1 | 'use strict';
|
2 |
|
3 | Object.defineProperty(exports, "__esModule", {
|
4 | value: true
|
5 | });
|
6 | exports.useSignin = useSignin;
|
7 |
|
8 | var _bcryptNodejs = require('bcrypt-nodejs');
|
9 |
|
10 | var _bcryptNodejs2 = _interopRequireDefault(_bcryptNodejs);
|
11 |
|
12 | var _helmet = require('helmet');
|
13 |
|
14 | var _helmet2 = _interopRequireDefault(_helmet);
|
15 |
|
16 | var _passport = require('passport');
|
17 |
|
18 | var _passport2 = _interopRequireDefault(_passport);
|
19 |
|
20 | var _passportLocal = require('passport-local');
|
21 |
|
22 | var _shortid = require('shortid');
|
23 |
|
24 | var _shortid2 = _interopRequireDefault(_shortid);
|
25 |
|
26 | function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
27 |
|
28 | var NO_MATCHING_USER = 'NO_MATCHING_USER';
|
29 | var INCORRECT_USER_CREDENTIALS = 'INCORRECT_USER_CREDENTIALS';
|
30 |
|
31 |
|
32 |
|
33 |
|
34 | var VALID_EMAIL_REGEXP = /^(([^<>()\[\]\.,;:\s@\"]+(\.[^<>()\[\]\.,;:\s@\"]+)*)|(\".+\"))@(([^<>()[\]\.,;:\s@\"]+\.)+[^<>()[\]\.,;:\s@\"]{2,})$/i;
|
35 | var MIN_PASSWORD_LENGTH = 6;
|
36 | var REQUIRED_SIGNUP_FIELDS = ['email', 'password'];
|
37 | var globalUserFields = [];
|
38 |
|
39 | function formatUserForFrontend(user) {
|
40 |
|
41 |
|
42 | var userCopy = Object.assign({}, user.local, {
|
43 | id: user.id,
|
44 | active: user.active,
|
45 | admin: user.admin,
|
46 | consoleToken: user.consoleToken,
|
47 | vat: user.vat,
|
48 | firstname: user.firstname,
|
49 | lastname: user.lastname,
|
50 | company: user.company
|
51 | });
|
52 | delete userCopy.password;
|
53 | delete userCopy.passwordResetToken;
|
54 | return userCopy;
|
55 | }
|
56 |
|
57 | function signinUser(email, password, usersCollection) {
|
58 | return new Promise(function (resolve, reject) {
|
59 |
|
60 | usersCollection.findOne({ 'local.email': email }).then(function (user) {
|
61 | if (!user) {
|
62 | reject(new Error(NO_MATCHING_USER));
|
63 | return;
|
64 | }
|
65 | return validatePassword(password, user.local.password).then(function (validated) {
|
66 | if (!validated) {
|
67 | reject(new Error(INCORRECT_USER_CREDENTIALS));
|
68 | return;
|
69 | }
|
70 |
|
71 | resolve(user);
|
72 | });
|
73 | });
|
74 | });
|
75 | }
|
76 |
|
77 | function validatePassword(password, encryptedPassword) {
|
78 | return new Promise(function (resolve, reject) {
|
79 | _bcryptNodejs2.default.compare(password, encryptedPassword, function (err, result) {
|
80 | if (err) {
|
81 | reject(err);
|
82 | return;
|
83 | }
|
84 | return resolve(result);
|
85 | });
|
86 | });
|
87 | }
|
88 |
|
89 | function useSignin(app, config) {
|
90 |
|
91 | var db = config.db,
|
92 | logger = config.logger,
|
93 | routePath = config.routePath;
|
94 |
|
95 |
|
96 | var usersCollection = db.collection('users');
|
97 |
|
98 | var passportLocalStrategy = new _passportLocal.Strategy({
|
99 | usernameField: 'email',
|
100 | passReqToCallback: true
|
101 | }, function (req, email, password, done) {
|
102 |
|
103 | req.flash('signinBody', req.body);
|
104 | signinUser(email, password, usersCollection).then(function (user) {
|
105 | return done(null, user);
|
106 | }).catch(function (err) {
|
107 | if (err.message === NO_MATCHING_USER) {
|
108 | done(null, false, req.flash('signinMessage', 'No matching user found.'));
|
109 | return;
|
110 | }
|
111 | if (err.message === INCORRECT_USER_CREDENTIALS) {
|
112 | done(null, false, req.flash('login', 'Incorrect credentials.'));
|
113 | return;
|
114 | }
|
115 |
|
116 | logger.warn('[unhandled] ERROR in handleLogin:', err);
|
117 | done(null, false, req.flash('login', 'Login failed.'));
|
118 | });
|
119 | });
|
120 | _passport2.default.use('local-login', passportLocalStrategy);
|
121 |
|
122 | function returnTo(req, res, next) {
|
123 | if (req.body.returnTo) {
|
124 | req.session.returnTo = decodeURIComponent(req.body.returnTo);
|
125 | } else {
|
126 | req.session.returnTo = '/';
|
127 | }
|
128 | next();
|
129 | }
|
130 |
|
131 | var localAuthenticate = _passport2.default.authenticate('local-login');
|
132 | var localAuthenticateAndRedirect = _passport2.default.authenticate('local-login', {
|
133 | successReturnToOrRedirect: true,
|
134 | successRedirect: '/',
|
135 | failureRedirect: '/signin',
|
136 | failureFlash: true
|
137 | });
|
138 |
|
139 | app.post(routePath + '/signin', returnTo, localAuthenticateAndRedirect);
|
140 |
|
141 |
|
142 | app.get(routePath + '/signin', function (req, res) {
|
143 | return res.redirect('/');
|
144 | });
|
145 |
|
146 | app.post(routePath + '/logout', function (req, res) {
|
147 | if (req.user) {
|
148 | req.logout();
|
149 | }
|
150 | res.redirect('/signin');
|
151 | });
|
152 |
|
153 | return { localAuthenticate: localAuthenticate,
|
154 | localAuthenticateAndRedirect: localAuthenticateAndRedirect,
|
155 | returnTo: returnTo
|
156 | };
|
157 | } |
\ | No newline at end of file |