From 079822dfecfba659a491034c447c679dab2424c7 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Mon, 9 May 2016 16:27:35 -0400 Subject: Start extending to support GitLab authentication. Add necessary dependency. Add baseURL parameter for self-hosted GitLab Add necessary require. Add block for GitLab auth. Fix typo Update font-awesome dependency for GitLab icon. Use a color closer to GitLab orange. More direct TODO --- lib/auth.js | 10 ++++++++++ lib/config.js | 2 ++ lib/response.js | 2 ++ 3 files changed, 14 insertions(+) (limited to 'lib') diff --git a/lib/auth.js b/lib/auth.js index af3e8d1d..d495605a 100644 --- a/lib/auth.js +++ b/lib/auth.js @@ -4,6 +4,7 @@ var passport = require('passport'); var FacebookStrategy = require('passport-facebook').Strategy; var TwitterStrategy = require('passport-twitter').Strategy; var GithubStrategy = require('passport-github').Strategy; +var GitlabStrategy = require('passport-gitlab2').Strategy; var DropboxStrategy = require('passport-dropbox-oauth2').Strategy; //core @@ -56,6 +57,15 @@ if (config.github) { callbackURL: config.serverurl + '/auth/github/callback' }, callback)); } +//gitlab +if (config.gitlab) { + passport.use(new GitlabStrategy({ + baseURL: config.gitlab.baseURL, + clientID: config.gitlab.clientID, + clientSecret: config.gitlab.clientSecret, + callbackURL: config.serverurl + '/auth/gitlab/callback' + }, callback)); +} //dropbox if (config.dropbox) { passport.use(new DropboxStrategy({ diff --git a/lib/config.js b/lib/config.js index 6738d4a8..c138b459 100644 --- a/lib/config.js +++ b/lib/config.js @@ -59,6 +59,7 @@ var documentmaxlength = config.documentmaxlength || 100000; var facebook = config.facebook || false; var twitter = config.twitter || false; var github = config.github || false; +var gitlab = config.gitlab || false; var dropbox = config.dropbox || false; var imgur = config.imgur || false; @@ -110,6 +111,7 @@ module.exports = { facebook: facebook, twitter: twitter, github: github, + gitlab: gitlab, dropbox: dropbox, imgur: imgur }; \ No newline at end of file diff --git a/lib/response.js b/lib/response.js index 7a75e234..2114c99b 100644 --- a/lib/response.js +++ b/lib/response.js @@ -94,6 +94,7 @@ function showIndex(req, res, next) { facebook: config.facebook, twitter: config.twitter, github: config.github, + gitlab: config.gitlab, dropbox: config.dropbox, }); res.write(content); @@ -124,6 +125,7 @@ function responseHackMD(res, note) { facebook: config.facebook, twitter: config.twitter, github: config.github, + gitlab: config.gitlab, dropbox: config.dropbox, }); var buf = html; -- cgit v1.2.3 From 521f96fb11af9b2669c6d7002f983d3e7cc99e79 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Mon, 9 May 2016 17:07:23 -0400 Subject: Skeletons for GitLab actions. --- lib/response.js | 83 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) (limited to 'lib') diff --git a/lib/response.js b/lib/response.js index 2114c99b..63099b8d 100644 --- a/lib/response.js +++ b/lib/response.js @@ -321,6 +321,17 @@ function actionGist(req, res, note) { res.redirect("https://github.com/login/oauth/authorize?" + query); } +function actionSnippet(req, res, note) { + var data = { + client_id: config.gitlab.clientID, + redirect_uri: config.serverurl + '/auth/github/callback/' + LZString.compressToBase64(note.id) + '/gist', + scope: "snippet", + state: shortId.generate() + }; + var query = querystring.stringify(data); + res.redirect(config.gitlab.baseURL + "/login/oauth/authorize?" + query); +} + function noteActions(req, res, next) { var noteId = req.params.noteId; findNote(req, res, function (note) { @@ -378,6 +389,21 @@ function githubActions(req, res, next) { }); } +function gitlabActions(req, res, next) { + var noteId = req.params.noteId; + findNote(req, res, function (note) { + var action = req.params.action; + switch (action) { + case "gist": + gitlabActionSnippet(req, res, note); + break; + default: + res.redirect(config.serverurl + '/' + noteId); + break; + } + }); +} + function githubActionGist(req, res, note) { var code = req.query.code; var state = req.query.state; @@ -435,6 +461,63 @@ function githubActionGist(req, res, note) { } } +function gitlabActionSnippet(req, res, note) { + var code = req.query.code; + var state = req.query.state; + if (!code || !state) { + return response.errorForbidden(res); + } else { + var data = { + client_id: config.gitlab.clientID, + client_secret: config.gitlab.clientSecret, + code: code, + state: state + } + var auth_url = config.gitlab.baseURL + '/login/oauth/access_token'; + request({ + url: auth_url, + method: "POST", + json: data + }, function (error, httpResponse, body) { + if (!error && httpResponse.statusCode == 200) { + var access_token = body.access_token; + if (access_token) { + var content = LZString.decompressFromBase64(note.content); + var title = models.Note.decodeTitle(note.title); + var filename = title.replace('/', ' ') + '.md'; + var gist = { + "files": {} + }; + gist.files[filename] = { + "content": content + }; + var gist_url = "https://api.gitlab.com/snippets"; + request({ + url: gist_url, + headers: { + 'User-Agent': 'HackMD', + 'Authorization': 'token ' + access_token + }, + method: "POST", + json: gist + }, function (error, httpResponse, body) { + if (!error && httpResponse.statusCode == 201) { + res.setHeader('referer', ''); + res.redirect(body.html_url); + } else { + return response.errorForbidden(res); + } + }); + } else { + return response.errorForbidden(res); + } + } else { + return response.errorForbidden(res); + } + }) + } +} + function showPublishSlide(req, res, next) { findNote(req, res, function (note) { note.increment('viewcount').then(function (note) { -- cgit v1.2.3 From a443490ee6257d2e2a5dfabcd9455101c1a5b4c0 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Wed, 11 May 2016 17:04:45 -0400 Subject: Add accessToken column --- lib/models/user.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/models/user.js b/lib/models/user.js index e1a373d6..639fc226 100644 --- a/lib/models/user.js +++ b/lib/models/user.js @@ -23,6 +23,9 @@ module.exports = function (sequelize, DataTypes) { }, history: { type: DataTypes.TEXT + }, + accessToken: { + type: DataTypes.STRING } }, { classMethods: { @@ -72,6 +75,6 @@ module.exports = function (sequelize, DataTypes) { } } }); - + return User; }; \ No newline at end of file -- cgit v1.2.3 From 17daf322398c804fa91c08c16c3f48ada4d17b95 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Wed, 11 May 2016 17:04:55 -0400 Subject: Remove skeleton functions --- lib/response.js | 83 --------------------------------------------------------- 1 file changed, 83 deletions(-) (limited to 'lib') diff --git a/lib/response.js b/lib/response.js index 63099b8d..2114c99b 100644 --- a/lib/response.js +++ b/lib/response.js @@ -321,17 +321,6 @@ function actionGist(req, res, note) { res.redirect("https://github.com/login/oauth/authorize?" + query); } -function actionSnippet(req, res, note) { - var data = { - client_id: config.gitlab.clientID, - redirect_uri: config.serverurl + '/auth/github/callback/' + LZString.compressToBase64(note.id) + '/gist', - scope: "snippet", - state: shortId.generate() - }; - var query = querystring.stringify(data); - res.redirect(config.gitlab.baseURL + "/login/oauth/authorize?" + query); -} - function noteActions(req, res, next) { var noteId = req.params.noteId; findNote(req, res, function (note) { @@ -389,21 +378,6 @@ function githubActions(req, res, next) { }); } -function gitlabActions(req, res, next) { - var noteId = req.params.noteId; - findNote(req, res, function (note) { - var action = req.params.action; - switch (action) { - case "gist": - gitlabActionSnippet(req, res, note); - break; - default: - res.redirect(config.serverurl + '/' + noteId); - break; - } - }); -} - function githubActionGist(req, res, note) { var code = req.query.code; var state = req.query.state; @@ -461,63 +435,6 @@ function githubActionGist(req, res, note) { } } -function gitlabActionSnippet(req, res, note) { - var code = req.query.code; - var state = req.query.state; - if (!code || !state) { - return response.errorForbidden(res); - } else { - var data = { - client_id: config.gitlab.clientID, - client_secret: config.gitlab.clientSecret, - code: code, - state: state - } - var auth_url = config.gitlab.baseURL + '/login/oauth/access_token'; - request({ - url: auth_url, - method: "POST", - json: data - }, function (error, httpResponse, body) { - if (!error && httpResponse.statusCode == 200) { - var access_token = body.access_token; - if (access_token) { - var content = LZString.decompressFromBase64(note.content); - var title = models.Note.decodeTitle(note.title); - var filename = title.replace('/', ' ') + '.md'; - var gist = { - "files": {} - }; - gist.files[filename] = { - "content": content - }; - var gist_url = "https://api.gitlab.com/snippets"; - request({ - url: gist_url, - headers: { - 'User-Agent': 'HackMD', - 'Authorization': 'token ' + access_token - }, - method: "POST", - json: gist - }, function (error, httpResponse, body) { - if (!error && httpResponse.statusCode == 201) { - res.setHeader('referer', ''); - res.redirect(body.html_url); - } else { - return response.errorForbidden(res); - } - }); - } else { - return response.errorForbidden(res); - } - } else { - return response.errorForbidden(res); - } - }) - } -} - function showPublishSlide(req, res, next) { findNote(req, res, function (note) { note.increment('viewcount').then(function (note) { -- cgit v1.2.3 From e545de72a6daab8f51d4b39ec9e33563eb16ee68 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Wed, 11 May 2016 17:06:05 -0400 Subject: Add accessToken saving. --- lib/auth.js | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/auth.js b/lib/auth.js index d495605a..ec45eea3 100644 --- a/lib/auth.js +++ b/lib/auth.js @@ -19,13 +19,23 @@ function callback(accessToken, refreshToken, profile, done) { profileid: profile.id.toString() }, defaults: { - profile: JSON.stringify(profile) + profile: JSON.stringify(profile), + accessToken: accessToken, + refreshToken: refreshToken } }).spread(function(user, created) { if (user) { - if (config.debug) - logger.info('user login: ' + user.id); - return done(null, user); + if(user.accessToken == accessToken){ + if (config.debug) + logger.info('user login: ' + user.id); + return done(null, user); + } + user.accessToken = accessToken; + user.save().then(function(){ + if (config.debug) + logger.info('user login: ' + user.id); + return done(null, user); + }) } }).catch(function(err) { logger.error('auth callback failed: ' + err); -- cgit v1.2.3 From 0adc0864d5aa7348cfdb624b66776303691c0377 Mon Sep 17 00:00:00 2001 From: Jason Croft Date: Thu, 12 May 2016 13:26:50 -0400 Subject: Retrieve GitLab avatar. --- lib/models/user.js | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lib') diff --git a/lib/models/user.js b/lib/models/user.js index 639fc226..2323dc92 100644 --- a/lib/models/user.js +++ b/lib/models/user.js @@ -66,6 +66,9 @@ module.exports = function (sequelize, DataTypes) { case "github": photo = 'https://avatars.githubusercontent.com/u/' + profile.id + '?s=48'; break; + case "gitlab": + photo = profile.avatarUrl; + break; case "dropbox": //no image api provided, use gravatar photo = 'https://www.gravatar.com/avatar/' + md5(profile.emails[0].value); -- cgit v1.2.3