auth.js 3.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155
  1. "use strict";
  2. const LocalStrategy = require('passport-local').Strategy;
  3. const GoogleStrategy = require('passport-google-oauth20').Strategy;
  4. const WindowsLiveStrategy = require('passport-windowslive').Strategy;
  5. const FacebookStrategy = require('passport-facebook').Strategy;
  6. const _ = require('lodash');
  7. module.exports = function(passport, appconfig) {
  8. // Serialization user methods
  9. passport.serializeUser(function(user, done) {
  10. done(null, user._id);
  11. });
  12. passport.deserializeUser(function(id, done) {
  13. db.User.findById(id).then((user) => {
  14. if(user) {
  15. done(null, user);
  16. } else {
  17. done(new Error('User not found.'), null);
  18. }
  19. return true;
  20. }).catch((err) => {
  21. done(err, null);
  22. });
  23. });
  24. // Local Account
  25. if(appconfig.auth.local && appconfig.auth.local.enabled) {
  26. passport.use('local',
  27. new LocalStrategy({
  28. usernameField : 'email',
  29. passwordField : 'password'
  30. },
  31. (uEmail, uPassword, done) => {
  32. db.User.findOne({ email: uEmail, provider: 'local' }).then((user) => {
  33. if(user) {
  34. return user.validatePassword(uPassword).then(() => {
  35. return done(null, user) || true;
  36. }).catch((err) => {
  37. return done(err, null);
  38. });
  39. } else {
  40. return done(new Error('Invalid Login'), null);
  41. }
  42. }).catch((err) => {
  43. done(err, null) ;
  44. });
  45. }
  46. ));
  47. }
  48. // Google ID
  49. if(appconfig.auth.google && appconfig.auth.google.enabled) {
  50. passport.use('google',
  51. new GoogleStrategy({
  52. clientID: appconfig.auth.google.clientId,
  53. clientSecret: appconfig.auth.google.clientSecret,
  54. callbackURL: appconfig.host + '/login/google/callback'
  55. },
  56. (accessToken, refreshToken, profile, cb) => {
  57. db.User.processProfile(profile).then((user) => {
  58. return cb(null, user) || true;
  59. }).catch((err) => {
  60. return cb(err, null) || true;
  61. });
  62. }
  63. ));
  64. }
  65. // Microsoft Accounts
  66. if(appconfig.auth.microsoft && appconfig.auth.microsoft.enabled) {
  67. passport.use('windowslive',
  68. new WindowsLiveStrategy({
  69. clientID: appconfig.auth.microsoft.clientId,
  70. clientSecret: appconfig.auth.microsoft.clientSecret,
  71. callbackURL: appconfig.host + '/login/ms/callback'
  72. },
  73. function(accessToken, refreshToken, profile, cb) {
  74. db.User.processProfile(profile).then((user) => {
  75. return cb(null, user) || true;
  76. }).catch((err) => {
  77. return cb(err, null) || true;
  78. });
  79. }
  80. ));
  81. }
  82. // Facebook
  83. if(appconfig.auth.facebook && appconfig.auth.facebook.enabled) {
  84. passport.use('facebook',
  85. new FacebookStrategy({
  86. clientID: appconfig.auth.facebook.clientId,
  87. clientSecret: appconfig.auth.facebook.clientSecret,
  88. callbackURL: appconfig.host + '/login/facebook/callback',
  89. profileFields: ['id', 'displayName', 'email']
  90. },
  91. function(accessToken, refreshToken, profile, cb) {
  92. db.User.processProfile(profile).then((user) => {
  93. return cb(null, user) || true;
  94. }).catch((err) => {
  95. return cb(err, null) || true;
  96. });
  97. }
  98. ));
  99. }
  100. // Check for admin access
  101. db.onReady.then(() => {
  102. db.User.count().then((c) => {
  103. if(c < 1) {
  104. winston.info('[' + PROCNAME + '][AUTH] No administrator account found. Creating a new one...');
  105. db.User.hashPassword('admin123').then((pwd) => {
  106. return db.User.create({
  107. provider: 'local',
  108. email: appconfig.admin,
  109. name: "Administrator",
  110. password: pwd,
  111. rights: [{
  112. role: 'admin',
  113. path: '/',
  114. exact: false,
  115. deny: false
  116. }]
  117. });
  118. }).then(() => {
  119. winston.info('[' + PROCNAME + '][AUTH] Administrator account created successfully!');
  120. }).catch((err) => {
  121. winston.error('[' + PROCNAME + '][AUTH] An error occured while creating administrator account:');
  122. winston.error(err);
  123. });
  124. }
  125. });
  126. return true;
  127. });
  128. };