diff options
Diffstat (limited to 'bucky/util')
| -rw-r--r-- | bucky/util/auth.js | 78 | ||||
| -rw-r--r-- | bucky/util/middleware.js | 23 | ||||
| -rw-r--r-- | bucky/util/util.js | 6 |
3 files changed, 107 insertions, 0 deletions
diff --git a/bucky/util/auth.js b/bucky/util/auth.js new file mode 100644 index 0000000..436d5e6 --- /dev/null +++ b/bucky/util/auth.js @@ -0,0 +1,78 @@ + +var passport = require('passport'), + LocalStrategy = require('passport-local').Strategy, + crypto = require('crypto'), + db = require('../db'); + + +var auth = module.exports = { + + init: function(){ + passport.serializeUser(auth.serializeUser) + passport.deserializeUser(auth.deserializeUser) + + passport.use(new LocalStrategy(auth.verifyLocalUser)) + }, + + serializeUser: function (user, done) { + done(null, user.id); + }, + + deserializeUser: function (id, done) { + db.getUser(id).then(function(user){ + done(! user, user) + }) + }, + + validPassword: function(user, pw){ + var shasum = crypto.createHash('sha1') + shasum.update(pw) + return user.get('password') === shasum.digest('hex'); + }, + + verifyLocalUser: function (username, password, done) { + // handle passwords!! + db.getUserByUsername(username).then(function(user){ + + // if (err) { return done(err); } + if (! user) { return done("no user") } + + return done(null, user) + + if (! user) { + return done(null, false, { error: { errors: { username: { message: 'No such username.' } }}}) + } + if (! auth.validPassword(user, password)) { + return done(null, false, { error: { errors: { password: { message: 'Incorrect password.' } }}}) + } + return done(null, user); + }) + }, + + loggedInLocal: function (req, res, next) { + passport.authenticate("local", function(err, user, info){ + if (err) { + return res.json({ error: err }); + } + if (! user) { + return info ? res.json(info) : res.redirect("/login"); + } + + // user.last_seen = new Date () + // user.save(function(err, data){ if (err) console.err('error setting ip for user') }) + + req.logIn(user, function(err) { + if (err) { return next(err); } + var returnTo = req.session.returnTo + delete req.session.returnTo + return res.json({ status: "OK", returnTo: returnTo || "/index" }) + }); + })(req, res, next) + }, + + logout: function (req, res) { + req.logout(); + res.redirect('/'); + }, + +}
\ No newline at end of file diff --git a/bucky/util/middleware.js b/bucky/util/middleware.js new file mode 100644 index 0000000..a744c89 --- /dev/null +++ b/bucky/util/middleware.js @@ -0,0 +1,23 @@ +var middleware = module.exports = { + + ensureAuthenticated: function (req, res, next) { + if (! req.isAuthenticated()) { + req.session.returnTo = req.path + return res.redirect('/login') + } + next() + }, + + ensureLocals: function (req, res, next) { + res.locals.csrfToken = req.csrfToken() + res.locals.title = "bucky" + if (req.isAuthenticated()) { + res.locals.show_header = true + } + else { + res.locals.show_header = false + } + next() + }, + +}
\ No newline at end of file diff --git a/bucky/util/util.js b/bucky/util/util.js new file mode 100644 index 0000000..d4b6b8a --- /dev/null +++ b/bucky/util/util.js @@ -0,0 +1,6 @@ +var util = module.exports = {} + +util.sanitizeName = function (s){ return (s || "").replace(new RegExp("[^-_a-zA-Z0-9]", 'g'), "") } +util.sanitize = function (s){ return (s || "").replace(/<>&/g, "") } + +util.now = function(){ return Math.floor( (+ new Date()) / 1000 ) } |