aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2016-03-21 11:56:33 +0100
committerChocobozzz <florian.bigard@gmail.com>2016-03-21 11:56:33 +0100
commit9457bf88079a23d28011ff7c65faa56a548b7817 (patch)
treef4507aa5ad04b7fca4ab49acee5aa97c6c962f6c
parent233d12d8b1916eae5bae230dc965045adb89a173 (diff)
downloadPeerTube-9457bf88079a23d28011ff7c65faa56a548b7817.tar.gz
PeerTube-9457bf88079a23d28011ff7c65faa56a548b7817.tar.zst
PeerTube-9457bf88079a23d28011ff7c65faa56a548b7817.zip
OAuth server: first draft
-rw-r--r--package.json5
-rw-r--r--server.js8
-rw-r--r--server/controllers/api/v1/index.js2
-rw-r--r--server/controllers/api/v1/users.js22
-rw-r--r--server/middlewares/oauth2.js11
-rw-r--r--server/models/users.js108
6 files changed, 154 insertions, 2 deletions
diff --git a/package.json b/package.json
index a5f32fe11..e94d34fa1 100644
--- a/package.json
+++ b/package.json
@@ -31,7 +31,7 @@
31 "client:tsc": "cd client && npm run tsc", 31 "client:tsc": "cd client && npm run tsc",
32 "client:tsc:watch": "cd client && npm run tsc:w", 32 "client:tsc:watch": "cd client && npm run tsc:w",
33 "client:tsc:clean": "cd client && find angular -regextype posix-egrep -regex \".*\\.(js|map)$\" -exec rm -f {} \\;", 33 "client:tsc:clean": "cd client && find angular -regextype posix-egrep -regex \".*\\.(js|map)$\" -exec rm -f {} \\;",
34 "dev": "npm run build && concurrently \"npm run livereload\" \"npm run client:tsc:watch\" \"npm run client:sass:watch\" \"npm start\"", 34 "dev": "npm run build && NODE_ENV=test concurrently \"npm run livereload\" \"npm run client:tsc:watch\" \"npm run client:sass:watch\" \"npm start\"",
35 "livereload": "livereload ./client", 35 "livereload": "livereload ./client",
36 "start": "node server", 36 "start": "node server",
37 "test": "standard && mocha server/tests", 37 "test": "standard && mocha server/tests",
@@ -48,6 +48,7 @@
48 "dezalgo": "^1.0.3", 48 "dezalgo": "^1.0.3",
49 "electron-spawn": "https://github.com/Chocobozzz/electron-spawn", 49 "electron-spawn": "https://github.com/Chocobozzz/electron-spawn",
50 "express": "^4.12.4", 50 "express": "^4.12.4",
51 "express-oauth-server": "https://github.com/oauthjs/express-oauth-server",
51 "express-validator": "^2.11.0", 52 "express-validator": "^2.11.0",
52 "js-yaml": "^3.5.4", 53 "js-yaml": "^3.5.4",
53 "lodash-node": "^3.10.2", 54 "lodash-node": "^3.10.2",
@@ -62,7 +63,7 @@
62 "segfault-handler": "^1.0.0", 63 "segfault-handler": "^1.0.0",
63 "ursa": "^0.9.1", 64 "ursa": "^0.9.1",
64 "validator": "^5.0.0", 65 "validator": "^5.0.0",
65 "webtorrent": "^0.85.1", 66 "webtorrent": "^0.86.0",
66 "winston": "^2.1.1", 67 "winston": "^2.1.1",
67 "ws": "^1.0.1" 68 "ws": "^1.0.1"
68 }, 69 },
diff --git a/server.js b/server.js
index cf594453d..f9925eb24 100644
--- a/server.js
+++ b/server.js
@@ -119,6 +119,14 @@ app.use(function (err, req, res, next) {
119 res.sendStatus(err.status || 500) 119 res.sendStatus(err.status || 500)
120}) 120})
121 121
122// TODO: move into initializer
123require('./server/models/users').createClient('coucou', [ 'password' ], function (err, id) {
124 if (err) throw err
125 logger.info('Client id: ' + id)
126
127 require('./server/models/users').createUser('floflo', 'coucou', function () {})
128})
129
122// ----------- Create the certificates if they don't already exist ----------- 130// ----------- Create the certificates if they don't already exist -----------
123peertubeCrypto.createCertsIfNotExist(function (err) { 131peertubeCrypto.createCertsIfNotExist(function (err) {
124 if (err) throw err 132 if (err) throw err
diff --git a/server/controllers/api/v1/index.js b/server/controllers/api/v1/index.js
index 45f07ae1f..7b3ec32c0 100644
--- a/server/controllers/api/v1/index.js
+++ b/server/controllers/api/v1/index.js
@@ -6,10 +6,12 @@ const router = express.Router()
6 6
7const podsController = require('./pods') 7const podsController = require('./pods')
8const remoteVideosController = require('./remoteVideos') 8const remoteVideosController = require('./remoteVideos')
9const usersController = require('./users')
9const videosController = require('./videos') 10const videosController = require('./videos')
10 11
11router.use('/pods', podsController) 12router.use('/pods', podsController)
12router.use('/remotevideos', remoteVideosController) 13router.use('/remotevideos', remoteVideosController)
14router.use('/users', usersController)
13router.use('/videos', videosController) 15router.use('/videos', videosController)
14router.use('/*', badRequest) 16router.use('/*', badRequest)
15 17
diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js
new file mode 100644
index 000000000..acb860c66
--- /dev/null
+++ b/server/controllers/api/v1/users.js
@@ -0,0 +1,22 @@
1'use strict'
2
3var express = require('express')
4var oAuth2 = require('../../../middlewares/oauth2')
5
6const middleware = require('../../../middlewares')
7const cacheMiddleware = middleware.cache
8
9const router = express.Router()
10
11router.post('/token', cacheMiddleware.cache(false), oAuth2.token(), success)
12router.get('/authenticate', cacheMiddleware.cache(false), oAuth2.authenticate(), success)
13
14// ---------------------------------------------------------------------------
15
16module.exports = router
17
18// ---------------------------------------------------------------------------
19
20function success (req, res, next) {
21 res.end()
22}
diff --git a/server/middlewares/oauth2.js b/server/middlewares/oauth2.js
new file mode 100644
index 000000000..a1fa61fbb
--- /dev/null
+++ b/server/middlewares/oauth2.js
@@ -0,0 +1,11 @@
1'use strict'
2
3const OAuthServer = require('express-oauth-server')
4
5const oAuth2 = new OAuthServer({
6 model: require('../models/users')
7})
8
9// ---------------------------------------------------------------------------
10
11module.exports = oAuth2
diff --git a/server/models/users.js b/server/models/users.js
new file mode 100644
index 000000000..355d991bd
--- /dev/null
+++ b/server/models/users.js
@@ -0,0 +1,108 @@
1const mongoose = require('mongoose')
2
3const logger = require('../helpers/logger')
4
5// ---------------------------------------------------------------------------
6
7const oAuthTokensSchema = mongoose.Schema({
8 accessToken: String,
9 accessTokenExpiresOn: Date,
10 client: { type: mongoose.Schema.Types.ObjectId, ref: 'oAuthClients' },
11 refreshToken: String,
12 refreshTokenExpiresOn: Date,
13 user: { type: mongoose.Schema.Types.ObjectId, ref: 'users' }
14})
15const OAuthTokensDB = mongoose.model('oAuthTokens', oAuthTokensSchema)
16
17const oAuthClientsSchema = mongoose.Schema({
18 clientSecret: String,
19 grants: Array,
20 redirectUris: Array
21})
22const OAuthClientsDB = mongoose.model('oAuthClients', oAuthClientsSchema)
23
24const usersSchema = mongoose.Schema({
25 password: String,
26 username: String
27})
28const UsersDB = mongoose.model('users', usersSchema)
29
30// ---------------------------------------------------------------------------
31
32const Users = {
33 createClient: createClient,
34 createUser: createUser,
35 getAccessToken: getAccessToken,
36 getClient: getClient,
37 getRefreshToken: getRefreshToken,
38 getUser: getUser,
39 saveToken: saveToken
40}
41
42function createClient (secret, grants, callback) {
43 logger.debug('Creating client.')
44
45 const mongo_id = new mongoose.mongo.ObjectID()
46 return OAuthClientsDB.create({ _id: mongo_id, clientSecret: secret, grants: grants }, function (err) {
47 if (err) return callback(err)
48
49 return callback(null, mongo_id)
50 })
51}
52
53function createUser (username, password, callback) {
54 logger.debug('Creating user.')
55
56 return UsersDB.create({ username: username, password: password }, callback)
57}
58
59function getAccessToken (bearerToken, callback) {
60 logger.debug('Getting access token (bearerToken: ' + bearerToken + ').')
61
62 return OAuthTokensDB.findOne({ accessToken: bearerToken }).populate('user')
63}
64
65function getClient (clientId, clientSecret) {
66 logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').')
67
68 // TODO req validator
69 const mongo_id = new mongoose.mongo.ObjectID(clientId)
70 return OAuthClientsDB.findOne({ _id: mongo_id, clientSecret: clientSecret })
71}
72
73function getRefreshToken (refreshToken) {
74 logger.debug('Getting RefreshToken (refreshToken: ' + refreshToken + ').')
75
76 return OAuthTokensDB.findOne({ refreshToken: refreshToken })
77}
78
79function getUser (username, password) {
80 logger.debug('Getting User (username: ' + username + ', password: ' + password + ').')
81 return UsersDB.findOne({ username: username, password: password })
82}
83
84function saveToken (token, client, user) {
85 logger.debug('Saving token for client ' + client.id + ' and user ' + user.id + '.')
86
87 const token_to_create = {
88 accessToken: token.accessToken,
89 accessTokenExpiresOn: token.accessTokenExpiresOn,
90 client: client.id,
91 refreshToken: token.refreshToken,
92 refreshTokenExpiresOn: token.refreshTokenExpiresOn,
93 user: user.id
94 }
95
96 return OAuthTokensDB.create(token_to_create, function (err, token_created) {
97 if (err) throw err // node-oauth2-server library use Promise.try
98
99 token_created.client = client
100 token_created.user = user
101
102 return token_created
103 })
104}
105
106// ---------------------------------------------------------------------------
107
108module.exports = Users