//auth //external modules var passport = require('passport'); var FacebookStrategy = require('passport-facebook').Strategy; var TwitterStrategy = require('passport-twitter').Strategy; var GithubStrategy = require('passport-github').Strategy; var GitlabStrategy = require('passport-gitlab2').Strategy; var DropboxStrategy = require('passport-dropbox-oauth2').Strategy; var GoogleStrategy = require('passport-google-oauth20').Strategy; var LdapStrategy = require('passport-ldapauth'); var LocalStrategy = require('passport-local').Strategy; var validator = require('validator'); //core var config = require('./config.js'); var logger = require("./logger.js"); var models = require("./models"); function callback(accessToken, refreshToken, profile, done) { //logger.info(profile.displayName || profile.username); var stringifiedProfile = JSON.stringify(profile); models.User.findOrCreate({ where: { profileid: profile.id.toString() }, defaults: { profile: stringifiedProfile, accessToken: accessToken, refreshToken: refreshToken } }).spread(function (user, created) { if (user) { var needSave = false; if (user.profile != stringifiedProfile) { user.profile = stringifiedProfile; needSave = true; } if (user.accessToken != accessToken) { user.accessToken = accessToken; needSave = true; } if (user.refreshToken != refreshToken) { user.refreshToken = refreshToken; needSave = true; } if (needSave) { user.save().then(function () { if (config.debug) logger.info('user login: ' + user.id); return done(null, user); }); } else { if (config.debug) logger.info('user login: ' + user.id); return done(null, user); } } }).catch(function (err) { logger.error('auth callback failed: ' + err); return done(err, null); }); } //facebook if (config.facebook) { module.exports = passport.use(new FacebookStrategy({ clientID: config.facebook.clientID, clientSecret: config.facebook.clientSecret, callbackURL: config.serverurl + '/auth/facebook/callback' }, callback)); } //twitter if (config.twitter) { passport.use(new TwitterStrategy({ consumerKey: config.twitter.consumerKey, consumerSecret: config.twitter.consumerSecret, callbackURL: config.serverurl + '/auth/twitter/callback' }, callback)); } //github if (config.github) { passport.use(new GithubStrategy({ clientID: config.github.clientID, clientSecret: config.github.clientSecret, callbackURL: config.serverurl + '/auth/github/callback' }, callback)); } //gitlab if (config.gitlab) { passport.use(new GitlabStrategy({ baseURL: config.gitlab.baseURL, clientID: config.gitlab.clientID, clientSecret: config.gitlab.clientSecret, callbackURL: config.serverurl + '/auth/gitlab/callback' }, callback)); } //dropbox if (config.dropbox) { passport.use(new DropboxStrategy({ apiVersion: '2', clientID: config.dropbox.clientID, clientSecret: config.dropbox.clientSecret, callbackURL: config.serverurl + '/auth/dropbox/callback' }, callback)); } //google if (config.google) { passport.use(new GoogleStrategy({ clientID: config.google.clientID, clientSecret: config.google.clientSecret, callbackURL: config.serverurl + '/auth/google/callback' }, callback)); } // ldap if (config.ldap) { passport.use(new LdapStrategy({ server: { url: config.ldap.url || null, bindDn: config.ldap.bindDn || null, bindCredentials: config.ldap.bindCredentials || null, searchBase: config.ldap.searchBase || null, searchFilter: config.ldap.searchFilter || null, searchAttributes: config.ldap.searchAttributes || null, tlsOptions: config.ldap.tlsOptions || null }, }, function(user, done) { var profile = { id: 'LDAP-' + user.uidNumber, username: user.uid, displayName: user.displayName, emails: user.mail ? [user.mail] : [], avatarUrl: null, profileUrl: null, provider: 'ldap', } var stringifiedProfile = JSON.stringify(profile); models.User.findOrCreate({ where: { profileid: profile.id.toString() }, defaults: { profile: stringifiedProfile, } }).spread(function (user, created) { if (user) { var needSave = false; if (user.profile != stringifiedProfile) { user.profile = stringifiedProfile; needSave = true; } if (needSave) { user.save().then(function () { if (config.debug) logger.info('user login: ' + user.id); return done(null, user); }); } else { if (config.debug) logger.info('user login: ' + user.id); return done(null, user); } } }).catch(function (err) { logger.error('ldap auth failed: ' + err); return done(err, null); }); })); } // email if (config.email) { passport.use(new LocalStrategy({ usernameField: 'email' }, function(email, password, done) { if (!validator.isEmail(email)) return done(null, false); models.User.findOne({ where: { email: email } }).then(function (user) { if (!user) return done(null, false); if (!user.verifyPassword(password)) return done(null, false); return done(null, user); }).catch(function (err) { logger.error(err); return done(err); }); })); }