aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/lib/auth.ts
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2020-04-22 16:07:04 +0200
committerChocobozzz <chocobozzz@cpy.re>2020-05-04 16:21:39 +0200
commit7fed637506043e4432cbebe041ada0625171cceb (patch)
tree07f174e17c4b4a0b3d43a0fa6944865c06234338 /server/lib/auth.ts
parent8d4197637868d5cde49434e937186b57e40f4b2b (diff)
downloadPeerTube-7fed637506043e4432cbebe041ada0625171cceb.tar.gz
PeerTube-7fed637506043e4432cbebe041ada0625171cceb.tar.zst
PeerTube-7fed637506043e4432cbebe041ada0625171cceb.zip
Begin auth plugin support
Diffstat (limited to 'server/lib/auth.ts')
-rw-r--r--server/lib/auth.ts101
1 files changed, 101 insertions, 0 deletions
diff --git a/server/lib/auth.ts b/server/lib/auth.ts
new file mode 100644
index 000000000..18d52fa5a
--- /dev/null
+++ b/server/lib/auth.ts
@@ -0,0 +1,101 @@
1import * as express from 'express'
2import { OAUTH_LIFETIME } from '@server/initializers/constants'
3import * as OAuthServer from 'express-oauth-server'
4import { PluginManager } from '@server/lib/plugins/plugin-manager'
5import { RegisterServerAuthPassOptions } from '@shared/models/plugins/register-server-auth.model'
6import { logger } from '@server/helpers/logger'
7import { UserRole } from '@shared/models'
8
9const oAuthServer = new OAuthServer({
10 useErrorHandler: true,
11 accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN,
12 refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN,
13 continueMiddleware: true,
14 model: require('./oauth-model')
15})
16
17function onExternalAuthPlugin (npmName: string, username: string, email: string) {
18
19}
20
21async function handleIdAndPassLogin (req: express.Request, res: express.Response, next: express.NextFunction) {
22 const plugins = PluginManager.Instance.getIdAndPassAuths()
23 const pluginAuths: { npmName?: string, registerAuthOptions: RegisterServerAuthPassOptions }[] = []
24
25 for (const plugin of plugins) {
26 const auths = plugin.idAndPassAuths
27
28 for (const auth of auths) {
29 pluginAuths.push({
30 npmName: plugin.npmName,
31 registerAuthOptions: auth
32 })
33 }
34 }
35
36 pluginAuths.sort((a, b) => {
37 const aWeight = a.registerAuthOptions.getWeight()
38 const bWeight = b.registerAuthOptions.getWeight()
39
40 if (aWeight === bWeight) return 0
41 if (aWeight > bWeight) return 1
42 return -1
43 })
44
45 const loginOptions = {
46 id: req.body.username,
47 password: req.body.password
48 }
49
50 for (const pluginAuth of pluginAuths) {
51 logger.debug(
52 'Using auth method of %s to login %s with weight %d.',
53 pluginAuth.npmName, loginOptions.id, pluginAuth.registerAuthOptions.getWeight()
54 )
55
56 const loginResult = await pluginAuth.registerAuthOptions.login(loginOptions)
57 if (loginResult) {
58 logger.info('Login success with plugin %s for %s.', pluginAuth.npmName, loginOptions.id)
59
60 res.locals.bypassLogin = {
61 bypass: true,
62 pluginName: pluginAuth.npmName,
63 user: {
64 username: loginResult.username,
65 email: loginResult.email,
66 role: loginResult.role || UserRole.USER,
67 displayName: loginResult.displayName || loginResult.username
68 }
69 }
70
71 break
72 }
73 }
74
75 return localLogin(req, res, next)
76}
77
78// ---------------------------------------------------------------------------
79
80export {
81 oAuthServer,
82 handleIdAndPassLogin,
83 onExternalAuthPlugin
84}
85
86// ---------------------------------------------------------------------------
87
88function localLogin (req: express.Request, res: express.Response, next: express.NextFunction) {
89 return oAuthServer.token()(req, res, err => {
90 if (err) {
91 return res.status(err.status)
92 .json({
93 error: err.message,
94 code: err.name
95 })
96 .end()
97 }
98
99 return next()
100 })
101}