moving things around

3 files changed, 105 insertions, 0 deletions

diff --git a/bucky/util/auth.js b/bucky/util/auth.js
new file mode 100644
index 0000000..436d5e6
--- /dev/null
+++ b/bucky/util/auth.js
@@ -0,0 +1,78 @@
+
+var passport = require('passport'),
+	LocalStrategy = require('passport-local').Strategy,
+	crypto = require('crypto'),
+	db = require('../db');
+
+
+var auth = module.exports = {
+  
+  init: function(){
+		passport.serializeUser(auth.serializeUser)
+		passport.deserializeUser(auth.deserializeUser)
+
+		passport.use(new LocalStrategy(auth.verifyLocalUser))
+	},
+	
+	serializeUser: function (user, done) {
+		done(null, user.id);
+	},
+
+	deserializeUser: function (id, done) {
+    db.getUser(id).then(function(user){
+      done(! user, user)
+    })
+	},
+	
+	validPassword: function(user, pw){
+    var shasum = crypto.createHash('sha1')
+    shasum.update(pw)
+    return user.get('password') === shasum.digest('hex');
+  },
+
+	verifyLocalUser: function (username, password, done) {
+    // handle passwords!!
+		db.getUserByUsername(username).then(function(user){
+
+			// if (err) { return done(err); }
+			if (! user) { return done("no user") }
+
+      return done(null, user)
+
+			if (! user) {
+				return done(null, false, { error: { errors: { username: { message: 'No such username.' } }}})
+			}
+			if (! auth.validPassword(user, password)) {
+				return done(null, false, { error: { errors: { password: { message: 'Incorrect password.' } }}})
+			}
+			return done(null, user);
+		})
+	},
+	
+	loggedInLocal: function (req, res, next) {
+		passport.authenticate("local", function(err, user, info){
+			if (err) {
+				return res.json({ error: err });
+			}
+			if (! user) {
+				return info ? res.json(info) : res.redirect("/login");
+			}
+			
+			// user.last_seen = new Date ()
+			// user.save(function(err, data){ if (err) console.err('error setting ip for user') })
+
+			req.logIn(user, function(err) {
+				if (err) { return next(err); }
+				var returnTo = req.session.returnTo
+				delete req.session.returnTo
+				return res.json({ status: "OK", returnTo: returnTo || "/index" })
+			});
+		})(req, res, next)
+  },
+
+	logout: function (req, res) {
+		req.logout();
+		res.redirect('/');
+	},
+
+}
\ No newline at end of file
diff --git a/bucky/util/middleware.js b/bucky/util/middleware.js
new file mode 100644
index 0000000..a744c89
--- /dev/null
+++ b/bucky/util/middleware.js
@@ -0,0 +1,23 @@
+var middleware = module.exports = {
+
+	ensureAuthenticated: function (req, res, next) {
+		if (! req.isAuthenticated()) {
+			req.session.returnTo = req.path
+			return res.redirect('/login')
+		}
+		next()
+	},
+	
+	ensureLocals: function (req, res, next) {
+		res.locals.csrfToken = req.csrfToken()
+		res.locals.title = "bucky"
+		if (req.isAuthenticated()) {
+      res.locals.show_header = true
+		}
+		else {
+      res.locals.show_header = false
+		}
+		next()
+	},
+	
+}
\ No newline at end of file
diff --git a/bucky/util/util.js b/bucky/util/util.js
new file mode 100644
index 0000000..e67488b
--- /dev/null
+++ b/bucky/util/util.js
@@ -0,0 +1,4 @@
+var util = module.exports = {}
+
+util.sanitizeName = function (s){ return (s || "").replace(new RegExp("[^-_a-zA-Z0-9]", 'g'), "") }
+util.sanitize = function (s){ return (s || "").replace(/<>&/g, "") }