1 |
|
2 | import bcrypt from 'bcryptjs'
|
3 | import get from 'lodash/get'
|
4 | import omit from 'lodash/omit'
|
5 | import { NotAuthenticated } from '@feathersjs/errors'
|
6 | import { Query, Params } from '@feathersjs/feathers'
|
7 | import { AuthenticationRequest, AuthenticationBaseStrategy } from '@feathersjs/authentication'
|
8 | import { createDebug } from '@feathersjs/commons'
|
9 |
|
10 | const debug = createDebug('@feathersjs/authentication-local/strategy')
|
11 |
|
12 | export class LocalStrategy extends AuthenticationBaseStrategy {
|
13 | verifyConfiguration() {
|
14 | const config = this.configuration
|
15 |
|
16 | ;['usernameField', 'passwordField'].forEach((prop) => {
|
17 | if (typeof config[prop] !== 'string') {
|
18 | throw new Error(`'${this.name}' authentication strategy requires a '${prop}' setting`)
|
19 | }
|
20 | })
|
21 | }
|
22 |
|
23 | get configuration() {
|
24 | const authConfig = this.authentication.configuration
|
25 | const config = super.configuration || {}
|
26 |
|
27 | return {
|
28 | hashSize: 10,
|
29 | service: authConfig.service,
|
30 | entity: authConfig.entity,
|
31 | entityId: authConfig.entityId,
|
32 | errorMessage: 'Invalid login',
|
33 | entityPasswordField: config.passwordField,
|
34 | entityUsernameField: config.usernameField,
|
35 | ...config
|
36 | }
|
37 | }
|
38 |
|
39 | async getEntityQuery(query: Query, _params: Params) {
|
40 | return {
|
41 | $limit: 1,
|
42 | ...query
|
43 | }
|
44 | }
|
45 |
|
46 | async findEntity(username: string, params: Params) {
|
47 | const { entityUsernameField, errorMessage } = this.configuration
|
48 | if (!username) {
|
49 |
|
50 | throw new NotAuthenticated(errorMessage)
|
51 | }
|
52 |
|
53 | const query = await this.getEntityQuery(
|
54 | {
|
55 | [entityUsernameField]: username
|
56 | },
|
57 | params
|
58 | )
|
59 |
|
60 | const findParams = Object.assign({}, params, { query })
|
61 | const entityService = this.entityService
|
62 |
|
63 | debug('Finding entity with query', params.query)
|
64 |
|
65 | const result = await entityService.find(findParams)
|
66 | const list = Array.isArray(result) ? result : result.data
|
67 |
|
68 | if (!Array.isArray(list) || list.length === 0) {
|
69 | debug('No entity found')
|
70 |
|
71 | throw new NotAuthenticated(errorMessage)
|
72 | }
|
73 |
|
74 | const [entity] = list
|
75 |
|
76 | return entity
|
77 | }
|
78 |
|
79 | async getEntity(result: any, params: Params) {
|
80 | const entityService = this.entityService
|
81 | const { entityId = (entityService as any).id, entity } = this.configuration
|
82 |
|
83 | if (!entityId || result[entityId] === undefined) {
|
84 | throw new NotAuthenticated('Could not get local entity')
|
85 | }
|
86 |
|
87 | if (!params.provider) {
|
88 | return result
|
89 | }
|
90 |
|
91 | return entityService.get(result[entityId], {
|
92 | ...params,
|
93 | [entity]: result
|
94 | })
|
95 | }
|
96 |
|
97 | async comparePassword(entity: any, password: string) {
|
98 | const { entityPasswordField, errorMessage } = this.configuration
|
99 |
|
100 | const hash = get(entity, entityPasswordField)
|
101 |
|
102 | if (!hash) {
|
103 | debug(`Record is missing the '${entityPasswordField}' password field`)
|
104 |
|
105 | throw new NotAuthenticated(errorMessage)
|
106 | }
|
107 |
|
108 | debug('Verifying password')
|
109 |
|
110 | const result = await bcrypt.compare(password, hash)
|
111 |
|
112 | if (result) {
|
113 | return entity
|
114 | }
|
115 |
|
116 | throw new NotAuthenticated(errorMessage)
|
117 | }
|
118 |
|
119 | async hashPassword(password: string, _params: Params) {
|
120 | return bcrypt.hash(password, this.configuration.hashSize)
|
121 | }
|
122 |
|
123 | async authenticate(data: AuthenticationRequest, params: Params) {
|
124 | const { passwordField, usernameField, entity, errorMessage } = this.configuration
|
125 | const username = data[usernameField]
|
126 | const password = data[passwordField]
|
127 |
|
128 | if (!password) {
|
129 |
|
130 | throw new NotAuthenticated(errorMessage)
|
131 | }
|
132 |
|
133 | const result = await this.findEntity(username, omit(params, 'provider'))
|
134 |
|
135 | await this.comparePassword(result, password)
|
136 |
|
137 | return {
|
138 | authentication: { strategy: this.name },
|
139 | [entity]: await this.getEntity(result, params)
|
140 | }
|
141 | }
|
142 | }
|