You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
wiki/libs/auth.js

155 lines
3.7 KiB

"use strict";
const LocalStrategy = require('passport-local').Strategy;
const GoogleStrategy = require('passport-google-oauth20').Strategy;
const WindowsLiveStrategy = require('passport-windowslive').Strategy;
const FacebookStrategy = require('passport-facebook').Strategy;
const _ = require('lodash');
module.exports = function(passport, appconfig) {
// Serialization user methods
passport.serializeUser(function(user, done) {
done(null, user._id);
});
passport.deserializeUser(function(id, done) {
db.User.findById(id).then((user) => {
if(user) {
done(null, user);
} else {
done(new Error('User not found.'), null);
}
return true;
}).catch((err) => {
done(err, null);
});
});
// Local Account
if(appconfig.auth.local && appconfig.auth.local.enabled) {
passport.use('local',
new LocalStrategy({
usernameField : 'email',
passwordField : 'password'
},
(uEmail, uPassword, done) => {
db.User.findOne({ email: uEmail, provider: 'local' }).then((user) => {
if(user) {
return user.validatePassword(uPassword).then(() => {
return done(null, user) || true;
}).catch((err) => {
return done(err, null);
});
} else {
return done(new Error('Invalid Login'), null);
}
}).catch((err) => {
done(err, null) ;
});
}
));
}
// Google ID
if(appconfig.auth.google && appconfig.auth.google.enabled) {
passport.use('google',
new GoogleStrategy({
clientID: appconfig.auth.google.clientId,
clientSecret: appconfig.auth.google.clientSecret,
callbackURL: appconfig.host + '/login/google/callback'
},
(accessToken, refreshToken, profile, cb) => {
db.User.processProfile(profile).then((user) => {
return cb(null, user) || true;
}).catch((err) => {
return cb(err, null) || true;
});
}
));
}
// Microsoft Accounts
if(appconfig.auth.microsoft && appconfig.auth.microsoft.enabled) {
passport.use('windowslive',
new WindowsLiveStrategy({
clientID: appconfig.auth.microsoft.clientId,
clientSecret: appconfig.auth.microsoft.clientSecret,
callbackURL: appconfig.host + '/login/ms/callback'
},
function(accessToken, refreshToken, profile, cb) {
db.User.processProfile(profile).then((user) => {
return cb(null, user) || true;
}).catch((err) => {
return cb(err, null) || true;
});
}
));
}
// Facebook
if(appconfig.auth.facebook && appconfig.auth.facebook.enabled) {
passport.use('facebook',
new FacebookStrategy({
clientID: appconfig.auth.facebook.clientId,
clientSecret: appconfig.auth.facebook.clientSecret,
callbackURL: appconfig.host + '/login/facebook/callback',
profileFields: ['id', 'displayName', 'email']
},
function(accessToken, refreshToken, profile, cb) {
db.User.processProfile(profile).then((user) => {
return cb(null, user) || true;
}).catch((err) => {
return cb(err, null) || true;
});
}
));
}
// Check for admin access
db.onReady.then(() => {
db.User.count().then((c) => {
if(c < 1) {
winston.info('[' + PROCNAME + '][AUTH] No administrator account found. Creating a new one...');
db.User.hashPassword('admin123').then((pwd) => {
return db.User.create({
provider: 'local',
email: appconfig.admin,
name: "Administrator",
password: pwd,
rights: [{
role: 'admin',
path: '/',
exact: false,
deny: false
}]
});
}).then(() => {
winston.info('[' + PROCNAME + '][AUTH] Administrator account created successfully!');
}).catch((err) => {
winston.error('[' + PROCNAME + '][AUTH] An error occured while creating administrator account:');
winston.error(err);
});
}
});
return true;
});
};