X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Flib%2Foauth-model.ts;h=3273c6c2d485bacc345db5da47afe1f6ea5be024;hb=ef680f68351ec10ab73a1131570a6d14ce14c195;hp=6eb0e447320189343b97b753baa29df9784f906b;hpb=e307e4fce39853d445d086f92b8c556c363ee15d;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/lib/oauth-model.ts b/server/lib/oauth-model.ts index 6eb0e4473..3273c6c2d 100644 --- a/server/lib/oauth-model.ts +++ b/server/lib/oauth-model.ts @@ -8,12 +8,13 @@ import { LRU_CACHE } from '../initializers/constants' import { Transaction } from 'sequelize' import { CONFIG } from '../initializers/config' import * as LRUCache from 'lru-cache' -import { MOAuthTokenUser } from '@server/typings/models/oauth/oauth-token' -import { MUser } from '@server/typings/models/user/user' +import { MOAuthTokenUser } from '@server/types/models/oauth/oauth-token' +import { MUser } from '@server/types/models/user/user' import { UserAdminFlag } from '@shared/models/users/user-flag.model' import { createUserAccountAndChannelAndPlaylist } from './user' import { UserRole } from '@shared/models/users/user-role' import { PluginManager } from '@server/lib/plugins/plugin-manager' +import { ActorModel } from '@server/models/activitypub/actor' type TokenInfo = { accessToken: string, refreshToken: string, accessTokenExpiresAt: Date, refreshTokenExpiresAt: Date } @@ -98,7 +99,7 @@ async function getRefreshToken (refreshToken: string) { return tokenInfo } -async function getUser (usernameOrEmail: string, password: string) { +async function getUser (usernameOrEmail?: string, password?: string) { const res: express.Response = this.request.res // Special treatment coming from a plugin @@ -109,20 +110,27 @@ async function getUser (usernameOrEmail: string, password: string) { let user = await UserModel.loadByEmail(obj.user.email) if (!user) user = await createUserFromExternal(obj.pluginName, obj.user) - // This user does not belong to this plugin, skip it - if (user.pluginAuth !== obj.pluginName) return null + // Cannot create a user + if (!user) throw new AccessDeniedError('Cannot create such user: an actor with that name already exists.') - return user + // If the user does not belongs to a plugin, it was created before its installation + // Then we just go through a regular login process + if (user.pluginAuth !== null) { + // This user does not belong to this plugin, skip it + if (user.pluginAuth !== obj.pluginName) return null + + return user + } } logger.debug('Getting User (username/email: ' + usernameOrEmail + ', password: ******).') const user = await UserModel.loadByUsernameOrEmail(usernameOrEmail) // If we don't find the user, or if the user belongs to a plugin - if (!user || user.pluginAuth !== null) return null + if (!user || user.pluginAuth !== null || !password) return null const passwordMatch = await user.isPasswordMatch(password) - if (passwordMatch === false) return null + if (passwordMatch !== true) return null if (user.blocked) throw new AccessDeniedError('User is blocked.') @@ -139,7 +147,7 @@ async function revokeToken (tokenInfo: { refreshToken: string }) { if (token) { if (res.locals.explicitLogout === true && token.User.pluginAuth && token.authName) { - PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName) + PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName, token.User) } clearCacheByToken(token.accessToken) @@ -176,6 +184,10 @@ async function saveToken (token: TokenInfo, client: OAuthClientModel, user: User } const tokenCreated = await OAuthTokenModel.create(tokenToCreate) + + user.lastLoginDate = new Date() + await user.save() + return Object.assign(tokenCreated, { client, user }) } @@ -200,6 +212,10 @@ async function createUserFromExternal (pluginAuth: string, options: { role: UserRole displayName: string }) { + // Check an actor does not already exists with that name (removed user) + const actor = await ActorModel.loadLocalByName(options.username) + if (actor) return null + const userToCreate = new UserModel({ username: options.username, password: null,