wiki/server/core/auth.js

const passport = require('passport')
const passportJWT = require('passport-jwt')
const fs = require('fs-extra')
const _ = require('lodash')
const path = require('path')

const securityHelper = require('../helpers/security')

/* global WIKI */

module.exports = {
  strategies: {},
  init() {
    this.passport = passport

    // Serialization user methods

    passport.serializeUser(function (user, done) {
      done(null, user.id)
    })

    passport.deserializeUser(function (id, done) {
      WIKI.models.users.query().findById(id).then((user) => {
        if (user) {
          done(null, user)
        } else {
          done(new Error(WIKI.lang.t('auth:errors:usernotfound')), null)
        }
        return true
      }).catch((err) => {
        done(err, null)
      })
    })

    return this
  },
  async activateStrategies() {
    try {
      // Unload any active strategies
      WIKI.auth.strategies = {}
      const currentStrategies = _.keys(passport._strategies)
      _.pull(currentStrategies, 'session')
      _.forEach(currentStrategies, stg => { passport.unuse(stg) })

      // Load JWT
      passport.use('jwt', new passportJWT.Strategy({
        jwtFromRequest: securityHelper.extractJWT,
        secretOrKey: WIKI.config.certs.public,
        audience: 'urn:wiki.js', // TODO: use value from admin
        issuer: 'urn:wiki.js'
      }, (jwtPayload, cb) => {
        cb(null, jwtPayload)
      }))

      // Load enabled strategies
      const enabledStrategies = await WIKI.models.authentication.getStrategies()
      for (let idx in enabledStrategies) {
        const stg = enabledStrategies[idx]
        if (!stg.isEnabled) { continue }

        const strategy = require(`../modules/authentication/${stg.key}/authentication.js`)

        stg.config.callbackURL = `${WIKI.config.host}/login/${stg.key}/callback` // TODO: config.host
        strategy.init(passport, stg.config)

        fs.readFile(path.join(WIKI.ROOTPATH, `assets/svg/auth-icon-${strategy.key}.svg`), 'utf8').then(iconData => {
          strategy.icon = iconData
        }).catch(err => {
          if (err.code === 'ENOENT') {
            strategy.icon = '[missing icon]'
          } else {
            WIKI.logger.warn(err)
          }
        })
        WIKI.auth.strategies[stg.key] = strategy
        WIKI.logger.info(`Authentication Strategy ${stg.key}: [ OK ]`)
      }
    } catch (err) {
      WIKI.logger.error(`Authentication Strategy: [ FAILED ]`)
      WIKI.logger.error(err)
    }
  }
}
feat: self-contained auth modules + login UI + icons 7 years ago			`const passport = require('passport')`
feat: auth jwt, permissions, login ui (wip) 6 years ago			`const passportJWT = require('passport-jwt')`
feat: self-contained auth modules + login UI + icons 7 years ago			`const fs = require('fs-extra')`
refactor: remove config namespaces 6 years ago			`const _ = require('lodash')`
feat: self-contained auth modules + login UI + icons 7 years ago			`const path = require('path')`
feat: authentication improvements 6 years ago
feat: auth jwt, permissions, login ui (wip) 6 years ago			`const securityHelper = require('../helpers/security')`
refactor: remove config namespaces 6 years ago
			`/* global WIKI */`
Merged core back into main project 7 years ago
feat: queue handling 7 years ago			`module.exports = {`
feat: self-contained auth modules + login UI + icons 7 years ago			`strategies: {},`
			`init() {`
			`this.passport = passport`

			`// Serialization user methods`
Merged core back into main project 7 years ago
feat: queue handling 7 years ago			`passport.serializeUser(function (user, done) {`
feat: login + TFA authentication 7 years ago			`done(null, user.id)`
feat: queue handling 7 years ago			`})`
Merged core back into main project 7 years ago
feat: queue handling 7 years ago			`passport.deserializeUser(function (id, done) {`
feat: auth jwt, permissions, login ui (wip) 6 years ago			`WIKI.models.users.query().findById(id).then((user) => {`
			`if (user) {`
			`done(null, user)`
			`} else {`
			`done(new Error(WIKI.lang.t('auth:errors:usernotfound')), null)`
			`}`
			`return true`
			`}).catch((err) => {`
			`done(err, null)`
			`})`
Merged core back into main project 7 years ago			`})`

feat: self-contained auth modules + login UI + icons 7 years ago			`return this`
refactor: remove config namespaces 6 years ago			`},`
			`async activateStrategies() {`
			`try {`
			`// Unload any active strategies`
feat: locale namespacing save + auth fetch fix 6 years ago			`WIKI.auth.strategies = {}`
refactor: remove config namespaces 6 years ago			`const currentStrategies = _.keys(passport._strategies)`
			`_.pull(currentStrategies, 'session')`
			`_.forEach(currentStrategies, stg => { passport.unuse(stg) })`

feat: auth jwt, permissions, login ui (wip) 6 years ago			`// Load JWT`
			`passport.use('jwt', new passportJWT.Strategy({`
			`jwtFromRequest: securityHelper.extractJWT,`
feat: user menu + jwt certs + UI fixes 6 years ago			`secretOrKey: WIKI.config.certs.public,`
feat: auth jwt, permissions, login ui (wip) 6 years ago			`audience: 'urn:wiki.js', // TODO: use value from admin`
			`issuer: 'urn:wiki.js'`
			`}, (jwtPayload, cb) => {`
			`cb(null, jwtPayload)`
			`}))`

feat: auth self-registration config + gql grouping 6 years ago			`// Load enabled strategies`
feat: core improvements + local fs provider + UI fixes 6 years ago			`const enabledStrategies = await WIKI.models.authentication.getStrategies()`
refactor: remove config namespaces 6 years ago			`for (let idx in enabledStrategies) {`
			`const stg = enabledStrategies[idx]`
feat: auth self-registration config + gql grouping 6 years ago			`if (!stg.isEnabled) { continue }`

feat: authentication module refactor + added CAS module 6 years ago			const strategy = require(`../modules/authentication/${stg.key}/authentication.js`)
feat: auth self-registration config + gql grouping 6 years ago
feat: theming resolvers + config fixes 6 years ago			stg.config.callbackURL = `${WIKI.config.host}/login/${stg.key}/callback` // TODO: config.host
refactor: remove config namespaces 6 years ago			`strategy.init(passport, stg.config)`

			fs.readFile(path.join(WIKI.ROOTPATH, `assets/svg/auth-icon-${strategy.key}.svg`), 'utf8').then(iconData => {
			`strategy.icon = iconData`
			`}).catch(err => {`
			`if (err.code === 'ENOENT') {`
			`strategy.icon = '[missing icon]'`
			`} else {`
			`WIKI.logger.warn(err)`
			`}`
			`})`
			`WIKI.auth.strategies[stg.key] = strategy`
feat: auth advanced settings UI + reload auth on save 6 years ago			WIKI.logger.info(`Authentication Strategy ${stg.key}: [ OK ]`)
refactor: remove config namespaces 6 years ago			`}`
			`} catch (err) {`
			WIKI.logger.error(`Authentication Strategy: [ FAILED ]`)
			`WIKI.logger.error(err)`
			`}`
feat: queue handling 7 years ago			`}`
Merged core back into main project 7 years ago			`}`