forked from sclorg/nodejs-ex
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauthModule.js
More file actions
118 lines (100 loc) · 3.68 KB
/
authModule.js
File metadata and controls
118 lines (100 loc) · 3.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
function authModule() {
var that = this;
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var sessions = require("client-sessions");
var database = require('./database');
var userModule = require('./userModule');
var encryptUtils = require('./encryptUtils');
/**
* Lookup a user in database
* @param {String} username
* @param {String} password
* @param {Function} done
*/
var lookupUser = function(username, password, done) {
var query = 'SELECT * FROM users WHERE username = ?';
database.connection.query(query, [username], function (error, results, fields) {
if (!error){
if( results.length != 0 ){
if( encryptUtils.isPasswordCorrect(results[0].passworthash, results[0].salt, password) ){
return done(null, {id:results[0].id, username:username});
} else {
return done(null, false, { message: 'Incorrect password!' });
}
} else {
return done(null, false, { message: 'Incorrect username!' });
}
} else {
console.log('no result')
console.log(error.code)
response = {
"error": error.code
};
}
});
};
passport.use(new LocalStrategy({ usernameField: 'username', session: true }, lookupUser));
server.use(sessions({
// cookie name dictates the key name added to the request object
cookieName: 'session',
// should be a large unguessable string
secret: 'TkipIsTheBest',
// how long the session will stay valid in ms
duration: 30 * 86400 * 1000 // 30 days
}));
// Initialize passport
server.use(passport.initialize());
// Set up the passport session
server.use(passport.session());
// This is how a user gets serialized
passport.serializeUser(function(user, done) {
done(null, user.id);
});
// This is how a user gets deserialized
passport.deserializeUser(function(id, done) {
userModule.findUser(id, function(user){
done(null, user);
});
});
// logs the user in after authenticating credentials
that.logIn = function(req, res, next) {
if( typeof req.body != 'object'){
req.body = {
'username': req.params.username,
'password': req.params.password
};
}
// The local login strategy
passport.authenticate('local', function(err, user, info) {
if (err) {
return next(err);
}
if(!user) {
res.send(400, {"error" : info.message});
return next();
}
// Log the user in!
req.logIn(user, function(err) {
if (err) {
return next(err);
}
req.session.user_id = req.user.id;
if(user.username) {
res.send(200, {"error" : "false"});
return next();
}
return next();
});
})(req, res, next);
};
//Sends unauthenticated error message for unauthenticated requests
that.ensureAuthenticated = function (req, res, next) {
if (req.isAuthenticated()){ console.log('yes is authenticated')
return next();
} else { console.log('no not authenticated')
res.send(400,{"error" : "Unauthenticated user"});
}
}
}
module.exports = new authModule();