[github/Chocobozzz/PeerTube.git] / server / lib / auth.ts

import * as express from 'express'
import { OAUTH_LIFETIME } from '@server/initializers/constants'
import * as OAuthServer from 'express-oauth-server'
import { PluginManager } from '@server/lib/plugins/plugin-manager'
import { RegisterServerAuthPassOptions } from '@shared/models/plugins/register-server-auth.model'
import { logger } from '@server/helpers/logger'
import { UserRole } from '@shared/models'

const oAuthServer = new OAuthServer({
  useErrorHandler: true,
  accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN,
  refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN,
  continueMiddleware: true,
  model: require('./oauth-model')
})

function onExternalAuthPlugin (npmName: string, username: string, email: string) {

}

async function handleIdAndPassLogin (req: express.Request, res: express.Response, next: express.NextFunction) {
  const plugins = PluginManager.Instance.getIdAndPassAuths()
  const pluginAuths: { npmName?: string, registerAuthOptions: RegisterServerAuthPassOptions }[] = []

  for (const plugin of plugins) {
    const auths = plugin.idAndPassAuths

    for (const auth of auths) {
      pluginAuths.push({
        npmName: plugin.npmName,
        registerAuthOptions: auth
      })
    }
  }

  pluginAuths.sort((a, b) => {
    const aWeight = a.registerAuthOptions.getWeight()
    const bWeight = b.registerAuthOptions.getWeight()

    if (aWeight === bWeight) return 0
    if (aWeight > bWeight) return 1
    return -1
  })

  const loginOptions = {
    id: req.body.username,
    password: req.body.password
  }

  for (const pluginAuth of pluginAuths) {
    logger.debug(
      'Using auth method of %s to login %s with weight %d.',
      pluginAuth.npmName, loginOptions.id, pluginAuth.registerAuthOptions.getWeight()
    )

    const loginResult = await pluginAuth.registerAuthOptions.login(loginOptions)
    if (loginResult) {
      logger.info('Login success with plugin %s for %s.', pluginAuth.npmName, loginOptions.id)

      res.locals.bypassLogin = {
        bypass: true,
        pluginName: pluginAuth.npmName,
        user: {
          username: loginResult.username,
          email: loginResult.email,
          role: loginResult.role || UserRole.USER,
          displayName: loginResult.displayName || loginResult.username
        }
      }

      break
    }
  }

  return localLogin(req, res, next)
}

// ---------------------------------------------------------------------------

export {
  oAuthServer,
  handleIdAndPassLogin,
  onExternalAuthPlugin
}

// ---------------------------------------------------------------------------

function localLogin (req: express.Request, res: express.Response, next: express.NextFunction) {
  return oAuthServer.token()(req, res, err => {
    if (err) {
      return res.status(err.status)
                .json({
                  error: err.message,
                  code: err.name
                })
                .end()
    }

    return next()
  })
}
Commit	Line	Data
7fed6375 C	1	import * as express from 'express'
	2	import { OAUTH_LIFETIME } from '@server/initializers/constants'
	3	import * as OAuthServer from 'express-oauth-server'
	4	import { PluginManager } from '@server/lib/plugins/plugin-manager'
	5	import { RegisterServerAuthPassOptions } from '@shared/models/plugins/register-server-auth.model'
	6	import { logger } from '@server/helpers/logger'
	7	import { UserRole } from '@shared/models'
	8
	9	const oAuthServer = new OAuthServer({
	10	useErrorHandler: true,
	11	accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN,
	12	refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN,
	13	continueMiddleware: true,
	14	model: require('./oauth-model')
	15	})
	16
	17	function onExternalAuthPlugin (npmName: string, username: string, email: string) {
	18
	19	}
	20
	21	async function handleIdAndPassLogin (req: express.Request, res: express.Response, next: express.NextFunction) {
	22	const plugins = PluginManager.Instance.getIdAndPassAuths()
	23	const pluginAuths: { npmName?: string, registerAuthOptions: RegisterServerAuthPassOptions }[] = []
	24
	25	for (const plugin of plugins) {
	26	const auths = plugin.idAndPassAuths
	27
	28	for (const auth of auths) {
	29	pluginAuths.push({
	30	npmName: plugin.npmName,
	31	registerAuthOptions: auth
	32	})
	33	}
	34	}
	35
	36	pluginAuths.sort((a, b) => {
	37	const aWeight = a.registerAuthOptions.getWeight()
	38	const bWeight = b.registerAuthOptions.getWeight()
	39
	40	if (aWeight === bWeight) return 0
	41	if (aWeight > bWeight) return 1
	42	return -1
	43	})
	44
	45	const loginOptions = {
	46	id: req.body.username,
	47	password: req.body.password
	48	}
	49
	50	for (const pluginAuth of pluginAuths) {
	51	logger.debug(
	52	'Using auth method of %s to login %s with weight %d.',
	53	pluginAuth.npmName, loginOptions.id, pluginAuth.registerAuthOptions.getWeight()
	54	)
	55
	56	const loginResult = await pluginAuth.registerAuthOptions.login(loginOptions)
	57	if (loginResult) {
	58	logger.info('Login success with plugin %s for %s.', pluginAuth.npmName, loginOptions.id)
	59
	60	res.locals.bypassLogin = {
	61	bypass: true,
	62	pluginName: pluginAuth.npmName,
	63	user: {
	64	username: loginResult.username,
65	email: loginResult.email,
66	role: loginResult.role \|\| UserRole.USER,
67	displayName: loginResult.displayName \|\| loginResult.username
68	}
69	}
70
71	break
72	}
73	}
74
75	return localLogin(req, res, next)
76	}
77
78	// ---------------------------------------------------------------------------
79
80	export {
81	oAuthServer,
82	handleIdAndPassLogin,
83	onExternalAuthPlugin
84	}
85
86	// ---------------------------------------------------------------------------
87
88	function localLogin (req: express.Request, res: express.Response, next: express.NextFunction) {
89	return oAuthServer.token()(req, res, err => {
90	if (err) {
91	return res.status(err.status)
92	.json({
93	error: err.message,
94	code: err.name
95	})
96	.end()
97	}
98
99	return next()
100	})
101	}