]>
Commit | Line | Data |
---|---|---|
7fed6375 C |
1 | import * as express from 'express' |
2 | import { OAUTH_LIFETIME } from '@server/initializers/constants' | |
3 | import * as OAuthServer from 'express-oauth-server' | |
4 | import { PluginManager } from '@server/lib/plugins/plugin-manager' | |
5 | import { RegisterServerAuthPassOptions } from '@shared/models/plugins/register-server-auth.model' | |
6 | import { logger } from '@server/helpers/logger' | |
7 | import { UserRole } from '@shared/models' | |
8 | ||
9 | const oAuthServer = new OAuthServer({ | |
10 | useErrorHandler: true, | |
11 | accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN, | |
12 | refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN, | |
13 | continueMiddleware: true, | |
14 | model: require('./oauth-model') | |
15 | }) | |
16 | ||
17 | function onExternalAuthPlugin (npmName: string, username: string, email: string) { | |
18 | ||
19 | } | |
20 | ||
21 | async function handleIdAndPassLogin (req: express.Request, res: express.Response, next: express.NextFunction) { | |
22 | const plugins = PluginManager.Instance.getIdAndPassAuths() | |
23 | const pluginAuths: { npmName?: string, registerAuthOptions: RegisterServerAuthPassOptions }[] = [] | |
24 | ||
25 | for (const plugin of plugins) { | |
26 | const auths = plugin.idAndPassAuths | |
27 | ||
28 | for (const auth of auths) { | |
29 | pluginAuths.push({ | |
30 | npmName: plugin.npmName, | |
31 | registerAuthOptions: auth | |
32 | }) | |
33 | } | |
34 | } | |
35 | ||
36 | pluginAuths.sort((a, b) => { | |
37 | const aWeight = a.registerAuthOptions.getWeight() | |
38 | const bWeight = b.registerAuthOptions.getWeight() | |
39 | ||
40 | if (aWeight === bWeight) return 0 | |
41 | if (aWeight > bWeight) return 1 | |
42 | return -1 | |
43 | }) | |
44 | ||
45 | const loginOptions = { | |
46 | id: req.body.username, | |
47 | password: req.body.password | |
48 | } | |
49 | ||
50 | for (const pluginAuth of pluginAuths) { | |
51 | logger.debug( | |
52 | 'Using auth method of %s to login %s with weight %d.', | |
53 | pluginAuth.npmName, loginOptions.id, pluginAuth.registerAuthOptions.getWeight() | |
54 | ) | |
55 | ||
56 | const loginResult = await pluginAuth.registerAuthOptions.login(loginOptions) | |
57 | if (loginResult) { | |
58 | logger.info('Login success with plugin %s for %s.', pluginAuth.npmName, loginOptions.id) | |
59 | ||
60 | res.locals.bypassLogin = { | |
61 | bypass: true, | |
62 | pluginName: pluginAuth.npmName, | |
63 | user: { | |
64 | username: loginResult.username, | |
65 | email: loginResult.email, | |
66 | role: loginResult.role || UserRole.USER, | |
67 | displayName: loginResult.displayName || loginResult.username | |
68 | } | |
69 | } | |
70 | ||
71 | break | |
72 | } | |
73 | } | |
74 | ||
75 | return localLogin(req, res, next) | |
76 | } | |
77 | ||
78 | // --------------------------------------------------------------------------- | |
79 | ||
80 | export { | |
81 | oAuthServer, | |
82 | handleIdAndPassLogin, | |
83 | onExternalAuthPlugin | |
84 | } | |
85 | ||
86 | // --------------------------------------------------------------------------- | |
87 | ||
88 | function localLogin (req: express.Request, res: express.Response, next: express.NextFunction) { | |
89 | return oAuthServer.token()(req, res, err => { | |
90 | if (err) { | |
91 | return res.status(err.status) | |
92 | .json({ | |
93 | error: err.message, | |
94 | code: err.name | |
95 | }) | |
96 | .end() | |
97 | } | |
98 | ||
99 | return next() | |
100 | }) | |
101 | } |