aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/lib/auth.ts
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2020-04-23 11:36:50 +0200
committerChocobozzz <chocobozzz@cpy.re>2020-05-04 16:21:39 +0200
commite1c5503114deef954731904695cd40dccfcef555 (patch)
tree72cec4ee691a3362a7d024dc830d215a6b2c800a /server/lib/auth.ts
parent8dc8a34ee8428e7657414115d1c137592efa174d (diff)
downloadPeerTube-e1c5503114deef954731904695cd40dccfcef555.tar.gz
PeerTube-e1c5503114deef954731904695cd40dccfcef555.tar.zst
PeerTube-e1c5503114deef954731904695cd40dccfcef555.zip
Support logout and add id and pass tests
Diffstat (limited to 'server/lib/auth.ts')
-rw-r--r--server/lib/auth.ts50
1 files changed, 44 insertions, 6 deletions
diff --git a/server/lib/auth.ts b/server/lib/auth.ts
index 18d52fa5a..3495571db 100644
--- a/server/lib/auth.ts
+++ b/server/lib/auth.ts
@@ -5,6 +5,7 @@ import { PluginManager } from '@server/lib/plugins/plugin-manager'
5import { RegisterServerAuthPassOptions } from '@shared/models/plugins/register-server-auth.model' 5import { RegisterServerAuthPassOptions } from '@shared/models/plugins/register-server-auth.model'
6import { logger } from '@server/helpers/logger' 6import { logger } from '@server/helpers/logger'
7import { UserRole } from '@shared/models' 7import { UserRole } from '@shared/models'
8import { revokeToken } from '@server/lib/oauth-model'
8 9
9const oAuthServer = new OAuthServer({ 10const oAuthServer = new OAuthServer({
10 useErrorHandler: true, 11 useErrorHandler: true,
@@ -37,8 +38,9 @@ async function handleIdAndPassLogin (req: express.Request, res: express.Response
37 const aWeight = a.registerAuthOptions.getWeight() 38 const aWeight = a.registerAuthOptions.getWeight()
38 const bWeight = b.registerAuthOptions.getWeight() 39 const bWeight = b.registerAuthOptions.getWeight()
39 40
41 // DESC weight order
40 if (aWeight === bWeight) return 0 42 if (aWeight === bWeight) return 0
41 if (aWeight > bWeight) return 1 43 if (aWeight < bWeight) return 1
42 return -1 44 return -1
43 }) 45 })
44 46
@@ -48,18 +50,24 @@ async function handleIdAndPassLogin (req: express.Request, res: express.Response
48 } 50 }
49 51
50 for (const pluginAuth of pluginAuths) { 52 for (const pluginAuth of pluginAuths) {
53 const authOptions = pluginAuth.registerAuthOptions
54
51 logger.debug( 55 logger.debug(
52 'Using auth method of %s to login %s with weight %d.', 56 'Using auth method %s of plugin %s to login %s with weight %d.',
53 pluginAuth.npmName, loginOptions.id, pluginAuth.registerAuthOptions.getWeight() 57 authOptions.authName, pluginAuth.npmName, loginOptions.id, authOptions.getWeight()
54 ) 58 )
55 59
56 const loginResult = await pluginAuth.registerAuthOptions.login(loginOptions) 60 const loginResult = await authOptions.login(loginOptions)
57 if (loginResult) { 61 if (loginResult) {
58 logger.info('Login success with plugin %s for %s.', pluginAuth.npmName, loginOptions.id) 62 logger.info(
63 'Login success with auth method %s of plugin %s for %s.',
64 authOptions.authName, pluginAuth.npmName, loginOptions.id
65 )
59 66
60 res.locals.bypassLogin = { 67 res.locals.bypassLogin = {
61 bypass: true, 68 bypass: true,
62 pluginName: pluginAuth.npmName, 69 pluginName: pluginAuth.npmName,
70 authName: authOptions.authName,
63 user: { 71 user: {
64 username: loginResult.username, 72 username: loginResult.username,
65 email: loginResult.email, 73 email: loginResult.email,
@@ -75,12 +83,40 @@ async function handleIdAndPassLogin (req: express.Request, res: express.Response
75 return localLogin(req, res, next) 83 return localLogin(req, res, next)
76} 84}
77 85
86async function handleTokenRevocation (req: express.Request, res: express.Response) {
87 const token = res.locals.oauth.token
88
89 PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName)
90
91 await revokeToken(token)
92 .catch(err => {
93 logger.error('Cannot revoke token.', err)
94 })
95
96 // FIXME: uncomment when https://github.com/oauthjs/node-oauth2-server/pull/289 is released
97 // oAuthServer.revoke(req, res, err => {
98 // if (err) {
99 // logger.warn('Error in revoke token handler.', { err })
100 //
101 // return res.status(err.status)
102 // .json({
103 // error: err.message,
104 // code: err.name
105 // })
106 // .end()
107 // }
108 // })
109
110 return res.sendStatus(200)
111}
112
78// --------------------------------------------------------------------------- 113// ---------------------------------------------------------------------------
79 114
80export { 115export {
81 oAuthServer, 116 oAuthServer,
82 handleIdAndPassLogin, 117 handleIdAndPassLogin,
83 onExternalAuthPlugin 118 onExternalAuthPlugin,
119 handleTokenRevocation
84} 120}
85 121
86// --------------------------------------------------------------------------- 122// ---------------------------------------------------------------------------
@@ -88,6 +124,8 @@ export {
88function localLogin (req: express.Request, res: express.Response, next: express.NextFunction) { 124function localLogin (req: express.Request, res: express.Response, next: express.NextFunction) {
89 return oAuthServer.token()(req, res, err => { 125 return oAuthServer.token()(req, res, err => {
90 if (err) { 126 if (err) {
127 logger.warn('Login error.', { err })
128
91 return res.status(err.status) 129 return res.status(err.status)
92 .json({ 130 .json({
93 error: err.message, 131 error: err.message,