diff options
| author | Jules Laplace <julescarbon@gmail.com> | 2017-12-11 09:22:10 +0100 |
|---|---|---|
| committer | Jules Laplace <julescarbon@gmail.com> | 2017-12-11 09:22:10 +0100 |
| commit | 75227818ae83dded3152f3c8667db6e87f94fde7 (patch) | |
| tree | edecac4a26f1f66923083cf671498594c25054b5 /bucky | |
| parent | 8340d74a0b953b12134302eca14aaec0a0a67fba (diff) | |
log in and out
Diffstat (limited to 'bucky')
| -rw-r--r-- | bucky/app/index.js | 10 | ||||
| -rw-r--r-- | bucky/app/router.js | 11 | ||||
| -rw-r--r-- | bucky/util/auth.js | 84 |
3 files changed, 62 insertions, 43 deletions
diff --git a/bucky/app/index.js b/bucky/app/index.js index e2fcd48..0da18c7 100644 --- a/bucky/app/index.js +++ b/bucky/app/index.js @@ -21,13 +21,8 @@ var site = module.exports = {} site.init = function(){ app = express() app.set('port', 5000) - app.set('view engine', 'ejs') - app.set('views', path.join(__dirname, '../../views')) - app.use(express.static(path.join(__dirname, '../../public'))) - app.use(favicon(__dirname + '../../../public/favicon.ico')) app.use(bodyParser.json()) - app.use(bodyParser.urlencoded({ extended: false })) app.use(session({ key: 'bucky.sid', @@ -45,6 +40,7 @@ site.init = function(){ saveUninitialized: false, })) app.use(csurf({ cookie: false })) + app.disable('x-powered-by') app.use(express.query()) app.use(passport.initialize()) @@ -61,6 +57,10 @@ site.init = function(){ }) site.route(app) + + app.set('view engine', 'ejs') + app.set('views', path.join(__dirname, '../../views')) + app.use(express.static(path.join(__dirname, '../../public'))) } site.route = require('./router') diff --git a/bucky/app/router.js b/bucky/app/router.js index 007ff6b..eada09b 100644 --- a/bucky/app/router.js +++ b/bucky/app/router.js @@ -15,11 +15,6 @@ module.exports = function(app){ app.get("/", middleware.ensureAuthenticated, function(req, res){ res.redirect('/index') }) - app.get("/login", function(req, res){ - res.render("pages/login", { - title: "login" - }) - }) app.get("/index", middleware.ensureAuthenticated, function(req, res){ res.render("pages/index", { title: fortune("titles"), @@ -49,7 +44,6 @@ module.exports = function(app){ } ) - app.post("/api/login", auth.loggedInLocal) app.get("/api/index", bucky.ensureLastlog, middleware.ensureAuthenticated, @@ -66,10 +60,10 @@ module.exports = function(app){ }) } ) + app.get("/api/keyword/:keyword", bucky.ensureLastlog, middleware.ensureAuthenticated, - bucky.keyword, bucky.ensureThreadsForKeyword, bucky.ensureCommentCountsForThreads, bucky.ensureFileCountsForThreads, @@ -223,5 +217,6 @@ module.exports = function(app){ // send new mail } ) - + + auth.route(app) } diff --git a/bucky/util/auth.js b/bucky/util/auth.js index 436d5e6..6fdd5bd 100644 --- a/bucky/util/auth.js +++ b/bucky/util/auth.js @@ -1,17 +1,53 @@ -var passport = require('passport'), - LocalStrategy = require('passport-local').Strategy, - crypto = require('crypto'), - db = require('../db'); +var passport = require('passport'); +var LocalStrategy = require('passport-local').Strategy; +var crypto = require('crypto'); +var db = require('../db'); +var middleware = require('./middleware') var auth = module.exports = { init: function(){ passport.serializeUser(auth.serializeUser) passport.deserializeUser(auth.deserializeUser) - passport.use(new LocalStrategy(auth.verifyLocalUser)) + }, + + route: function(app){ + app.get("/login", + function(req, res){ + res.render("pages/login", { + title: "login" + }) + }) + app.get("/signup", function(req, res){ + res.render("pages/signup", { + title: "signup" + }) + }) + app.get("/logout", auth.logout) + app.put("/api/login", + passport.authenticate("local"), + function (req, res) { + if (req.isAuthenticated()) { + var returnTo = req.session.returnTo + delete req.session.returnTo + console.log("LOGGED IN", req.user.username) + return res.json({ + status: "OK", + user: auth.sanitizeUser(req.user), + returnTo: returnTo || "/index", + }) + } + res.json({ + error: 'bad credentials', + }) + }) + app.put("/api/checkin", + middleware.ensureAuthenticated, + auth.checkin + ) }, serializeUser: function (user, done) { @@ -39,35 +75,23 @@ var auth = module.exports = { return done(null, user) - if (! user) { - return done(null, false, { error: { errors: { username: { message: 'No such username.' } }}}) - } - if (! auth.validPassword(user, password)) { - return done(null, false, { error: { errors: { password: { message: 'Incorrect password.' } }}}) + if (! user || ! auth.validPassword(user, password)) { + return done(null, false, { error: { message: 'Bad username/password.' } }) } return done(null, user); }) }, - loggedInLocal: function (req, res, next) { - passport.authenticate("local", function(err, user, info){ - if (err) { - return res.json({ error: err }); - } - if (! user) { - return info ? res.json(info) : res.redirect("/login"); - } - - // user.last_seen = new Date () - // user.save(function(err, data){ if (err) console.err('error setting ip for user') }) - - req.logIn(user, function(err) { - if (err) { return next(err); } - var returnTo = req.session.returnTo - delete req.session.returnTo - return res.json({ status: "OK", returnTo: returnTo || "/index" }) - }); - })(req, res, next) + sanitizeUser: function (req_user) { + // sanitize user object + var user = JSON.parse(JSON.stringify(req_user)) + delete user.password + return user + }, + + checkin: function (req, res) { + var user = auth.sanitizeUser(req.user) + res.json(user) }, logout: function (req, res) { @@ -75,4 +99,4 @@ var auth = module.exports = { res.redirect('/'); }, -}
\ No newline at end of file +} |