aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/lib/oauth-model.ts
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2020-04-23 11:36:50 +0200
committerChocobozzz <chocobozzz@cpy.re>2020-05-04 16:21:39 +0200
commite1c5503114deef954731904695cd40dccfcef555 (patch)
tree72cec4ee691a3362a7d024dc830d215a6b2c800a /server/lib/oauth-model.ts
parent8dc8a34ee8428e7657414115d1c137592efa174d (diff)
downloadPeerTube-e1c5503114deef954731904695cd40dccfcef555.tar.gz
PeerTube-e1c5503114deef954731904695cd40dccfcef555.tar.zst
PeerTube-e1c5503114deef954731904695cd40dccfcef555.zip
Support logout and add id and pass tests
Diffstat (limited to 'server/lib/oauth-model.ts')
-rw-r--r--server/lib/oauth-model.ts19
1 files changed, 17 insertions, 2 deletions
diff --git a/server/lib/oauth-model.ts b/server/lib/oauth-model.ts
index ea4a67802..7a6ed63be 100644
--- a/server/lib/oauth-model.ts
+++ b/server/lib/oauth-model.ts
@@ -14,6 +14,7 @@ import { MUser } from '@server/typings/models/user/user'
14import { UserAdminFlag } from '@shared/models/users/user-flag.model' 14import { UserAdminFlag } from '@shared/models/users/user-flag.model'
15import { createUserAccountAndChannelAndPlaylist } from './user' 15import { createUserAccountAndChannelAndPlaylist } from './user'
16import { UserRole } from '@shared/models/users/user-role' 16import { UserRole } from '@shared/models/users/user-role'
17import { PluginManager } from '@server/lib/plugins/plugin-manager'
17 18
18type TokenInfo = { accessToken: string, refreshToken: string, accessTokenExpiresAt: Date, refreshTokenExpiresAt: Date } 19type TokenInfo = { accessToken: string, refreshToken: string, accessTokenExpiresAt: Date, refreshTokenExpiresAt: Date }
19 20
@@ -82,7 +83,7 @@ async function getUser (usernameOrEmail: string, password: string) {
82 const obj = res.locals.bypassLogin 83 const obj = res.locals.bypassLogin
83 logger.info('Bypassing oauth login by plugin %s.', obj.pluginName) 84 logger.info('Bypassing oauth login by plugin %s.', obj.pluginName)
84 85
85 let user = await UserModel.loadByEmail(obj.user.username) 86 let user = await UserModel.loadByEmail(obj.user.email)
86 if (!user) user = await createUserFromExternal(obj.pluginName, obj.user) 87 if (!user) user = await createUserFromExternal(obj.pluginName, obj.user)
87 88
88 // This user does not belong to this plugin, skip it 89 // This user does not belong to this plugin, skip it
@@ -94,7 +95,8 @@ async function getUser (usernameOrEmail: string, password: string) {
94 logger.debug('Getting User (username/email: ' + usernameOrEmail + ', password: ******).') 95 logger.debug('Getting User (username/email: ' + usernameOrEmail + ', password: ******).')
95 96
96 const user = await UserModel.loadByUsernameOrEmail(usernameOrEmail) 97 const user = await UserModel.loadByUsernameOrEmail(usernameOrEmail)
97 if (!user) return null 98 // If we don't find the user, or if the user belongs to a plugin
99 if (!user || user.pluginAuth !== null) return null
98 100
99 const passwordMatch = await user.isPasswordMatch(password) 101 const passwordMatch = await user.isPasswordMatch(password)
100 if (passwordMatch === false) return null 102 if (passwordMatch === false) return null
@@ -109,8 +111,14 @@ async function getUser (usernameOrEmail: string, password: string) {
109} 111}
110 112
111async function revokeToken (tokenInfo: TokenInfo) { 113async function revokeToken (tokenInfo: TokenInfo) {
114 const res: express.Response = this.request.res
112 const token = await OAuthTokenModel.getByRefreshTokenAndPopulateUser(tokenInfo.refreshToken) 115 const token = await OAuthTokenModel.getByRefreshTokenAndPopulateUser(tokenInfo.refreshToken)
116
113 if (token) { 117 if (token) {
118 if (res.locals.explicitLogout === true && token.User.pluginAuth && token.authName) {
119 PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName)
120 }
121
114 clearCacheByToken(token.accessToken) 122 clearCacheByToken(token.accessToken)
115 123
116 token.destroy() 124 token.destroy()
@@ -123,6 +131,12 @@ async function revokeToken (tokenInfo: TokenInfo) {
123} 131}
124 132
125async function saveToken (token: TokenInfo, client: OAuthClientModel, user: UserModel) { 133async function saveToken (token: TokenInfo, client: OAuthClientModel, user: UserModel) {
134 const res: express.Response = this.request.res
135
136 const authName = res.locals.bypassLogin?.bypass === true
137 ? res.locals.bypassLogin.authName
138 : null
139
126 logger.debug('Saving token ' + token.accessToken + ' for client ' + client.id + ' and user ' + user.id + '.') 140 logger.debug('Saving token ' + token.accessToken + ' for client ' + client.id + ' and user ' + user.id + '.')
127 141
128 const tokenToCreate = { 142 const tokenToCreate = {
@@ -130,6 +144,7 @@ async function saveToken (token: TokenInfo, client: OAuthClientModel, user: User
130 accessTokenExpiresAt: token.accessTokenExpiresAt, 144 accessTokenExpiresAt: token.accessTokenExpiresAt,
131 refreshToken: token.refreshToken, 145 refreshToken: token.refreshToken,
132 refreshTokenExpiresAt: token.refreshTokenExpiresAt, 146 refreshTokenExpiresAt: token.refreshTokenExpiresAt,
147 authName,
133 oAuthClientId: client.id, 148 oAuthClientId: client.id,
134 userId: user.id 149 userId: user.id
135 } 150 }