diff options
Diffstat (limited to 'lib/auth.js')
| -rw-r--r-- | lib/auth.js | 348 |
1 files changed, 175 insertions, 173 deletions
diff --git a/lib/auth.js b/lib/auth.js index 4b14e42c..ef1d6464 100644 --- a/lib/auth.js +++ b/lib/auth.js @@ -1,190 +1,192 @@ -//auth -//external modules -var passport = require('passport'); -var FacebookStrategy = require('passport-facebook').Strategy; -var TwitterStrategy = require('passport-twitter').Strategy; -var GithubStrategy = require('passport-github').Strategy; -var GitlabStrategy = require('passport-gitlab2').Strategy; -var DropboxStrategy = require('passport-dropbox-oauth2').Strategy; -var GoogleStrategy = require('passport-google-oauth20').Strategy; -var LdapStrategy = require('passport-ldapauth'); -var LocalStrategy = require('passport-local').Strategy; -var validator = require('validator'); +// auth +// external modules +var passport = require('passport') +var FacebookStrategy = require('passport-facebook').Strategy +var TwitterStrategy = require('passport-twitter').Strategy +var GithubStrategy = require('passport-github').Strategy +var GitlabStrategy = require('passport-gitlab2').Strategy +var DropboxStrategy = require('passport-dropbox-oauth2').Strategy +var GoogleStrategy = require('passport-google-oauth20').Strategy +var LdapStrategy = require('passport-ldapauth') +var LocalStrategy = require('passport-local').Strategy +var validator = require('validator') -//core -var config = require('./config.js'); -var logger = require("./logger.js"); -var models = require("./models"); +// core +var config = require('./config.js') +var logger = require('./logger.js') +var models = require('./models') -function callback(accessToken, refreshToken, profile, done) { - //logger.info(profile.displayName || profile.username); - var stringifiedProfile = JSON.stringify(profile); - models.User.findOrCreate({ - where: { - profileid: profile.id.toString() - }, - defaults: { - profile: stringifiedProfile, - accessToken: accessToken, - refreshToken: refreshToken - } - }).spread(function (user, created) { - if (user) { - var needSave = false; - if (user.profile != stringifiedProfile) { - user.profile = stringifiedProfile; - needSave = true; - } - if (user.accessToken != accessToken) { - user.accessToken = accessToken; - needSave = true; - } - if (user.refreshToken != refreshToken) { - user.refreshToken = refreshToken; - needSave = true; - } - if (needSave) { - user.save().then(function () { - if (config.debug) - logger.info('user login: ' + user.id); - return done(null, user); - }); - } else { - if (config.debug) - logger.info('user login: ' + user.id); - return done(null, user); - } - } - }).catch(function (err) { - logger.error('auth callback failed: ' + err); - return done(err, null); - }); +function callback (accessToken, refreshToken, profile, done) { + // logger.info(profile.displayName || profile.username); + var stringifiedProfile = JSON.stringify(profile) + models.User.findOrCreate({ + where: { + profileid: profile.id.toString() + }, + defaults: { + profile: stringifiedProfile, + accessToken: accessToken, + refreshToken: refreshToken + } + }).spread(function (user, created) { + if (user) { + var needSave = false + if (user.profile !== stringifiedProfile) { + user.profile = stringifiedProfile + needSave = true + } + if (user.accessToken !== accessToken) { + user.accessToken = accessToken + needSave = true + } + if (user.refreshToken !== refreshToken) { + user.refreshToken = refreshToken + needSave = true + } + if (needSave) { + user.save().then(function () { + if (config.debug) { logger.info('user login: ' + user.id) } + return done(null, user) + }) + } else { + if (config.debug) { logger.info('user login: ' + user.id) } + return done(null, user) + } + } + }).catch(function (err) { + logger.error('auth callback failed: ' + err) + return done(err, null) + }) } -//facebook -if (config.facebook) { - module.exports = passport.use(new FacebookStrategy({ - clientID: config.facebook.clientID, - clientSecret: config.facebook.clientSecret, - callbackURL: config.serverurl + '/auth/facebook/callback' - }, callback)); -} -//twitter -if (config.twitter) { +function registerAuthMethod () { +// facebook + if (config.facebook) { + passport.use(new FacebookStrategy({ + clientID: config.facebook.clientID, + clientSecret: config.facebook.clientSecret, + callbackURL: config.serverurl + '/auth/facebook/callback' + }, callback)) + } +// twitter + if (config.twitter) { passport.use(new TwitterStrategy({ - consumerKey: config.twitter.consumerKey, - consumerSecret: config.twitter.consumerSecret, - callbackURL: config.serverurl + '/auth/twitter/callback' - }, callback)); -} -//github -if (config.github) { + consumerKey: config.twitter.consumerKey, + consumerSecret: config.twitter.consumerSecret, + callbackURL: config.serverurl + '/auth/twitter/callback' + }, callback)) + } +// github + if (config.github) { passport.use(new GithubStrategy({ - clientID: config.github.clientID, - clientSecret: config.github.clientSecret, - callbackURL: config.serverurl + '/auth/github/callback' - }, callback)); -} -//gitlab -if (config.gitlab) { + clientID: config.github.clientID, + clientSecret: config.github.clientSecret, + callbackURL: config.serverurl + '/auth/github/callback' + }, callback)) + } +// gitlab + if (config.gitlab) { passport.use(new GitlabStrategy({ - baseURL: config.gitlab.baseURL, - clientID: config.gitlab.clientID, - clientSecret: config.gitlab.clientSecret, - callbackURL: config.serverurl + '/auth/gitlab/callback' - }, callback)); -} -//dropbox -if (config.dropbox) { + baseURL: config.gitlab.baseURL, + clientID: config.gitlab.clientID, + clientSecret: config.gitlab.clientSecret, + callbackURL: config.serverurl + '/auth/gitlab/callback' + }, callback)) + } +// dropbox + if (config.dropbox) { passport.use(new DropboxStrategy({ - apiVersion: '2', - clientID: config.dropbox.clientID, - clientSecret: config.dropbox.clientSecret, - callbackURL: config.serverurl + '/auth/dropbox/callback' - }, callback)); -} -//google -if (config.google) { + apiVersion: '2', + clientID: config.dropbox.clientID, + clientSecret: config.dropbox.clientSecret, + callbackURL: config.serverurl + '/auth/dropbox/callback' + }, callback)) + } +// google + if (config.google) { passport.use(new GoogleStrategy({ - clientID: config.google.clientID, - clientSecret: config.google.clientSecret, - callbackURL: config.serverurl + '/auth/google/callback' - }, callback)); -} + clientID: config.google.clientID, + clientSecret: config.google.clientSecret, + callbackURL: config.serverurl + '/auth/google/callback' + }, callback)) + } // ldap -if (config.ldap) { + if (config.ldap) { passport.use(new LdapStrategy({ - server: { - url: config.ldap.url || null, - bindDn: config.ldap.bindDn || null, - bindCredentials: config.ldap.bindCredentials || null, - searchBase: config.ldap.searchBase || null, - searchFilter: config.ldap.searchFilter || null, - searchAttributes: config.ldap.searchAttributes || null, - tlsOptions: config.ldap.tlsOptions || null - }, + server: { + url: config.ldap.url || null, + bindDn: config.ldap.bindDn || null, + bindCredentials: config.ldap.bindCredentials || null, + searchBase: config.ldap.searchBase || null, + searchFilter: config.ldap.searchFilter || null, + searchAttributes: config.ldap.searchAttributes || null, + tlsOptions: config.ldap.tlsOptions || null + } }, - function(user, done) { - var profile = { - id: 'LDAP-' + user.uidNumber, - username: user.uid, - displayName: user.displayName, - emails: user.mail ? [user.mail] : [], - avatarUrl: null, - profileUrl: null, - provider: 'ldap', + function (user, done) { + var profile = { + id: 'LDAP-' + user.uidNumber, + username: user.uid, + displayName: user.displayName, + emails: user.mail ? [user.mail] : [], + avatarUrl: null, + profileUrl: null, + provider: 'ldap' + } + var stringifiedProfile = JSON.stringify(profile) + models.User.findOrCreate({ + where: { + profileid: profile.id.toString() + }, + defaults: { + profile: stringifiedProfile } - var stringifiedProfile = JSON.stringify(profile); - models.User.findOrCreate({ - where: { - profileid: profile.id.toString() - }, - defaults: { - profile: stringifiedProfile, - } - }).spread(function (user, created) { - if (user) { - var needSave = false; - if (user.profile != stringifiedProfile) { - user.profile = stringifiedProfile; - needSave = true; - } - if (needSave) { - user.save().then(function () { - if (config.debug) - logger.info('user login: ' + user.id); - return done(null, user); - }); - } else { - if (config.debug) - logger.info('user login: ' + user.id); - return done(null, user); - } - } - }).catch(function (err) { - logger.error('ldap auth failed: ' + err); - return done(err, null); - }); - })); -} + }).spread(function (user, created) { + if (user) { + var needSave = false + if (user.profile !== stringifiedProfile) { + user.profile = stringifiedProfile + needSave = true + } + if (needSave) { + user.save().then(function () { + if (config.debug) { logger.info('user login: ' + user.id) } + return done(null, user) + }) + } else { + if (config.debug) { logger.info('user login: ' + user.id) } + return done(null, user) + } + } + }).catch(function (err) { + logger.error('ldap auth failed: ' + err) + return done(err, null) + }) + })) + } // email -if (config.email) { + if (config.email) { passport.use(new LocalStrategy({ - usernameField: 'email' + usernameField: 'email' }, - function(email, password, done) { - if (!validator.isEmail(email)) return done(null, false); - models.User.findOne({ - where: { - email: email - } - }).then(function (user) { - if (!user) return done(null, false); - if (!user.verifyPassword(password)) return done(null, false); - return done(null, user); - }).catch(function (err) { - logger.error(err); - return done(err); - }); - })); + function (email, password, done) { + if (!validator.isEmail(email)) return done(null, false) + models.User.findOne({ + where: { + email: email + } + }).then(function (user) { + if (!user) return done(null, false) + if (!user.verifyPassword(password)) return done(null, false) + return done(null, user) + }).catch(function (err) { + logger.error(err) + return done(err) + }) + })) + } +} + +module.exports = { + registerAuthMethod: registerAuthMethod } |