Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 19:46:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

auth refactor

Browse Source
This commit is contained in:
barisusakli
2014-11-12 16:15:44 -05:00
parent fc0dce429b
commit 9a16a359a8
2 changed files with 186 additions and 228 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/controllers/index.js
View File

@@ -137,12 +137,11 @@ Controllers.reset = function(req, res, next) {
Controllers.login = function(req, res, next) { Controllers.login = function(req, res, next) {
var data = {}, var data = {},
login_strategies = auth.get_login_strategies(), loginStrategies = auth.getLoginStrategies(),
num_strategies = login_strategies.length,
emailersPresent = plugins.hasListeners('action:email.send'); emailersPresent = plugins.hasListeners('action:email.send');
data.alternate_logins = num_strategies > 0; data.alternate_logins = loginStrategies.length > 0;
data.authentication = login_strategies; data.authentication = loginStrategies;
data.token = req.csrfToken(); data.token = req.csrfToken();
data.showResetLink = emailersPresent; data.showResetLink = emailersPresent;
data.allowLocalLogin = parseInt(meta.config.allowLocalLogin, 10) === 1; data.allowLocalLogin = parseInt(meta.config.allowLocalLogin, 10) === 1;
@@ -158,10 +157,9 @@ Controllers.register = function(req, res, next) {
} }
var data = {}, var data = {},
login_strategies = auth.get_login_strategies(), loginStrategies = auth.getLoginStrategies();
num_strategies = login_strategies.length;
if (num_strategies === 0) { if (loginStrategies.length === 0) {
data = { data = {
'register_window:spansize': 'col-md-12', 'register_window:spansize': 'col-md-12',
'alternate_logins': false 'alternate_logins': false
@@ -173,7 +171,7 @@ Controllers.register = function(req, res, next) {
}; };
} }
data.authentication = login_strategies; data.authentication = loginStrategies;
data.token = req.csrfToken(); data.token = req.csrfToken();
data.minimumUsernameLength = meta.config.minimumUsernameLength; data.minimumUsernameLength = meta.config.minimumUsernameLength;

400
src/routes/authentication.js
View File

@@ -16,138 +16,7 @@
hotswap = require('../hotswap'), hotswap = require('../hotswap'),
utils = require('../../public/src/utils'), utils = require('../../public/src/utils'),
login_strategies = [], loginStrategies = [];
controllers = require('../controllers');
function logout(req, res) {
if (req.user && parseInt(req.user.uid, 10) > 0) {
var ws = require('../socket.io');
ws.logoutUser(req.user.uid);
req.logout();
}
res.status(200).send('');
}
function login(req, res, next) {
var continueLogin = function() {
passport.authenticate('local', function(err, userData, info) {
if (err) {
req.flash('error', info);
return res.redirect(nconf.get('relative_path') + '/login');
}
if (!userData) {
if (typeof info === 'object') {
info = '[[error:invalid-username-or-password]]';
}
req.flash('error', info);
return res.redirect(nconf.get('relative_path') + '/login');
}
// Alter user cookie depending on passed-in option
if (req.body.remember === 'on') {
var duration = 1000*60*60*24*parseInt(meta.config.loginDays || 14, 10);
req.session.cookie.maxAge = duration;
req.session.cookie.expires = new Date(Date.now() + duration);
} else {
req.session.cookie.maxAge = false;
req.session.cookie.expires = false;
}
req.login({
uid: userData.uid
}, function() {
if (userData.uid) {
user.logIP(userData.uid, req.ip);
plugins.fireHook('action:user.loggedIn', userData.uid);
}
if (!req.session.returnTo) {
res.redirect(nconf.get('relative_path') + '/');
} else {
var next = req.session.returnTo;
delete req.session.returnTo;
res.redirect(nconf.get('relative_path') + next);
}
});
})(req, res, next);
};
if(meta.config.allowLocalLogin !== undefined && parseInt(meta.config.allowLocalLogin, 10) === 0) {
return res.status(404).send('');
}
// Handle returnTo data
if (req.body.hasOwnProperty('returnTo') && !req.session.returnTo) {
req.session.returnTo = req.body.returnTo;
}
if (req.body.username && utils.isEmailValid(req.body.username)) {
user.getUsernameByEmail(req.body.username, function(err, username) {
if (err) {
return next(err);
}
req.body.username = username ? username : req.body.username;
continueLogin();
});
} else {
continueLogin();
}
}
function register(req, res) {
if(meta.config.allowRegistration !== undefined && parseInt(meta.config.allowRegistration, 10) === 0) {
return res.status(403).send('');
}
var userData = {};
for (var key in req.body) {
if (req.body.hasOwnProperty(key)) {
userData[key] = req.body[key];
}
}
plugins.fireHook('filter:register.check', {req: req, res: res, userData: userData}, function(err, data) {
if (err) {
return res.redirect(nconf.get('relative_path') + '/register' + (err.message ? '?error=' + err.message : ''));
}
if (userData.username.length < meta.config.minimumUsernameLength) {
return res.redirect(nconf.get('relative_path') + '/register?error=[[error:username-too-short]]');
} else if (userData.username.length > meta.config.maximumUsernameLength) {
return res.redirect(nconf.get('relative_path') + '/register?error=[[error:username-too-long]]');
}
user.create(userData, function(err, uid) {
if (err || !uid) {
return res.redirect(nconf.get('relative_path') + '/register');
}
req.login({
uid: uid
}, function() {
user.logIP(uid, req.ip);
require('../socket.io').emitUserCount();
user.notifications.sendWelcomeNotification(uid);
plugins.fireHook('filter:register.complete', {uid: uid, referrer: req.body.referrer}, function(err, data) {
if (err) {
return res.redirect(nconf.get('relative_path') + '/register');
}
res.redirect(nconf.get('relative_path') + (data.referrer ? data.referrer : '/'));
});
});
});
});
}
Auth.initialize = function(app, middleware) { Auth.initialize = function(app, middleware) {
app.use(passport.initialize()); app.use(passport.initialize());
@@ -157,64 +26,35 @@
Auth.middleware = middleware; Auth.middleware = middleware;
}; };
Auth.get_login_strategies = function() { Auth.getLoginStrategies = function() {
return login_strategies; return loginStrategies;
}; };
Auth.reloadRoutes = function(callback) { Auth.reloadRoutes = function(callback) {
var router = express.Router(); var router = express.Router();
router.hotswapId = 'auth'; router.hotswapId = 'auth';
plugins.ready(function() { plugins.ready(function() {
// Reset the registered login strategies loginStrategies.length = 0;
login_strategies.length = 0;
plugins.fireHook('filter:auth.init', login_strategies, function(err) { plugins.fireHook('filter:auth.init', loginStrategies, function(err) {
if (err) { if (err) {
winston.error('filter:auth.init - plugin failure'); winston.error('filter:auth.init - plugin failure');
return callback(err);
} }
var deprecList = []; loginStrategies.forEach(function(strategy) {
for (var i in login_strategies) { if (strategy.url) {
if (login_strategies.hasOwnProperty(i)) { router.get(strategy.url, passport.authenticate(strategy.name, {
var strategy = login_strategies[i]; scope: strategy.scope
/*
Backwards compatibility block for v0.6.0
Remove this upon release of v0.6.0-1
Ref: nodebb/nodebb#1849
*/
if (strategy.icon.slice(0, 3) !== 'fa-') {
deprecList.push(strategy.name);
strategy.icon = 'fa-' + strategy.icon + '-square';
}
/* End backwards compatibility block */
if (strategy.url) {
router.get(strategy.url, passport.authenticate(strategy.name, {
scope: strategy.scope
}));
}
router.get(strategy.callbackURL, passport.authenticate(strategy.name, {
successReturnToOrRedirect: nconf.get('relative_path') + '/',
failureRedirect: nconf.get('relative_path') + '/login'
})); }));
} }
}
/* router.get(strategy.callbackURL, passport.authenticate(strategy.name, {
Backwards compatibility block for v0.6.0 successReturnToOrRedirect: nconf.get('relative_path') + '/',
Remove this upon release of v0.6.0-1 failureRedirect: nconf.get('relative_path') + '/login'
Ref: nodebb/nodebb#1849 }));
*/ });
if (deprecList.length) {
winston.warn('[plugins] Deprecation notice: SSO plugins should now pass in the full fontawesome icon name (e.g. "fa-facebook-o"). Please update the following plugins:');
for(var x=0,numDeprec=deprecList.length;x<numDeprec;x++) {
process.stdout.write(' * ' + deprecList[x] + '\n');
}
}
/* End backwards compatibility block */
router.post('/logout', logout); router.post('/logout', logout);
router.post('/register', Auth.middleware.applyCSRF, register); router.post('/register', Auth.middleware.applyCSRF, register);
@@ -234,52 +74,39 @@
} }
var userslug = utils.slugify(username); var userslug = utils.slugify(username);
var uid;
user.getUidByUserslug(userslug, function(err, uid) { async.waterfall([
if (err) { function(next) {
return next(err); user.getUidByUserslug(userslug, next);
} },
function(_uid, next) {
if (!uid) { if (!_uid) {
return next(null, false, '[[error:no-user]]'); return next(null, false, '[[error:no-user]]');
}
user.auth.logAttempt(uid, function(err) {
if (err) {
return next(null, false, err.message);
} }
uid = _uid;
db.getObjectFields('user:' + uid, ['password', 'banned'], function(err, userData) { user.auth.logAttempt(uid, next);
if (err) { },
return next(err); function(next) {
} db.getObjectFields('user:' + uid, ['password', 'banned'], next);
},
if (!userData || !userData.password) { function(userData, next) {
return next(new Error('[[error:invalid-user-data]]')); if (!userData || !userData.password) {
} return next(new Error('[[error:invalid-user-data]]'));
}
if (userData.banned && parseInt(userData.banned, 10) === 1) { if (userData.banned && parseInt(userData.banned, 10) === 1) {
return next(null, false, '[[error:user-banned]]'); return next(null, false, '[[error:user-banned]]');
} }
Password.compare(password, userData.password, next);
Password.compare(password, userData.password, function(err, res) { },
if (err) { function(passwordMatch, next) {
return next(new Error('bcrypt compare error')); if (!passwordMatch) {
} return next(null, false, '[[error:invalid-password]]');
}
if (!res) { user.auth.clearLoginAttempts(uid);
return next(null, false, '[[error:invalid-password]]'); next(null, {uid: uid}, '[[success:authentication-successful]]');
} }
], next);
user.auth.clearLoginAttempts(uid);
next(null, {
uid: uid
}, '[[success:authentication-successful]]');
});
});
});
});
}; };
passport.use(new passportLocal(Auth.login)); passport.use(new passportLocal(Auth.login));
@@ -293,4 +120,137 @@
uid: uid uid: uid
}); });
}); });
function login(req, res, next) {
if (parseInt(meta.config.allowLocalLogin, 10) === 0) {
return res.status(404).send('');
}
// Handle returnTo data
if (req.body.hasOwnProperty('returnTo') && !req.session.returnTo) {
req.session.returnTo = req.body.returnTo;
}
if (req.body.username && utils.isEmailValid(req.body.username)) {
user.getUsernameByEmail(req.body.username, function(err, username) {
if (err) {
return next(err);
}
req.body.username = username ? username : req.body.username;
continueLogin(req, res, next);
});
} else {
continueLogin(req, res, next);
}
}
function continueLogin(req, res, next) {
passport.authenticate('local', function(err, userData, info) {
if (err) {
req.flash('error', info);
return res.redirect(nconf.get('relative_path') + '/login');
}
if (!userData) {
if (typeof info === 'object') {
info = '[[error:invalid-username-or-password]]';
}
req.flash('error', info);
return res.redirect(nconf.get('relative_path') + '/login');
}
// Alter user cookie depending on passed-in option
if (req.body.remember === 'on') {
var duration = 1000*60*60*24*parseInt(meta.config.loginDays || 14, 10);
req.session.cookie.maxAge = duration;
req.session.cookie.expires = new Date(Date.now() + duration);
} else {
req.session.cookie.maxAge = false;
req.session.cookie.expires = false;
}
req.login({
uid: userData.uid
}, function(err) {
if (err) {
req.flash('error', err.message);
return res.redirect(nconf.get('relative_path') + '/login');
}
if (userData.uid) {
user.logIP(userData.uid, req.ip);
plugins.fireHook('action:user.loggedIn', userData.uid);
}
if (!req.session.returnTo) {
res.redirect(nconf.get('relative_path') + '/');
} else {
var next = req.session.returnTo;
delete req.session.returnTo;
res.redirect(nconf.get('relative_path') + next);
}
});
})(req, res, next);
}
function register(req, res) {
if (parseInt(meta.config.allowRegistration, 10) === 0) {
return res.status(403).send('');
}
var userData = {};
for (var key in req.body) {
if (req.body.hasOwnProperty(key)) {
userData[key] = req.body[key];
}
}
if (!userData.username || userData.username.length < meta.config.minimumUsernameLength) {
return res.redirect(nconf.get('relative_path') + '/register?error=[[error:username-too-short]]');
} else if (!userData.username || userData.username.length > meta.config.maximumUsernameLength) {
return res.redirect(nconf.get('relative_path') + '/register?error=[[error:username-too-long]]');
}
var uid;
async.waterfall([
function(next) {
plugins.fireHook('filter:register.check', {req: req, res: res, userData: userData}, next);
},
function(data, next) {
user.create(data.userData, next);
},
function(_uid, next) {
uid = _uid;
req.login({uid: uid}, next);
},
function(next) {
user.logIP(uid, req.ip);
require('../socket.io').emitUserCount();
user.notifications.sendWelcomeNotification(uid);
plugins.fireHook('filter:register.complete', {uid: uid, referrer: req.body.referrer}, next);
}
], function(err, data) {
if (err) {
return res.redirect(nconf.get('relative_path') + '/register?error=' + err.message);
}
res.redirect(nconf.get('relative_path') + (data.referrer ? data.referrer : '/'));
});
}
function logout(req, res) {
if (req.user && parseInt(req.user.uid, 10) > 0) {
require('../socket.io').logoutUser(req.user.uid);
req.logout();
}
res.status(200).send('');
}
}(exports)); }(exports));