feat: modular auth + logging changes

pull/621/head
NGPixel 7 years ago
parent f32429325c
commit 2020e457cf

@ -8,26 +8,24 @@
const AzureAdOAuth2Strategy = require('passport-azure-ad-oauth2').Strategy
module.exports = (passport) => {
if (wiki.config.auth.azure && wiki.config.auth.azure.enabled) {
const jwt = require('jsonwebtoken')
passport.use('azure_ad_oauth2',
new AzureAdOAuth2Strategy({
clientID: wiki.config.auth.azure.clientId,
clientSecret: wiki.config.auth.azure.clientSecret,
callbackURL: wiki.config.host + '/login/azure/callback',
resource: wiki.config.auth.azure.resource,
tenant: wiki.config.auth.azure.tenant
}, (accessToken, refreshToken, params, profile, cb) => {
let waadProfile = jwt.decode(params.id_token)
waadProfile.id = waadProfile.oid
waadProfile.provider = 'azure'
wiki.db.User.processProfile(waadProfile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}
module.exports = (passport, conf) => {
const jwt = require('jsonwebtoken')
passport.use('azure_ad_oauth2',
new AzureAdOAuth2Strategy({
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL,
resource: conf.resource,
tenant: conf.tenant
}, (accessToken, refreshToken, params, profile, cb) => {
let waadProfile = jwt.decode(params.id_token)
waadProfile.id = waadProfile.oid
waadProfile.provider = 'azure'
wiki.db.User.processProfile(waadProfile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}

@ -8,21 +8,19 @@
const FacebookStrategy = require('passport-facebook').Strategy
module.exports = (passport) => {
if (wiki.config.auth.facebook && wiki.config.auth.facebook.enabled) {
passport.use('facebook',
new FacebookStrategy({
clientID: wiki.config.auth.facebook.clientId,
clientSecret: wiki.config.auth.facebook.clientSecret,
callbackURL: wiki.config.host + '/login/facebook/callback',
profileFields: ['id', 'displayName', 'email']
}, function (accessToken, refreshToken, profile, cb) {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}
module.exports = (passport, conf) => {
passport.use('facebook',
new FacebookStrategy({
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL,
profileFields: ['id', 'displayName', 'email']
}, function (accessToken, refreshToken, profile, cb) {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}

@ -8,21 +8,19 @@
const GitHubStrategy = require('passport-github2').Strategy
module.exports = (passport) => {
if (wiki.config.auth.github && wiki.config.auth.github.enabled) {
passport.use('github',
new GitHubStrategy({
clientID: wiki.config.auth.github.clientId,
clientSecret: wiki.config.auth.github.clientSecret,
callbackURL: wiki.config.host + '/login/github/callback',
scope: ['user:email']
}, (accessToken, refreshToken, profile, cb) => {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}
module.exports = (passport, conf) => {
passport.use('github',
new GitHubStrategy({
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL,
scope: ['user:email']
}, (accessToken, refreshToken, profile, cb) => {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}

@ -8,20 +8,18 @@
const GoogleStrategy = require('passport-google-oauth20').Strategy
module.exports = (passport) => {
if (wiki.config.auth.google && wiki.config.auth.google.enabled) {
passport.use('google',
new GoogleStrategy({
clientID: wiki.config.auth.google.clientId,
clientSecret: wiki.config.auth.google.clientSecret,
callbackURL: wiki.config.host + '/login/google/callback'
}, (accessToken, refreshToken, profile, cb) => {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}
module.exports = (passport, conf) => {
passport.use('google',
new GoogleStrategy({
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL
}, (accessToken, refreshToken, profile, cb) => {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}

@ -7,35 +7,34 @@
// ------------------------------------
const LdapStrategy = require('passport-ldapauth').Strategy
const fs = require('fs')
module.exports = (passport) => {
if (wiki.config.auth.ldap && wiki.config.auth.ldap.enabled) {
passport.use('ldapauth',
new LdapStrategy({
server: {
url: wiki.config.auth.ldap.url,
bindDn: wiki.config.auth.ldap.bindDn,
bindCredentials: wiki.config.auth.ldap.bindCredentials,
searchBase: wiki.config.auth.ldap.searchBase,
searchFilter: wiki.config.auth.ldap.searchFilter,
searchAttributes: ['displayName', 'name', 'cn', 'mail'],
tlsOptions: (wiki.config.auth.ldap.tlsEnabled) ? {
ca: [
fs.readFileSync(wiki.config.auth.ldap.tlsCertPath)
]
} : {}
},
usernameField: 'email',
passReqToCallback: false
}, (profile, cb) => {
profile.provider = 'ldap'
profile.id = profile.dn
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}
module.exports = (passport, conf) => {
passport.use('ldapauth',
new LdapStrategy({
server: {
url: conf.url,
bindDn: conf.bindDn,
bindCredentials: conf.bindCredentials,
searchBase: conf.searchBase,
searchFilter: conf.searchFilter,
searchAttributes: ['displayName', 'name', 'cn', 'mail'],
tlsOptions: (conf.tlsEnabled) ? {
ca: [
fs.readFileSync(conf.tlsCertPath)
]
} : {}
},
usernameField: 'email',
passReqToCallback: false
}, (profile, cb) => {
profile.provider = 'ldap'
profile.id = profile.dn
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}

@ -8,27 +8,25 @@
const LocalStrategy = require('passport-local').Strategy
module.exports = (passport) => {
if (wiki.config.auth.local && wiki.config.auth.local.enabled) {
passport.use('local',
new LocalStrategy({
usernameField: 'email',
passwordField: 'password'
}, (uEmail, uPassword, done) => {
wiki.db.User.findOne({ email: uEmail, provider: 'local' }).then((user) => {
if (user) {
return user.validatePassword(uPassword).then(() => {
return done(null, user) || true
}).catch((err) => {
return done(err, null)
})
} else {
return done(new Error('INVALID_LOGIN'), null)
}
}).catch((err) => {
done(err, null)
})
}
))
}
module.exports = (passport, conf) => {
passport.use('local',
new LocalStrategy({
usernameField: 'email',
passwordField: 'password'
}, (uEmail, uPassword, done) => {
wiki.db.User.findOne({ email: uEmail, provider: 'local' }).then((user) => {
if (user) {
return user.validatePassword(uPassword).then(() => {
return done(null, user) || true
}).catch((err) => {
return done(err, null)
})
} else {
return done(new Error('INVALID_LOGIN'), null)
}
}).catch((err) => {
done(err, null)
})
}
))
}

@ -8,20 +8,18 @@
const WindowsLiveStrategy = require('passport-windowslive').Strategy
module.exports = (passport) => {
if (wiki.config.auth.microsoft && wiki.config.auth.microsoft.enabled) {
passport.use('windowslive',
new WindowsLiveStrategy({
clientID: wiki.config.auth.microsoft.clientId,
clientSecret: wiki.config.auth.microsoft.clientSecret,
callbackURL: wiki.config.host + '/login/ms/callback'
}, function (accessToken, refreshToken, profile, cb) {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}
module.exports = (passport, conf) => {
passport.use('windowslive',
new WindowsLiveStrategy({
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL
}, function (accessToken, refreshToken, profile, cb) {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}

@ -8,20 +8,18 @@
const SlackStrategy = require('passport-slack').Strategy
module.exports = (passport) => {
if (wiki.config.auth.slack && wiki.config.auth.slack.enabled) {
passport.use('slack',
new SlackStrategy({
clientID: wiki.config.auth.slack.clientId,
clientSecret: wiki.config.auth.slack.clientSecret,
callbackURL: wiki.config.host + '/login/slack/callback'
}, (accessToken, refreshToken, profile, cb) => {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}
module.exports = (passport, conf) => {
passport.use('slack',
new SlackStrategy({
clientID: conf.clientId,
clientSecret: conf.clientSecret,
callbackURL: conf.callbackURL
}, (accessToken, refreshToken, profile, cb) => {
wiki.db.User.processProfile(profile).then((user) => {
return cb(null, user) || true
}).catch((err) => {
return cb(err, null) || true
})
}
))
}

@ -2,6 +2,9 @@
/* global wiki */
module.exports = false
return
const express = require('express')
const router = express.Router()

@ -147,7 +147,7 @@ module.exports = Promise.join(
app.use('/graphql', graphqlApollo.graphqlExpress({ schema: graphqlSchema }))
app.use('/graphiql', graphqlApollo.graphiqlExpress({ endpointURL: '/graphql' }))
app.use('/uploads', mw.auth, ctrl.uploads)
// app.use('/uploads', mw.auth, ctrl.uploads)
app.use('/admin', mw.auth, ctrl.admin)
app.use('/', mw.auth, ctrl.pages)
@ -173,7 +173,7 @@ module.exports = Promise.join(
// Start HTTP server
// ----------------------------------------
wiki.logger.info('Starting HTTP/WS server on port ' + wiki.config.port + '...')
wiki.logger.info(`HTTP/WS Server on port: ${wiki.config.port}`)
app.set('port', wiki.config.port)
var server = http.createServer(app)
@ -199,7 +199,7 @@ module.exports = Promise.join(
})
server.on('listening', () => {
wiki.logger.info('HTTP/WS server started successfully! [RUNNING]')
wiki.logger.info('HTTP/WS Server: RUNNING')
})
// ----------------------------------------

@ -2,9 +2,9 @@
/* global wiki */
const fs = require('fs')
const _ = require('lodash')
module.exports = function (passport) {
module.exports = (passport) => {
// Serialization user methods
passport.serializeUser(function (user, done) {
@ -24,12 +24,28 @@ module.exports = function (passport) {
})
})
// Create users for first-time
// Load authentication strategies
return wiki.db.User.findOne({ provider: 'local', email: 'guest@example.com' }).then((c) => {
if (c < 1) {
// Create guest account
wiki.config.authStrategies = {
list: _.pickBy(wiki.config.auth, strategy => strategy.enabled),
socialEnabled: (_.chain(wiki.config.auth).omit('local').filter(['enabled', true]).value().length > 0)
}
_.forOwn(wiki.config.authStrategies.list, (strategyConfig, strategyName) => {
strategyConfig.callbackURL = `${wiki.config.site.host}/login/${strategyName}/callback`
require(`../authentication/${strategyName}`)(passport, strategyConfig)
wiki.logger.info(`Authentication Provider ${_.upperFirst(strategyName)}: OK`)
})
// Create Guest account for first-time
return wiki.db.User.findOne({
where: {
provider: 'local',
email: 'guest@example.com'
}
}).then((c) => {
if (c < 1) {
return wiki.db.User.create({
provider: 'local',
email: 'guest@example.com',

@ -57,17 +57,6 @@ module.exports = {
// List authentication strategies
wiki.config = appconfig
wiki.data = appdata
// List authentication strategies
// appconfig.authStrategies = {
// list: _.filter(appconfig.auth, ['enabled', true]),
// socialEnabled: (_.chain(appconfig.auth).omit('local').filter(['enabled', true]).value().length > 0)
// }
// if (appconfig.authStrategies.list.length < 1) {
// console.error(new Error('You must enable at least 1 authentication strategy!'))
// process.exit(1)
// }
},
/**

@ -41,7 +41,7 @@ module.exports = {
// Attempt to connect and authenticate to DB
self.inst.authenticate().then(() => {
wiki.logger.info('Connected to PostgreSQL database.')
wiki.logger.info('Database (PostgreSQL) connection: OK')
}).catch(err => {
wiki.logger.error('Failed to connect to MongoDB instance.')
return err

@ -94,8 +94,6 @@ module.exports = {
* Creates a base directories (Synchronous).
*/
createBaseDirectories () {
wiki.logger.info('Checking data directories...')
try {
fs.ensureDirSync(path.resolve(wiki.ROOTPATH, wiki.config.paths.data))
fs.emptyDirSync(path.resolve(wiki.ROOTPATH, wiki.config.paths.data))
@ -117,7 +115,7 @@ module.exports = {
wiki.logger.error(err)
}
wiki.logger.info('Data and Repository directories are OK.')
wiki.logger.info('Disk Data Paths: OK')
},
/**

@ -71,8 +71,6 @@ module.exports = {
_initRepo() {
let self = this
wiki.logger.info('Checking Git repository...')
// -> Check if path is accessible
return fs.mkdirAsync(self._repo.path).catch((err) => {
@ -92,7 +90,7 @@ module.exports = {
})
}).then(() => {
if (wiki.config.git === false) {
wiki.logger.info('Remote Git syncing is disabled. Not recommended!')
wiki.logger.warn('Remote Git syncing is disabled. Not recommended!')
return Promise.resolve(true)
}
@ -132,7 +130,7 @@ module.exports = {
wiki.logger.error('Git remote error!')
throw err
}).then(() => {
wiki.logger.info('Git repository is OK.')
wiki.logger.info('Git Repository: OK')
return true
})
},

Loading…
Cancel
Save