diff options
| author | Jules Laplace <julescarbon@gmail.com> | 2017-12-12 05:31:06 +0100 |
|---|---|---|
| committer | Jules Laplace <julescarbon@gmail.com> | 2017-12-12 05:31:06 +0100 |
| commit | 3b0cde84d5186693dd48c9f136a47480b3c23c89 (patch) | |
| tree | 4c5103400d6f9fc97491f45fed04b742ff0e04ff /bucky/util/auth.js | |
| parent | 041efed20500c145a639d8303c2a0e770bba4552 (diff) | |
creating users
Diffstat (limited to 'bucky/util/auth.js')
| -rw-r--r-- | bucky/util/auth.js | 79 |
1 files changed, 59 insertions, 20 deletions
diff --git a/bucky/util/auth.js b/bucky/util/auth.js index 32d77e8..548ffcc 100644 --- a/bucky/util/auth.js +++ b/bucky/util/auth.js @@ -3,6 +3,8 @@ var passport = require('passport'); var LocalStrategy = require('passport-local').Strategy; var crypto = require('crypto'); var db = require('../db'); +var util = require('./util'); +var crypt = require('unix-crypt-td-js') var middleware = require('./middleware') @@ -27,29 +29,60 @@ var auth = module.exports = { }) }) app.get("/logout", auth.logout) + + app.put("/api/signup", + function (req, res, next) { + var username = util.sanitizeName(req.body.username) + db.getUserByUsername(username).then((user) => { + if (user) { + return res.json({ error: "user exists" }) + } + next() + }) + }, + function (req, res, next) { + if (req.body.password !== req.body.password2) { + return res.json({ error: "passwords don't match" }) + } + var username = util.sanitizeName(req.body.username) + var data = { + username: username, + realname: util.sanitizeName(req.body.realname), + password: auth.makePassword(username, req.body.password), + grass: util.sanitizeName(req.body.grass), + firstseen: util.now(), + lastseen: util.now(), + lastsession: util.now(), + } + db.createUser(data).then(() => next()) + }, + passport.authenticate("local"), + auth.login) app.put("/api/login", passport.authenticate("local"), - function (req, res) { - if (req.isAuthenticated()) { - var returnTo = req.session.returnTo - delete req.session.returnTo - console.log(">> logged in", req.user.get('username')) - return res.json({ - status: "OK", - user: auth.sanitizeUser(req.user), - returnTo: returnTo || "/index", - }) - } - res.json({ - error: 'bad credentials', - }) - }) + auth.login) app.put("/api/checkin", middleware.ensureAuthenticated, auth.checkin ) }, - + + login: function (req, res) { + if (req.isAuthenticated()) { + var returnTo = req.session.returnTo + delete req.session.returnTo + console.log(">> logged in", req.user.get('username')) + return res.json({ + status: "OK", + user: util.sanitizeUser(req.user), + returnTo: returnTo || "/index", + }) + } + res.json({ + error: 'bad credentials', + }) + }, + serializeUser: function (user, done) { done(null, user.id); }, @@ -60,10 +93,16 @@ var auth = module.exports = { }) }, + makePassword: function(username, pw) { + var salt = username.substr(0, 2) // lol + return crypt(pw, salt) + // var shasum = crypto.createHash('sha1') + // shasum.update(pw) + // return shasum.digest('hex'); + }, + validPassword: function(user, pw){ - var shasum = crypto.createHash('sha1') - shasum.update(pw) - return user.get('password') === shasum.digest('hex'); + return user.get('password') === auth.makePassword(user.get('username'), pw); }, verifyLocalUser: function (username, password, done) { @@ -83,7 +122,7 @@ var auth = module.exports = { }, checkin: function (req, res) { - var user = auth.sanitizeUser(req.user) + var user = util.sanitizeUser(req.user) res.json(user) }, |