||||
destination = `${nconf.get('relative_path')}/`;
|
||||
}
|
||||
|
||||
(res.locals.redirectAfterLogin || redirectAfterLogin)(req, res, destination);
|
||||
}
|
||||
})(req, res, next);
|
||||
}
|
||||
|
||||
function redirectAfterLogin(req, res, destination) {
|
||||
if (req.body.noscript === 'true') {
|
||||
res.redirect(`${destination}?loggedin`);
|
||||
} else {
|
||||
@@ -326,8 +330,6 @@ function continueLogin(strategy, req, res, next) {
|
||||
next: destination,
|
||||
});
|
||||
}
|
||||
}
|
||||
})(req, res, next);
|
||||
}
|
||||
|
||||
authenticationController.doLogin = async function (req, uid) {
|
||||
|
||||
@@ -2,7 +2,6 @@
|
||||
|
||||
const user = require('../../user');
|
||||
const authenticationController = require('../authentication');
|
||||
const slugify = require('../../slugify');
|
||||
const helpers = require('../helpers');
|
||||
|
||||
const Utilities = module.exports;
|
||||
@@ -22,31 +21,9 @@ Utilities.ping.post = (req, res) => {
|
||||
};
|
||||
|
||||
Utilities.login = (req, res) => {
|
||||
res.locals.continueLogin = async (strategy, req, res) => {
|
||||
const { username, password, session } = req.body;
|
||||
|
||||
const userslug = slugify(username);
|
||||
const uid = await user.getUidByUserslug(userslug);
|
||||
let ok = false;
|
||||
try {
|
||||
ok = await user.isPasswordCorrect(uid, password, req.ip);
|
||||
} catch (err) {
|
||||
if (err.message === '[[error:account-locked]]') {
|
||||
return helpers.formatApiResponse(429, res, err);
|
||||
}
|
||||
}
|
||||
|
||||
if (ok) {
|
||||
const userData = (await user.getUsers([uid], uid)).pop();
|
||||
|
||||
if (parseInt(session, 10) === 1) {
|
||||
await authenticationController.doLogin(req, userData.uid);
|
||||
}
|
||||
|
||||
res.locals.redirectAfterLogin = async (req, res) => {
|
||||
const userData = (await user.getUsers([req.uid], req.uid)).pop();
|
||||
helpers.formatApiResponse(200, res, userData);
|
||||
} else {
|
||||
helpers.formatApiResponse(403, res);
|
||||
}
|
||||
};
|
||||
res.locals.noScriptErrors = (req, res, err, statusCode) => {
|
||||
helpers.formatApiResponse(statusCode, res, new Error(err));
|
||||
|
||||
Reference in New Issue
Block a user