diff --git a/api/controllers/AuthController.js b/api/controllers/AuthController.js index 06c88d5..f1d1ac9 100644 --- a/api/controllers/AuthController.js +++ b/api/controllers/AuthController.js @@ -108,7 +108,7 @@ module.exports = { } else { // make sure the server always returns a response to the client // i.e passport-local bad username/email or password - res.status(403).json({ + res.status(401).json({ 'error': err.toString() }) } diff --git a/api/controllers/UserController.js b/api/controllers/UserController.js index 025eee2..7eae227 100644 --- a/api/controllers/UserController.js +++ b/api/controllers/UserController.js @@ -12,7 +12,9 @@ module.exports = { create: async function (req, res, next) { const passportHelper = await sails.helpers.passport() passportHelper.protocols.local.register(req.body, function (err, user) { - if (err) return res.negotiate(err) + if (err) return res.status(500).json({ + error: err.toString() + }) res.json(user) }) @@ -21,7 +23,9 @@ module.exports = { update: async function (req, res, next) { const passportHelper = await sails.helpers.passport() passportHelper.protocols.local.update(req.body, function (err, user) { - if (err) return res.negotiate(err) + if (err) return res.status(500).json({ + error: err.toString() + }) res.json(user) }) diff --git a/api/helpers/passport.js b/api/helpers/passport.js index 6a1b3b8..0c38186 100644 --- a/api/helpers/passport.js +++ b/api/helpers/passport.js @@ -1,5 +1,6 @@ // api/helpers/passport.js // from https://github.com/trailsjs/sails-auth/blob/master/api/services/passport.js + const url = require('url') module.exports = { @@ -17,8 +18,19 @@ module.exports = { } } +const passport = require('passport') +passport.serializeUser(function (user, next) { + next(null, user.id) +}) +passport.deserializeUser(function (id, next) { + return User.findOne({id: id}) + .then(function (user) { + next(null, user || null) + return user + }).catch(next) +}) + function PassportHelper () { - const passport = require('passport') this.protocols = sails.config.protocols this.loadStrategies = function () { @@ -110,7 +122,7 @@ function PassportHelper () { let user if (!req.user) { - if (!passport) { // new user signing up, create a new user + if (!passport) { // new user signing up, create a new user user = await User.create(userAttrs).fetch() await Passport.create({ ...q, diff --git a/api/models/Passport.js b/api/models/Passport.js index ba48952..c65c1c6 100644 --- a/api/models/Passport.js +++ b/api/models/Passport.js @@ -52,15 +52,17 @@ module.exports = { /** * callback run before creating a Passport */ - beforeCreate: async function (passport) { - return hashPassword(passport) + beforeCreate: async function (passport, next) { + await hashPassword(passport) + return next() }, /** * callback run before updating */ - beforeUpdate: async function (passport) { - return hashPassword(passport) + beforeUpdate: async function (passport, next) { + await hashPassword(passport) + return next() }, // methods diff --git a/config/protocols.js b/config/protocols.js index 5c3fe01..59c85fd 100644 --- a/config/protocols.js +++ b/config/protocols.js @@ -34,6 +34,8 @@ module.exports.protocols = { const res = await Passport.validatePassword(password, passport) if (!res) throw new Error('incorrect password') return next(null, user, passport) + } else { + throw new Error('that account does not have password login enabled') } } catch (e) { return next(e) @@ -54,11 +56,12 @@ module.exports.protocols = { user: newUser.id, accessToken: token }) + return next(null, newUser) } catch (e) { + console.log(newUser) await User.destroy(newUser.id) throw e } - return next(null, newUser) } catch (e) { return next(e) } diff --git a/config/routes.js b/config/routes.js index 490dc69..9c43204 100644 --- a/config/routes.js +++ b/config/routes.js @@ -31,6 +31,7 @@ module.exports.routes = { 'GET /register': { view: 'pages/login' }, + 'GET /app': 'TargetController.show', /*************************************************************************** * *