diff options
Diffstat (limited to 'server')
| -rw-r--r-- | server/index.js | 6 | ||||
| -rw-r--r-- | server/lib/auth.js | 28 | ||||
| -rw-r--r-- | server/lib/middleware.js | 25 | ||||
| -rw-r--r-- | server/lib/schemas/User.js | 1 | ||||
| -rw-r--r-- | server/lib/util.js | 8 |
5 files changed, 64 insertions, 4 deletions
diff --git a/server/index.js b/server/index.js index 59dc7a5..a45ff36 100644 --- a/server/index.js +++ b/server/index.js @@ -41,6 +41,7 @@ app.use(express.session({ })); app.use(express.bodyParser()); app.use(express.query()); +app.use(express.csrf()); app.use(express.methodOverride()); app.use(passport.initialize()); app.use(passport.session()); @@ -55,10 +56,13 @@ auth.init() // Essential middleware // app.all('*', middleware.enableCORS); +app.all('*', middleware.ensureLocals); + // Initialize views app.get('/', views.home); app.get('/login', views.login); -app.post('/login', auth.loggedIn('local')); +app.post('/auth/signin', auth.loggedIn('local')); +app.post('/auth/signup', auth.signup); app.get('/logout', auth.logout); app.get('/auth/twitter', auth.login('twitter')); app.get('/auth/twitter/callback', auth.loggedIn('twitter')); diff --git a/server/lib/auth.js b/server/lib/auth.js index b7a2772..262d5f8 100644 --- a/server/lib/auth.js +++ b/server/lib/auth.js @@ -3,8 +3,10 @@ var passport = require('passport'), FacebookStrategy = require('passport-facebook').Strategy, TwitterStrategy = require('passport-twitter').Strategy, + LocalStrategy = require('passport-local').Strategy, passportSocketIo = require("passport.socketio"), _ = require('lodash'), + util = require('./util'), config = require('../../config.json'), User = require('./schemas/User'); @@ -14,7 +16,7 @@ var auth = { passport.serializeUser(auth.serializeUser); passport.deserializeUser(auth.deserializeUser); - passport.use(auth.verifyLocalUser) + passport.use(new LocalStrategy(auth.verifyLocalUser)) passport.use(new TwitterStrategy({ consumerKey: process.env.VVALLS_TWITTER_KEY || '0L5blfBIapqhpons8bCXdIoGM', @@ -85,6 +87,29 @@ var auth = { }); }, + signup: function (req, res){ + var username = util.trim(req.body.username) + var password = req.body.password + var email = util.trim(req.body.email) + + User.findOne({ username: username }, function (err, user) { + if (user) { + res.json({ error: { errors: { username: "Username has been taken" } } }) + return + } + var data = { + username: username, + displayName: username, + password: password, + email: email + } + new User(data).save(function(err, data){ + if (err || ! data) { return res.json({ error: err }) } + res.json({ status: "OK", payload: data }) + }) + }) + }, + verifyLocalUser: function (username, password, done) { User.findOne({ username: username }, function(err, user){ if (err) { return done(err); } @@ -122,7 +147,6 @@ var auth = { }, insertFacebookUser: function (accessToken, refreshToken, profile, done) { - console.log(profile) process.nextTick(function () { var userData = { facebook_id: profile.id, diff --git a/server/lib/middleware.js b/server/lib/middleware.js index dea8019..cace91f 100644 --- a/server/lib/middleware.js +++ b/server/lib/middleware.js @@ -17,6 +17,31 @@ var middleware = { next(); }, + ensureAuthenticated: function (req, res, next) { + if (! req.isAuthenticated()) { + req.session.returnTo = req.path; + return res.redirect('/login'); + } + next(); + }, + + ensureIsAdmin: function (req, res, next) { + User.findOne({ _id: req.user._id }, function (err, user) { + if (! user.isAdmin) { + return res.redirect('http://' + config.host + '/' + req.user.username); + } + req.user = user + next(); + }); + }, + + ensureLocals: function (req, res, next) { + res.locals.token = req.csrfToken(); + res.locals.logged_in = req.isAuthenticated() + res.locals.user = req.user || {} + next() + }, + } module.exports = middleware diff --git a/server/lib/schemas/User.js b/server/lib/schemas/User.js index 76a1255..c619685 100644 --- a/server/lib/schemas/User.js +++ b/server/lib/schemas/User.js @@ -53,7 +53,6 @@ var UserSchema = new mongoose.Schema({ }, photo: { type: String, - required: true }, bio: { type: String, diff --git a/server/lib/util.js b/server/lib/util.js new file mode 100644 index 0000000..45902f3 --- /dev/null +++ b/server/lib/util.js @@ -0,0 +1,8 @@ + +var whitespaceHead = /^\s+/ +var whitespaceTail = /\s+$/ + +var util = {} +util.trim = function (s){ return s.replace(whitespaceHead,"").replace(whitespaceTail,"") } + +module.exports = util |