diff options
-rw-r--r-- | src/auth.js | 59 |
1 files changed, 50 insertions, 9 deletions
diff --git a/src/auth.js b/src/auth.js index 5f83cea..09ec8b7 100644 --- a/src/auth.js +++ b/src/auth.js | |||
@@ -5,21 +5,55 @@ var passport = require('passport'), | |||
5 | safe = require('safetydance'), | 5 | safe = require('safetydance'), |
6 | bcrypt = require('bcryptjs'), | 6 | bcrypt = require('bcryptjs'), |
7 | uuid = require('uuid/v4'), | 7 | uuid = require('uuid/v4'), |
8 | redis = require('redis'), | ||
8 | BearerStrategy = require('passport-http-bearer').Strategy, | 9 | BearerStrategy = require('passport-http-bearer').Strategy, |
9 | LdapStrategy = require('passport-ldapjs').Strategy, | 10 | LdapStrategy = require('passport-ldapjs').Strategy, |
11 | HttpError = require('connect-lastmile').HttpError, | ||
10 | HttpSuccess = require('connect-lastmile').HttpSuccess; | 12 | HttpSuccess = require('connect-lastmile').HttpSuccess; |
11 | 13 | ||
12 | var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json'); | 14 | var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json'); |
13 | 15 | ||
14 | var gTokenStore = {}; | 16 | var tokenStore = { |
17 | data: {}, | ||
18 | get: function (token, callback) { | ||
19 | callback(tokenStore.data[token] ? null : 'not found', tokenStore.data[token]); | ||
20 | }, | ||
21 | set: function (token, data, callback) { | ||
22 | tokenStore.data[token] = data; | ||
23 | callback(null); | ||
24 | }, | ||
25 | del: function (token, callback) { | ||
26 | delete tokenStore.data[token]; | ||
27 | callback(null); | ||
28 | } | ||
29 | }; | ||
30 | |||
31 | if (process.env.REDIS_URL) { | ||
32 | console.log('Enable redis token store'); | ||
33 | |||
34 | var redisClient = redis.createClient(process.env.REDIS_URL); | ||
35 | |||
36 | if (process.env.REDIS_PASSWORD) { | ||
37 | console.log('Using redis auth'); | ||
38 | redisClient.auth(process.env.REDIS_PASSWORD); | ||
39 | } | ||
40 | |||
41 | // overwrite the tokenStore api | ||
42 | tokenStore.get = redisClient.get.bind(redisClient); | ||
43 | tokenStore.set = redisClient.set.bind(redisClient); | ||
44 | tokenStore.del = redisClient.del.bind(redisClient); | ||
45 | } else { | ||
46 | console.log('Use in-memory token store'); | ||
47 | } | ||
15 | 48 | ||
16 | function issueAccessToken() { | 49 | function issueAccessToken() { |
17 | return function (req, res, next) { | 50 | return function (req, res, next) { |
18 | var accessToken = uuid(); | 51 | var accessToken = uuid(); |
19 | 52 | ||
20 | gTokenStore[accessToken] = req.user; | 53 | tokenStore.set(accessToken, req.user, function (error) { |
21 | 54 | if (error) return next(new HttpError(500, error)); | |
22 | next(new HttpSuccess(201, { accessToken: accessToken, user: req.user })); | 55 | next(new HttpSuccess(201, { accessToken: accessToken, user: req.user })); |
56 | }); | ||
23 | }; | 57 | }; |
24 | } | 58 | } |
25 | 59 | ||
@@ -85,15 +119,22 @@ passport.use(new LdapStrategy(opts, function (profile, done) { | |||
85 | exports.verify = passport.authenticate('bearer', { session: false }); | 119 | exports.verify = passport.authenticate('bearer', { session: false }); |
86 | 120 | ||
87 | passport.use(new BearerStrategy(function (token, done) { | 121 | passport.use(new BearerStrategy(function (token, done) { |
88 | if (!gTokenStore[token]) return done(null, false); | 122 | tokenStore.get(token, function (error, result) { |
89 | 123 | if (error) { | |
90 | return done(null, gTokenStore[token], { accessToken: token }); | 124 | console.error(error); |
125 | return done(null, false); | ||
126 | } | ||
127 | |||
128 | done(null, result, { accessToken: token }); | ||
129 | }); | ||
91 | })); | 130 | })); |
92 | 131 | ||
93 | exports.logout = function (req, res, next) { | 132 | exports.logout = function (req, res, next) { |
94 | delete gTokenStore[req.authInfo.accessToken]; | 133 | tokenStore.del(req.authInfo.accessToken, function (error) { |
134 | if (error) console.error(error); | ||
95 | 135 | ||
96 | next(new HttpSuccess(200, {})); | 136 | next(new HttpSuccess(200, {})); |
137 | }); | ||
97 | }; | 138 | }; |
98 | 139 | ||
99 | exports.getProfile = function (req, res, next) { | 140 | exports.getProfile = function (req, res, next) { |