diff options
Diffstat (limited to 'lib/auth.js')
| -rw-r--r-- | lib/auth.js | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/lib/auth.js b/lib/auth.js new file mode 100644 index 0000000..0fb757c --- /dev/null +++ b/lib/auth.js @@ -0,0 +1,72 @@ + +var passport = require('passport'), + LocalStrategy = require('passport-local').Strategy, + crypto = require('crypto'), + db = require('./db'); + + +var auth = module.exports = { + + init: function(){ + passport.serializeUser(auth.serializeUser) + passport.deserializeUser(auth.deserializeUser) + + passport.use(new LocalStrategy(auth.verifyLocalUser)) + }, + + serializeUser: function (user, done) { + done(null, user.id); + }, + + deserializeUser: function (id, done) { + db.getUser(id).then(function(user){ + done(! user, user) + }) + }, + + validPassword: function(user, pw){ + var shasum = crypto.createHash('sha1') + shasum.update(pw) + return user.get('password') === shasum.digest('hex'); + }, + + verifyLocalUser: function (username, password, done) { + // handle passwords!! + db.getUserByUsername(username).then(function(user){ + + // if (err) { return done(err); } + if (! user) { return done("no user") } + + return done(null, user) + + if (! user) { + return done(null, false, { error: { errors: { username: { message: 'No such username.' } }}}) + } + if (! auth.validPassword(user, password)) { + return done(null, false, { error: { errors: { password: { message: 'Incorrect password.' } }}}) + } + return done(null, user); + }) + }, + + loggedInLocal: function (req, res, next) { + passport.authenticate("local", function(err, user, info){ + if (err) { + return res.json({ error: err }); + } + if (! user) { + return info ? res.json(info) : res.redirect("/login"); + } + + // user.last_seen = new Date () + // user.save(function(err, data){ if (err) console.err('error setting ip for user') }) + + req.logIn(user, function(err) { + if (err) { return next(err); } + var returnTo = req.session.returnTo + delete req.session.returnTo + return res.json({ status: "OK", returnTo: returnTo || "/index" }) + }); + })(req, res, next) + }, +}
\ No newline at end of file |