X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=src%2Fauth.js;h=093f2978def17c4d27f4336367ba595485317a6a;hb=b3ff26fb1e2b4d07a1d7b00ee5ff6d72026c5427;hp=5f83cea3e9e8321027ce9d00fdd24ad53630d43d;hpb=9b7a26fc3708ac42d7d29c4329adbde465d29220;p=perso%2FImmae%2FProjets%2FNodejs%2FSurfer.git diff --git a/src/auth.js b/src/auth.js index 5f83cea..093f297 100644 --- a/src/auth.js +++ b/src/auth.js @@ -3,23 +3,57 @@ var passport = require('passport'), path = require('path'), safe = require('safetydance'), + fs = require('fs'), bcrypt = require('bcryptjs'), uuid = require('uuid/v4'), BearerStrategy = require('passport-http-bearer').Strategy, LdapStrategy = require('passport-ldapjs').Strategy, + HttpError = require('connect-lastmile').HttpError, HttpSuccess = require('connect-lastmile').HttpSuccess; -var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json'); +const LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json'); +const TOKENSTORE_FILE = path.resolve(process.env.TOKENSTORE_FILE || './.tokens.json'); + +var tokenStore = { + data: {}, + save: function () { + try { + fs.writeFileSync(TOKENSTORE_FILE, JSON.stringify(tokenStore.data), 'utf-8'); + } catch (e) { + console.error(`Unable to save tokenstore file at ${TOKENSTORE_FILE}`, e); + } + }, + get: function (token, callback) { + callback(tokenStore.data[token] ? null : 'not found', tokenStore.data[token]); + }, + set: function (token, data, callback) { + tokenStore.data[token] = data; + tokenStore.save(); + callback(null); + }, + del: function (token, callback) { + delete tokenStore.data[token]; + tokenStore.save(); + callback(null); + } +}; -var gTokenStore = {}; +// load token store data if any +try { + console.log(`Using tokenstore file: ${TOKENSTORE_FILE}`); + tokenStore.data = JSON.parse(fs.readFileSync(TOKENSTORE_FILE, 'utf-8')); +} catch (e) { + // start with empty token store +} function issueAccessToken() { return function (req, res, next) { var accessToken = uuid(); - gTokenStore[accessToken] = req.user; - - next(new HttpSuccess(201, { accessToken: accessToken, user: req.user })); + tokenStore.set(accessToken, req.user, function (error) { + if (error) return next(new HttpError(500, error)); + next(new HttpSuccess(201, { accessToken: accessToken, user: req.user })); + }); }; } @@ -37,11 +71,11 @@ var LDAP_URL = process.env.LDAP_URL; var LDAP_USERS_BASE_DN = process.env.LDAP_USERS_BASE_DN; if (LDAP_URL && LDAP_USERS_BASE_DN) { - console.log('Enable ldap auth'); + console.log('Using ldap auth'); exports.login = [ passport.authenticate('ldap'), issueAccessToken() ]; } else { - console.log('Use local user file:', LOCAL_AUTH_FILE); + console.log(`Using local user file: ${LOCAL_AUTH_FILE}`); exports.login = [ function (req, res, next) { @@ -85,15 +119,22 @@ passport.use(new LdapStrategy(opts, function (profile, done) { exports.verify = passport.authenticate('bearer', { session: false }); passport.use(new BearerStrategy(function (token, done) { - if (!gTokenStore[token]) return done(null, false); - - return done(null, gTokenStore[token], { accessToken: token }); + tokenStore.get(token, function (error, result) { + if (error) { + console.error(error); + return done(null, false); + } + + done(null, result, { accessToken: token }); + }); })); exports.logout = function (req, res, next) { - delete gTokenStore[req.authInfo.accessToken]; + tokenStore.del(req.authInfo.accessToken, function (error) { + if (error) console.error(error); - next(new HttpSuccess(200, {})); + next(new HttpSuccess(200, {})); + }); }; exports.getProfile = function (req, res, next) {