[github/Chocobozzz/PeerTube.git] / server / lib / oauth-model.js

const db = require('../initializers/database')
const logger = require('../helpers/logger')

// See https://github.com/oauthjs/node-oauth2-server/wiki/Model-specification for the model specifications
const OAuthModel = {
  getAccessToken,
  getClient,
  getRefreshToken,
  getUser,
  revokeToken,
  saveToken
}

// ---------------------------------------------------------------------------

function getAccessToken (bearerToken) {
  logger.debug('Getting access token (bearerToken: ' + bearerToken + ').')

  return db.OAuthToken.getByTokenAndPopulateUser(bearerToken)
}

function getClient (clientId, clientSecret) {
  logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').')

  return db.OAuthClient.getByIdAndSecret(clientId, clientSecret)
}

function getRefreshToken (refreshToken) {
  logger.debug('Getting RefreshToken (refreshToken: ' + refreshToken + ').')

  return db.OAuthToken.getByRefreshTokenAndPopulateClient(refreshToken)
}

function getUser (username, password) {
  logger.debug('Getting User (username: ' + username + ', password: ' + password + ').')

  return db.User.getByUsername(username).then(function (user) {
    if (!user) return null

    // We need to return a promise
    return new Promise(function (resolve, reject) {
      return user.isPasswordMatch(password, function (err, isPasswordMatch) {
        if (err) return reject(err)

        if (isPasswordMatch === true) {
          return resolve(user)
        }

        return resolve(null)
      })
    })
  })
}

function revokeToken (token) {
  return db.OAuthToken.getByRefreshTokenAndPopulateUser(token.refreshToken).then(function (tokenDB) {
    if (tokenDB) tokenDB.destroy()

    /*
      * Thanks to https://github.com/manjeshpv/node-oauth2-server-implementation/blob/master/components/oauth/mongo-models.js
      * "As per the discussion we need set older date
      * revokeToken will expected return a boolean in future version
      * https://github.com/oauthjs/node-oauth2-server/pull/274
      * https://github.com/oauthjs/node-oauth2-server/issues/290"
    */
    const expiredToken = tokenDB
    expiredToken.refreshTokenExpiresAt = new Date('2015-05-28T06:59:53.000Z')

    return expiredToken
  })
}

function saveToken (token, client, user) {
  logger.debug('Saving token ' + token.accessToken + ' for client ' + client.id + ' and user ' + user.id + '.')

  const tokenToCreate = {
    accessToken: token.accessToken,
    accessTokenExpiresAt: token.accessTokenExpiresAt,
    refreshToken: token.refreshToken,
    refreshTokenExpiresAt: token.refreshTokenExpiresAt,
    oAuthClientId: client.id,
    userId: user.id
  }

  return db.OAuthToken.create(tokenToCreate).then(function (tokenCreated) {
    tokenCreated.client = client
    tokenCreated.user = user

    return tokenCreated
  }).catch(function (err) {
    throw err
  })
}

// ---------------------------------------------------------------------------

module.exports = OAuthModel
Commit	Line	Data
feb4bdfd	1	const db = require('../initializers/database')
69b0a27c C	2	const logger = require('../helpers/logger')
69b0a27c C	3
69b0a27c C	4	// See https://github.com/oauthjs/node-oauth2-server/wiki/Model-specification for the model specifications
69b0a27c C	5	const OAuthModel = {
c4403b29 C	6	getAccessToken,
	7	getClient,
	8	getRefreshToken,
	9	getUser,
	10	revokeToken,
	11	saveToken
69b0a27c C	12	}
	13
	14	// ---------------------------------------------------------------------------
	15
	16	function getAccessToken (bearerToken) {
	17	logger.debug('Getting access token (bearerToken: ' + bearerToken + ').')
	18
feb4bdfd	19	return db.OAuthToken.getByTokenAndPopulateUser(bearerToken)
69b0a27c C	20	}
	21
	22	function getClient (clientId, clientSecret) {
	23	logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').')
	24
feb4bdfd	25	return db.OAuthClient.getByIdAndSecret(clientId, clientSecret)
69b0a27c C	26	}
69b0a27c C	27
fab69ab8	28	function getRefreshToken (refreshToken) {
69b0a27c C	29	logger.debug('Getting RefreshToken (refreshToken: ' + refreshToken + ').')
69b0a27c C	30
feb4bdfd	31	return db.OAuthToken.getByRefreshTokenAndPopulateClient(refreshToken)
69b0a27c C	32	}
	33
	34	function getUser (username, password) {
	35	logger.debug('Getting User (username: ' + username + ', password: ' + password + ').')
	36
feb4bdfd	37	return db.User.getByUsername(username).then(function (user) {
26d7d31b C	38	if (!user) return null
	39
	40	// We need to return a promise
	41	return new Promise(function (resolve, reject) {
	42	return user.isPasswordMatch(password, function (err, isPasswordMatch) {
	43	if (err) return reject(err)
	44
	45	if (isPasswordMatch === true) {
	46	return resolve(user)
	47	}
	48
	49	return resolve(null)
	50	})
	51	})
	52	})
2f372a86 C	53	}
	54
	55	function revokeToken (token) {
feb4bdfd C	56	return db.OAuthToken.getByRefreshTokenAndPopulateUser(token.refreshToken).then(function (tokenDB) {
feb4bdfd C	57	if (tokenDB) tokenDB.destroy()
2f372a86 C	58
	59	/*
	60	* Thanks to https://github.com/manjeshpv/node-oauth2-server-implementation/blob/master/components/oauth/mongo-models.js
	61	* "As per the discussion we need set older date
	62	* revokeToken will expected return a boolean in future version
	63	* https://github.com/oauthjs/node-oauth2-server/pull/274
	64	* https://github.com/oauthjs/node-oauth2-server/issues/290"
	65	*/
	66	const expiredToken = tokenDB
	67	expiredToken.refreshTokenExpiresAt = new Date('2015-05-28T06:59:53.000Z')
bf2fc85c	68
2f372a86 C	69	return expiredToken
2f372a86 C	70	})
69b0a27c C	71	}
	72
	73	function saveToken (token, client, user) {
32bb4156	74	logger.debug('Saving token ' + token.accessToken + ' for client ' + client.id + ' and user ' + user.id + '.')
69b0a27c	75
feb4bdfd	76	const tokenToCreate = {
69b0a27c	77	accessToken: token.accessToken,
2f372a86	78	accessTokenExpiresAt: token.accessTokenExpiresAt,
69b0a27c	79	refreshToken: token.refreshToken,
2f372a86	80	refreshTokenExpiresAt: token.refreshTokenExpiresAt,
feb4bdfd C	81	oAuthClientId: client.id,
	82	userId: user.id
	83	}
69b0a27c	84
feb4bdfd	85	return db.OAuthToken.create(tokenToCreate).then(function (tokenCreated) {
69b0a27c C	86	tokenCreated.client = client
69b0a27c C	87	tokenCreated.user = user
feb4bdfd	88
69b0a27c	89	return tokenCreated
32bb4156 C	90	}).catch(function (err) {
32bb4156 C	91	throw err
69b0a27c C	92	})
	93	}
	94
	95	// ---------------------------------------------------------------------------
	96
	97	module.exports = OAuthModel