Use optionally redis if available

author: Johannes Zellner <johannes@cloudron.io> 2017-02-09 13:54:55 +0100
committer: Johannes Zellner <johannes@cloudron.io> 2017-02-09 13:54:55 +0100
commit: bcee89316e302f45f388cdfe064aa5d8b1d221e8 (patch)
tree: 2806423fe8b622022ea567585414c4a5ec8883bc /src
parent: 58339c49fe6284fd356b9e986c00c019605f0b71 (diff)
download: Surfer-bcee89316e302f45f388cdfe064aa5d8b1d221e8.tar.gz
Surfer-bcee89316e302f45f388cdfe064aa5d8b1d221e8.tar.zst
Surfer-bcee89316e302f45f388cdfe064aa5d8b1d221e8.zip
1 files changed, 50 insertions, 9 deletions
diff --git a/src/auth.js b/src/auth.js
index 5f83cea..09ec8b7 100644
--- a/src/auth.js
+++ b/src/auth.js
@@ -5,21 +5,55 @@ var passport = require('passport'),
    safe = require('safetydance'),
    bcrypt = require('bcryptjs'),
    uuid = require('uuid/v4'),
+    redis = require('redis'),
    BearerStrategy = require('passport-http-bearer').Strategy,
    LdapStrategy = require('passport-ldapjs').Strategy,
+    HttpError = require('connect-lastmile').HttpError,
    HttpSuccess = require('connect-lastmile').HttpSuccess;
 var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json');
-var gTokenStore = {};
+var tokenStore = {
+    data: {},
+    get: function (token, callback) {
+        callback(tokenStore.data[token] ? null : 'not found', tokenStore.data[token]);
+    },
+    set: function (token, data, callback) {
+        tokenStore.data[token] = data;
+        callback(null);
+    },
+    del: function (token, callback) {
+        delete tokenStore.data[token];
+        callback(null);
+    }
+};
+if (process.env.REDIS_URL) {
+    console.log('Enable redis token store');
+    var redisClient = redis.createClient(process.env.REDIS_URL);
+    if (process.env.REDIS_PASSWORD) {
+        console.log('Using redis auth');
+        redisClient.auth(process.env.REDIS_PASSWORD);
+    }
+    // overwrite the tokenStore api
+    tokenStore.get = redisClient.get.bind(redisClient);
+    tokenStore.set = redisClient.set.bind(redisClient);
+    tokenStore.del = redisClient.del.bind(redisClient);
+} else {
+    console.log('Use in-memory token store');
+}
 function issueAccessToken() {
    return function (req, res, next) {
        var accessToken = uuid();
-        gTokenStore[accessToken] = req.user;
+        tokenStore.set(accessToken, req.user, function (error) {
+            if (error) return next(new HttpError(500, error));
-        next(new HttpSuccess(201, { accessToken: accessToken, user: req.user }));
+            next(new HttpSuccess(201, { accessToken: accessToken, user: req.user }));
+        });
    };
 }
@@ -85,15 +119,22 @@ passport.use(new LdapStrategy(opts, function (profile, done) {
 exports.verify = passport.authenticate('bearer', { session: false });
 passport.use(new BearerStrategy(function (token, done) {
-    if (!gTokenStore[token]) return done(null, false);
+    tokenStore.get(token, function (error, result) {
+        if (error) {
-    return done(null, gTokenStore[token], { accessToken: token });
+            console.error(error);
+            return done(null, false);
+        }
+        done(null, result, { accessToken: token });
+    });
 }));
 exports.logout = function (req, res, next) {
-    delete gTokenStore[req.authInfo.accessToken];
+    tokenStore.del(req.authInfo.accessToken, function (error) {
+        if (error) console.error(error);
-    next(new HttpSuccess(200, {}));
+        next(new HttpSuccess(200, {}));
+    });
 };
 exports.getProfile = function (req, res, next) {
author	Johannes Zellner <johannes@cloudron.io>	2017-02-09 13:54:55 +0100
committer	Johannes Zellner <johannes@cloudron.io>	2017-02-09 13:54:55 +0100
commit	bcee89316e302f45f388cdfe064aa5d8b1d221e8 (patch)
tree	2806423fe8b622022ea567585414c4a5ec8883bc /src
parent	58339c49fe6284fd356b9e986c00c019605f0b71 (diff)
download	Surfer-bcee89316e302f45f388cdfe064aa5d8b1d221e8.tar.gz Surfer-bcee89316e302f45f388cdfe064aa5d8b1d221e8.tar.zst Surfer-bcee89316e302f45f388cdfe064aa5d8b1d221e8.zip

diff --git a/src/auth.js b/src/auth.js index 5f83cea..09ec8b7 100644 --- a/src/auth.js +++ b/src/auth.js
@@ -5,21 +5,55 @@ var passport = require('passport'),
5	safe = require('safetydance'),	5	safe = require('safetydance'),
6	bcrypt = require('bcryptjs'),	6	bcrypt = require('bcryptjs'),
7	uuid = require('uuid/v4'),	7	uuid = require('uuid/v4'),
		8	redis = require('redis'),
8	BearerStrategy = require('passport-http-bearer').Strategy,	9	BearerStrategy = require('passport-http-bearer').Strategy,
9	LdapStrategy = require('passport-ldapjs').Strategy,	10	LdapStrategy = require('passport-ldapjs').Strategy,
		11	HttpError = require('connect-lastmile').HttpError,
10	HttpSuccess = require('connect-lastmile').HttpSuccess;	12	HttpSuccess = require('connect-lastmile').HttpSuccess;
11		13
12	var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE \|\| './.users.json');	14	var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE \|\| './.users.json');
13		15
14	var gTokenStore = {};	16	var tokenStore = {
		17	data: {},
		18	get: function (token, callback) {
		19	callback(tokenStore.data[token] ? null : 'not found', tokenStore.data[token]);
		20	},
		21	set: function (token, data, callback) {
		22	tokenStore.data[token] = data;
		23	callback(null);
		24	},
		25	del: function (token, callback) {
		26	delete tokenStore.data[token];
		27	callback(null);
		28	}
		29	};
		30
		31	if (process.env.REDIS_URL) {
		32	console.log('Enable redis token store');
		33
		34	var redisClient = redis.createClient(process.env.REDIS_URL);
		35
		36	if (process.env.REDIS_PASSWORD) {
		37	console.log('Using redis auth');
		38	redisClient.auth(process.env.REDIS_PASSWORD);
		39	}
		40
		41	// overwrite the tokenStore api
		42	tokenStore.get = redisClient.get.bind(redisClient);
		43	tokenStore.set = redisClient.set.bind(redisClient);
		44	tokenStore.del = redisClient.del.bind(redisClient);
		45	} else {
		46	console.log('Use in-memory token store');
		47	}
15		48
16	function issueAccessToken() {	49	function issueAccessToken() {
17	return function (req, res, next) {	50	return function (req, res, next) {
18	var accessToken = uuid();	51	var accessToken = uuid();
19		52
20	gTokenStore[accessToken] = req.user;	53	tokenStore.set(accessToken, req.user, function (error) {
21		54	if (error) return next(new HttpError(500, error));
22	next(new HttpSuccess(201, { accessToken: accessToken, user: req.user }));	55	next(new HttpSuccess(201, { accessToken: accessToken, user: req.user }));
		56	});
23	};	57	};
24	}	58	}
25		59
@@ -85,15 +119,22 @@ passport.use(new LdapStrategy(opts, function (profile, done) {
85	exports.verify = passport.authenticate('bearer', { session: false });	119	exports.verify = passport.authenticate('bearer', { session: false });
86		120
87	passport.use(new BearerStrategy(function (token, done) {	121	passport.use(new BearerStrategy(function (token, done) {
88	if (!gTokenStore[token]) return done(null, false);	122	tokenStore.get(token, function (error, result) {
89		123	if (error) {
90	return done(null, gTokenStore[token], { accessToken: token });	124	console.error(error);
		125	return done(null, false);
		126	}
		127
		128	done(null, result, { accessToken: token });
		129	});
91	}));	130	}));
92		131
93	exports.logout = function (req, res, next) {	132	exports.logout = function (req, res, next) {
94	delete gTokenStore[req.authInfo.accessToken];	133	tokenStore.del(req.authInfo.accessToken, function (error) {
		134	if (error) console.error(error);
95		135
96	next(new HttpSuccess(200, {}));	136	next(new HttpSuccess(200, {}));
		137	});
97	};	138	};
98		139
99	exports.getProfile = function (req, res, next) {	140	exports.getProfile = function (req, res, next) {