Add plugin auth migrations

author: Chocobozzz <me@florianbigard.com> 2020-04-27 10:19:14 +0200
committer: Chocobozzz <chocobozzz@cpy.re> 2020-05-04 16:21:39 +0200
commit: 055cfb11a9d688dbc2dce5c164d1f0b311918378 (patch)
tree: c93f008b3e5463a9b8d024b45e5ba4b9f549a76b /server
parent: e307e4fce39853d445d086f92b8c556c363ee15d (diff)
download: PeerTube-055cfb11a9d688dbc2dce5c164d1f0b311918378.tar.gz
PeerTube-055cfb11a9d688dbc2dce5c164d1f0b311918378.tar.zst
PeerTube-055cfb11a9d688dbc2dce5c164d1f0b311918378.zip
6 files changed, 92 insertions, 49 deletions
diff --git a/server/initializers/migrations/0485-video-file-metadata.ts b/server/initializers/migrations/0485-video-file-metadata.ts
deleted file mode 100644
index 5d95be024..000000000
--- a/server/initializers/migrations/0485-video-file-metadata.ts
+++ /dev/null
@@ -1,30 +0,0 @@
-import * as Sequelize from 'sequelize'
-async function up (utils: {
-  transaction: Sequelize.Transaction
-  queryInterface: Sequelize.QueryInterface
-  sequelize: Sequelize.Sequelize
-}): Promise<void> {
-  const metadata = {
-    type: Sequelize.JSONB,
-    allowNull: true
-  }
-  await utils.queryInterface.addColumn('videoFile', 'metadata', metadata)
-  const metadataUrl = {
-    type: Sequelize.STRING,
-    allowNull: true
-  }
-  await utils.queryInterface.addColumn('videoFile', 'metadataUrl', metadataUrl)
-}
-function down (options) {
-  throw new Error('Not implemented.')
-}
-export {
-  up,
-  down
-}
diff --git a/server/initializers/migrations/0490-plugin-auth.ts b/server/initializers/migrations/0490-plugin-auth.ts
new file mode 100644
index 000000000..ea636a4ad
--- /dev/null
+++ b/server/initializers/migrations/0490-plugin-auth.ts
@@ -0,0 +1,42 @@
+import * as Sequelize from 'sequelize'
+async function up (utils: {
+  transaction: Sequelize.Transaction
+  queryInterface: Sequelize.QueryInterface
+  sequelize: Sequelize.Sequelize
+}): Promise<void> {
+  {
+    const password = {
+      type: Sequelize.STRING,
+      allowNull: true
+    }
+    await utils.queryInterface.changeColumn('user', 'password', password)
+  }
+  {
+    const pluginAuth = {
+      type: Sequelize.STRING,
+      allowNull: true
+    }
+    await utils.queryInterface.addColumn('user', 'pluginAuth', pluginAuth)
+  }
+  {
+    const authName = {
+      type: Sequelize.STRING,
+      allowNull: true
+    }
+    await utils.queryInterface.addColumn('oAuthToken', 'authName', authName)
+  }
+}
+function down (options) {
+  throw new Error('Not implemented.')
+}
+export {
+  up,
+  down
+}
diff --git a/server/lib/auth.ts b/server/lib/auth.ts
index c2a6fcaff..c47ec62d0 100644
--- a/server/lib/auth.ts
+++ b/server/lib/auth.ts
@@ -126,26 +126,30 @@ async function proxifyPasswordGrant (req: express.Request, res: express.Response
      authOptions.authName, pluginAuth.npmName, loginOptions.id, authOptions.getWeight()
    )
-    const loginResult = await authOptions.login(loginOptions)
+    try {
-    if (loginResult) {
+      const loginResult = await authOptions.login(loginOptions)
-      logger.info(
+      if (loginResult) {
-        'Login success with auth method %s of plugin %s for %s.',
+        logger.info(
-        authOptions.authName, pluginAuth.npmName, loginOptions.id
+          'Login success with auth method %s of plugin %s for %s.',
-      )
+          authOptions.authName, pluginAuth.npmName, loginOptions.id
+        )
-      res.locals.bypassLogin = {
-        bypass: true,
+        res.locals.bypassLogin = {
-        pluginName: pluginAuth.npmName,
+          bypass: true,
-        authName: authOptions.authName,
+          pluginName: pluginAuth.npmName,
-        user: {
+          authName: authOptions.authName,
-          username: loginResult.username,
+          user: {
-          email: loginResult.email,
+            username: loginResult.username,
-          role: loginResult.role || UserRole.USER,
+            email: loginResult.email,
-          displayName: loginResult.displayName || loginResult.username
+            role: loginResult.role || UserRole.USER,
+            displayName: loginResult.displayName || loginResult.username
+          }
        }
-      }
-      return
+        return
+      }
+    } catch (err) {
+      logger.error('Error in auth method %s of plugin %s', authOptions.authName, pluginAuth.npmName, { err })
    }
  }
 }
diff --git a/server/lib/plugins/register-helpers-store.ts b/server/lib/plugins/register-helpers-store.ts
index 679ed3650..687974ccf 100644
--- a/server/lib/plugins/register-helpers-store.ts
+++ b/server/lib/plugins/register-helpers-store.ts
@@ -198,6 +198,8 @@ export class RegisterHelpersStore {
    return {
      getSetting: (name: string) => PluginModel.getSetting(this.plugin.name, this.plugin.type, name),
+      getSettings: (names: string[]) => PluginModel.getSettings(this.plugin.name, this.plugin.type, names),
      setSetting: (name: string, value: string) => PluginModel.setSetting(this.plugin.name, this.plugin.type, name, value)
    }
  }
diff --git a/server/models/server/plugin.ts b/server/models/server/plugin.ts
index 95774a467..83c873c5b 100644
--- a/server/models/server/plugin.ts
+++ b/server/models/server/plugin.ts
@@ -129,6 +129,31 @@ export class PluginModel extends Model<PluginModel> {
      })
  }
+  static getSettings (pluginName: string, pluginType: PluginType, settingNames: string[]) {
+    const query = {
+      attributes: [ 'settings' ],
+      where: {
+        name: pluginName,
+        type: pluginType
+      }
+    }
+    return PluginModel.findOne(query)
+      .then(p => {
+        if (!p || !p.settings) return {}
+        const result: { [settingName: string ]: string } = {}
+        for (const key of Object.keys(p.settings)) {
+          if (settingNames.includes(key)) {
+            result[key] = p.settings[key]
+          }
+        }
+        return result
+      })
+  }
  static setSetting (pluginName: string, pluginType: PluginType, settingName: string, settingValue: string) {
    const query = {
      where: {
diff --git a/server/tests/plugins/id-and-pass-auth.ts b/server/tests/plugins/id-and-pass-auth.ts
index 0268d35a0..caf65b55f 100644
--- a/server/tests/plugins/id-and-pass-auth.ts
+++ b/server/tests/plugins/id-and-pass-auth.ts
@@ -143,7 +143,7 @@ describe('Test id and pass auth plugins', function () {
    expect(body.role).to.equal(UserRole.MODERATOR)
  })
-  it('Should correctly auth token of laguna', async function () {
+  it('Should reject token of laguna by the plugin hook', async function () {
    this.timeout(10000)
    await wait(5000)
author	Chocobozzz <me@florianbigard.com>	2020-04-27 10:19:14 +0200
committer	Chocobozzz <chocobozzz@cpy.re>	2020-05-04 16:21:39 +0200
commit	055cfb11a9d688dbc2dce5c164d1f0b311918378 (patch)
tree	c93f008b3e5463a9b8d024b45e5ba4b9f549a76b /server
parent	e307e4fce39853d445d086f92b8c556c363ee15d (diff)
download	PeerTube-055cfb11a9d688dbc2dce5c164d1f0b311918378.tar.gz PeerTube-055cfb11a9d688dbc2dce5c164d1f0b311918378.tar.zst PeerTube-055cfb11a9d688dbc2dce5c164d1f0b311918378.zip

diff --git a/server/initializers/migrations/0485-video-file-metadata.ts b/server/initializers/migrations/0485-video-file-metadata.ts deleted file mode 100644 index 5d95be024..000000000 --- a/server/initializers/migrations/0485-video-file-metadata.ts +++ /dev/null
@@ -1,30 +0,0 @@
1	import * as Sequelize from 'sequelize'
2
3	async function up (utils: {
4	transaction: Sequelize.Transaction
5	queryInterface: Sequelize.QueryInterface
6	sequelize: Sequelize.Sequelize
7	}): Promise<void> {
8
9	const metadata = {
10	type: Sequelize.JSONB,
11	allowNull: true
12	}
13	await utils.queryInterface.addColumn('videoFile', 'metadata', metadata)
14
15	const metadataUrl = {
16	type: Sequelize.STRING,
17	allowNull: true
18	}
19	await utils.queryInterface.addColumn('videoFile', 'metadataUrl', metadataUrl)
20
21	}
22
23	function down (options) {
24	throw new Error('Not implemented.')
25	}
26
27	export {
28	up,
29	down
30	}


diff --git a/server/initializers/migrations/0490-plugin-auth.ts b/server/initializers/migrations/0490-plugin-auth.ts new file mode 100644 index 000000000..ea636a4ad --- /dev/null +++ b/server/initializers/migrations/0490-plugin-auth.ts
@@ -0,0 +1,42 @@
		1	import * as Sequelize from 'sequelize'
		2
		3	async function up (utils: {
		4	transaction: Sequelize.Transaction
		5	queryInterface: Sequelize.QueryInterface
		6	sequelize: Sequelize.Sequelize
		7	}): Promise<void> {
		8
		9	{
		10	const password = {
		11	type: Sequelize.STRING,
		12	allowNull: true
		13	}
		14	await utils.queryInterface.changeColumn('user', 'password', password)
		15	}
		16
		17	{
		18	const pluginAuth = {
		19	type: Sequelize.STRING,
		20	allowNull: true
		21	}
		22	await utils.queryInterface.addColumn('user', 'pluginAuth', pluginAuth)
		23	}
		24
		25	{
		26	const authName = {
		27	type: Sequelize.STRING,
		28	allowNull: true
		29	}
		30	await utils.queryInterface.addColumn('oAuthToken', 'authName', authName)
		31	}
		32
		33	}
		34
		35	function down (options) {
		36	throw new Error('Not implemented.')
		37	}
		38
		39	export {
		40	up,
		41	down
		42	}


diff --git a/server/lib/auth.ts b/server/lib/auth.ts index c2a6fcaff..c47ec62d0 100644 --- a/server/lib/auth.ts +++ b/server/lib/auth.ts
@@ -126,26 +126,30 @@ async function proxifyPasswordGrant (req: express.Request, res: express.Response
126	authOptions.authName, pluginAuth.npmName, loginOptions.id, authOptions.getWeight()	126	authOptions.authName, pluginAuth.npmName, loginOptions.id, authOptions.getWeight()
127	)	127	)
128		128
129	const loginResult = await authOptions.login(loginOptions)	129	try {
130	if (loginResult) {	130	const loginResult = await authOptions.login(loginOptions)
131	logger.info(	131	if (loginResult) {
132	'Login success with auth method %s of plugin %s for %s.',	132	logger.info(
133	authOptions.authName, pluginAuth.npmName, loginOptions.id	133	'Login success with auth method %s of plugin %s for %s.',
134	)	134	authOptions.authName, pluginAuth.npmName, loginOptions.id
135		135	)
136	res.locals.bypassLogin = {	136
137	bypass: true,	137	res.locals.bypassLogin = {
138	pluginName: pluginAuth.npmName,	138	bypass: true,
139	authName: authOptions.authName,	139	pluginName: pluginAuth.npmName,
140	user: {	140	authName: authOptions.authName,
141	username: loginResult.username,	141	user: {
142	email: loginResult.email,	142	username: loginResult.username,
143	role: loginResult.role \|\| UserRole.USER,	143	email: loginResult.email,
144	displayName: loginResult.displayName \|\| loginResult.username	144	role: loginResult.role \|\| UserRole.USER,
		145	displayName: loginResult.displayName \|\| loginResult.username
		146	}
145	}	147	}
146	}
147		148
148	return	149	return
		150	}
		151	} catch (err) {
		152	logger.error('Error in auth method %s of plugin %s', authOptions.authName, pluginAuth.npmName, { err })
149	}	153	}
150	}	154	}
151	}	155	}


diff --git a/server/lib/plugins/register-helpers-store.ts b/server/lib/plugins/register-helpers-store.ts index 679ed3650..687974ccf 100644 --- a/server/lib/plugins/register-helpers-store.ts +++ b/server/lib/plugins/register-helpers-store.ts
@@ -198,6 +198,8 @@ export class RegisterHelpersStore {
198	return {	198	return {
199	getSetting: (name: string) => PluginModel.getSetting(this.plugin.name, this.plugin.type, name),	199	getSetting: (name: string) => PluginModel.getSetting(this.plugin.name, this.plugin.type, name),
200		200
		201	getSettings: (names: string[]) => PluginModel.getSettings(this.plugin.name, this.plugin.type, names),
		202
201	setSetting: (name: string, value: string) => PluginModel.setSetting(this.plugin.name, this.plugin.type, name, value)	203	setSetting: (name: string, value: string) => PluginModel.setSetting(this.plugin.name, this.plugin.type, name, value)
202	}	204	}
203	}	205	}


diff --git a/server/models/server/plugin.ts b/server/models/server/plugin.ts index 95774a467..83c873c5b 100644 --- a/server/models/server/plugin.ts +++ b/server/models/server/plugin.ts
@@ -129,6 +129,31 @@ export class PluginModel extends Model<PluginModel> {
129	})	129	})
130	}	130	}
131		131
		132	static getSettings (pluginName: string, pluginType: PluginType, settingNames: string[]) {
		133	const query = {
		134	attributes: [ 'settings' ],
		135	where: {
		136	name: pluginName,
		137	type: pluginType
		138	}
		139	}
		140
		141	return PluginModel.findOne(query)
		142	.then(p => {
		143	if (!p \|\| !p.settings) return {}
		144
		145	const result: { [settingName: string ]: string } = {}
		146
		147	for (const key of Object.keys(p.settings)) {
		148	if (settingNames.includes(key)) {
		149	result[key] = p.settings[key]
		150	}
		151	}
		152
		153	return result
		154	})
		155	}
		156
132	static setSetting (pluginName: string, pluginType: PluginType, settingName: string, settingValue: string) {	157	static setSetting (pluginName: string, pluginType: PluginType, settingName: string, settingValue: string) {
133	const query = {	158	const query = {
134	where: {	159	where: {


diff --git a/server/tests/plugins/id-and-pass-auth.ts b/server/tests/plugins/id-and-pass-auth.ts index 0268d35a0..caf65b55f 100644 --- a/server/tests/plugins/id-and-pass-auth.ts +++ b/server/tests/plugins/id-and-pass-auth.ts
@@ -143,7 +143,7 @@ describe('Test id and pass auth plugins', function () {
143	expect(body.role).to.equal(UserRole.MODERATOR)	143	expect(body.role).to.equal(UserRole.MODERATOR)
144	})	144	})
145		145
146	it('Should correctly auth token of laguna', async function () {	146	it('Should reject token of laguna by the plugin hook', async function () {
147	this.timeout(10000)	147	this.timeout(10000)
148		148
149	await wait(5000)	149	await wait(5000)