105 lines
2.9 KiB
JavaScript
105 lines
2.9 KiB
JavaScript
// Passport protocol configurations
|
|
const crypto = require('crypto')
|
|
const base64URL = require('base64url')
|
|
|
|
module.exports.protocols = {
|
|
local: {
|
|
/**
|
|
* Validate a login request
|
|
*
|
|
* Looks up a user using the supplied identifier (email or username) and then
|
|
* attempts to find a local Passport associated with the user. If a Passport is
|
|
* found, its password is checked against the password supplied in the form.
|
|
*
|
|
* @param {Object} req
|
|
* @param {string} identifier
|
|
* @param {string} password
|
|
* @param {Function} next
|
|
*/
|
|
login: async function (req, identifier, password, next) {
|
|
if (!validateEmail(identifier)) {
|
|
return next(new Error('invalid email address'), false)
|
|
}
|
|
try {
|
|
const user = await User.findOne({
|
|
email: identifier
|
|
})
|
|
if (!user) throw new Error('an account with that email was not found')
|
|
|
|
const passport = await Passport.findOne({
|
|
protocol: 'local',
|
|
user: user.id
|
|
})
|
|
if (passport) {
|
|
const res = await Passport.validatePassword(password, passport)
|
|
if (!res) throw new Error('incorrect password')
|
|
return next(null, user)
|
|
} else {
|
|
throw new Error('that account does not have password login enabled')
|
|
}
|
|
} catch (e) {
|
|
return next(e, false)
|
|
}
|
|
},
|
|
register: async function (user, next) {
|
|
try {
|
|
const token = generateToken()
|
|
const password = user.password
|
|
if (!password.length) throw new Error('password cannot be blank')
|
|
delete user.password
|
|
|
|
const newUser = await User.create(user).fetch()
|
|
try {
|
|
await Passport.create({
|
|
protocol: 'local',
|
|
password,
|
|
user: newUser.id,
|
|
accesstoken: token
|
|
})
|
|
return next(null, token)
|
|
} catch (e) {
|
|
await User.destroy(newUser.id)
|
|
throw e
|
|
}
|
|
} catch (e) {
|
|
return next(e)
|
|
}
|
|
},
|
|
update: async function (user, next) {
|
|
throw new Error('not implemented')
|
|
},
|
|
connect: async function (req, res, next) {
|
|
try {
|
|
const user = req.user
|
|
const password = req.param('password')
|
|
|
|
const pass = await Passport.findOne({
|
|
protocol: 'local',
|
|
user: user.id
|
|
})
|
|
if (!pass) {
|
|
await Passport.create({
|
|
protocol: 'local',
|
|
password,
|
|
user: user.id
|
|
})
|
|
} else {
|
|
return next(null, user)
|
|
}
|
|
} catch (e) {
|
|
return next(e)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
const EMAIL_REGEX = /^(([^<>()[\].,;:\s@"]+(\.[^<>()[\].,;:\s@"]+)*)|(".+"))@(([^<>()[\].,;:\s@"]+\.)+[^<>()[\].,;:\s@"]{2,})$/i
|
|
|
|
function validateEmail (email) {
|
|
return EMAIL_REGEX.test(email)
|
|
}
|
|
|
|
function generateToken () {
|
|
return base64URL(crypto.randomBytes(48))
|
|
}
|