diff options
Diffstat (limited to 'bucky/util/auth.js')
| -rw-r--r-- | bucky/util/auth.js | 84 |
1 files changed, 54 insertions, 30 deletions
diff --git a/bucky/util/auth.js b/bucky/util/auth.js index 436d5e6..6fdd5bd 100644 --- a/bucky/util/auth.js +++ b/bucky/util/auth.js @@ -1,17 +1,53 @@ -var passport = require('passport'), - LocalStrategy = require('passport-local').Strategy, - crypto = require('crypto'), - db = require('../db'); +var passport = require('passport'); +var LocalStrategy = require('passport-local').Strategy; +var crypto = require('crypto'); +var db = require('../db'); +var middleware = require('./middleware') var auth = module.exports = { init: function(){ passport.serializeUser(auth.serializeUser) passport.deserializeUser(auth.deserializeUser) - passport.use(new LocalStrategy(auth.verifyLocalUser)) + }, + + route: function(app){ + app.get("/login", + function(req, res){ + res.render("pages/login", { + title: "login" + }) + }) + app.get("/signup", function(req, res){ + res.render("pages/signup", { + title: "signup" + }) + }) + app.get("/logout", auth.logout) + app.put("/api/login", + passport.authenticate("local"), + function (req, res) { + if (req.isAuthenticated()) { + var returnTo = req.session.returnTo + delete req.session.returnTo + console.log("LOGGED IN", req.user.username) + return res.json({ + status: "OK", + user: auth.sanitizeUser(req.user), + returnTo: returnTo || "/index", + }) + } + res.json({ + error: 'bad credentials', + }) + }) + app.put("/api/checkin", + middleware.ensureAuthenticated, + auth.checkin + ) }, serializeUser: function (user, done) { @@ -39,35 +75,23 @@ var auth = module.exports = { return done(null, user) - if (! user) { - return done(null, false, { error: { errors: { username: { message: 'No such username.' } }}}) - } - if (! auth.validPassword(user, password)) { - return done(null, false, { error: { errors: { password: { message: 'Incorrect password.' } }}}) + if (! user || ! auth.validPassword(user, password)) { + return done(null, false, { error: { message: 'Bad username/password.' } }) } return done(null, user); }) }, - loggedInLocal: function (req, res, next) { - passport.authenticate("local", function(err, user, info){ - if (err) { - return res.json({ error: err }); - } - if (! user) { - return info ? res.json(info) : res.redirect("/login"); - } - - // user.last_seen = new Date () - // user.save(function(err, data){ if (err) console.err('error setting ip for user') }) - - req.logIn(user, function(err) { - if (err) { return next(err); } - var returnTo = req.session.returnTo - delete req.session.returnTo - return res.json({ status: "OK", returnTo: returnTo || "/index" }) - }); - })(req, res, next) + sanitizeUser: function (req_user) { + // sanitize user object + var user = JSON.parse(JSON.stringify(req_user)) + delete user.password + return user + }, + + checkin: function (req, res) { + var user = auth.sanitizeUser(req.user) + res.json(user) }, logout: function (req, res) { @@ -75,4 +99,4 @@ var auth = module.exports = { res.redirect('/'); }, -}
\ No newline at end of file +} |