diff options
| author | Jules Laplace <julescarbon@gmail.com> | 2018-09-17 01:01:02 +0200 |
|---|---|---|
| committer | Jules Laplace <julescarbon@gmail.com> | 2018-09-17 01:01:02 +0200 |
| commit | a77d0812d52d52d80bc750832b4e0fe065ce4cac (patch) | |
| tree | d29617df2ccfdb34baaf75ca11fcd244614bc769 /app/server/util | |
| parent | d5d76a51cf79238c3177aa507213191d279d45ed (diff) | |
login works\!
Diffstat (limited to 'app/server/util')
| -rw-r--r-- | app/server/util/auth.js | 39 |
1 files changed, 27 insertions, 12 deletions
diff --git a/app/server/util/auth.js b/app/server/util/auth.js index fde0263..5fc5d1f 100644 --- a/app/server/util/auth.js +++ b/app/server/util/auth.js @@ -6,6 +6,8 @@ import db from '../db' const { user: userModel } = db.models export function route(app, serve_index){ + app.use(passport.initialize()) + app.use(passport.session()) passport.serializeUser(serializeUser) passport.deserializeUser(deserializeUser) passport.use(new LocalStrategy(verifyLocalUser)) @@ -36,8 +38,13 @@ export function ensureAuthenticated(req, res, next) { next() } +export function getUserByUsername(username) { + return userModel.show(sanitizeName(username), 'username') +} + export function checkIfUserExists(req, res, next) { - userModel.show(sanitizeName(req.body.username), 'username').then((user) => { + getUserByUsername(req.body.username) + .then((user) => { console.log('gotta user?', !!user); user ? res.json({ error: "user exists" }) : next() }).catch(err => { @@ -49,6 +56,12 @@ export function sanitizeName(s) { return (s || "").replace(new RegExp('[^-_a-zA- export function sanitizeUser(req_user) { // sanitize user object let user = JSON.parse(JSON.stringify(req_user)) + try { + user.profile = JSON.parse(user.profile) + } catch (e) { + console.error('error decoding profile') + user.profile = {} + } delete user.password return user } @@ -61,7 +74,7 @@ export function createUser(req, res, next) { let data = { username: sanitizeName(username), realname: sanitizeName(username), - password: makePassword(username, password), + password: makePassword(password), lastseen: new Date(), level: 0, profile: {}, @@ -72,10 +85,11 @@ export function createUser(req, res, next) { } export function login(req, res) { + console.log(req.user) if (req.isAuthenticated()) { let returnTo = req.session.returnTo delete req.session.returnTo - console.log(">> logged in", req.user.get('username')) + console.log(">> logged in", req.user.username) return res.json({ status: "OK", user: sanitizeUser(req.user), @@ -104,7 +118,7 @@ export function makePassword(password) { } export function validPassword(user, password) { - return user.get('password') === makePassword(password) + return user.password === makePassword(password) } export function changePassword(req, res, next) { @@ -115,20 +129,21 @@ export function changePassword(req, res, next) { if (!validPassword(res.user, req.body.oldpassword)) { return res.send({ error: 'Password is incorrect.' }) } - let username = req.user.get('username') - let newPassword = makePassword(username, req.body.newpassword) - res.user.set('password', newPassword) - res.user.save().then(() => next()).catch(err => res.send({ error: err })) + let username = req.user.username + let newPassword = makePassword(req.body.newpassword) + res.user.password = newPassword + res.user.save() + .then(next) + .catch(err => res.send({ error: err })) } export function verifyLocalUser(username, password, done) { // handle passwords!! - db.getUserByUsername(username).then(function(user){ - + getUserByUsername(username) + .then(user => { + console.log(user) // if (err) { return done(err) } if (! user) { return done("no user") } - - // return done(null, user) if (! user || ! validPassword(user, password)) { return done(null, false, { error: { message: 'Bad username/password.' } }) } |