aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--src/auth.js59
1 files changed, 50 insertions, 9 deletions
diff --git a/src/auth.js b/src/auth.js
index 5f83cea..09ec8b7 100644
--- a/src/auth.js
+++ b/src/auth.js
@@ -5,21 +5,55 @@ var passport = require('passport'),
5 safe = require('safetydance'), 5 safe = require('safetydance'),
6 bcrypt = require('bcryptjs'), 6 bcrypt = require('bcryptjs'),
7 uuid = require('uuid/v4'), 7 uuid = require('uuid/v4'),
8 redis = require('redis'),
8 BearerStrategy = require('passport-http-bearer').Strategy, 9 BearerStrategy = require('passport-http-bearer').Strategy,
9 LdapStrategy = require('passport-ldapjs').Strategy, 10 LdapStrategy = require('passport-ldapjs').Strategy,
11 HttpError = require('connect-lastmile').HttpError,
10 HttpSuccess = require('connect-lastmile').HttpSuccess; 12 HttpSuccess = require('connect-lastmile').HttpSuccess;
11 13
12var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json'); 14var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json');
13 15
14var gTokenStore = {}; 16var tokenStore = {
17 data: {},
18 get: function (token, callback) {
19 callback(tokenStore.data[token] ? null : 'not found', tokenStore.data[token]);
20 },
21 set: function (token, data, callback) {
22 tokenStore.data[token] = data;
23 callback(null);
24 },
25 del: function (token, callback) {
26 delete tokenStore.data[token];
27 callback(null);
28 }
29};
30
31if (process.env.REDIS_URL) {
32 console.log('Enable redis token store');
33
34 var redisClient = redis.createClient(process.env.REDIS_URL);
35
36 if (process.env.REDIS_PASSWORD) {
37 console.log('Using redis auth');
38 redisClient.auth(process.env.REDIS_PASSWORD);
39 }
40
41 // overwrite the tokenStore api
42 tokenStore.get = redisClient.get.bind(redisClient);
43 tokenStore.set = redisClient.set.bind(redisClient);
44 tokenStore.del = redisClient.del.bind(redisClient);
45} else {
46 console.log('Use in-memory token store');
47}
15 48
16function issueAccessToken() { 49function issueAccessToken() {
17 return function (req, res, next) { 50 return function (req, res, next) {
18 var accessToken = uuid(); 51 var accessToken = uuid();
19 52
20 gTokenStore[accessToken] = req.user; 53 tokenStore.set(accessToken, req.user, function (error) {
21 54 if (error) return next(new HttpError(500, error));
22 next(new HttpSuccess(201, { accessToken: accessToken, user: req.user })); 55 next(new HttpSuccess(201, { accessToken: accessToken, user: req.user }));
56 });
23 }; 57 };
24} 58}
25 59
@@ -85,15 +119,22 @@ passport.use(new LdapStrategy(opts, function (profile, done) {
85exports.verify = passport.authenticate('bearer', { session: false }); 119exports.verify = passport.authenticate('bearer', { session: false });
86 120
87passport.use(new BearerStrategy(function (token, done) { 121passport.use(new BearerStrategy(function (token, done) {
88 if (!gTokenStore[token]) return done(null, false); 122 tokenStore.get(token, function (error, result) {
89 123 if (error) {
90 return done(null, gTokenStore[token], { accessToken: token }); 124 console.error(error);
125 return done(null, false);
126 }
127
128 done(null, result, { accessToken: token });
129 });
91})); 130}));
92 131
93exports.logout = function (req, res, next) { 132exports.logout = function (req, res, next) {
94 delete gTokenStore[req.authInfo.accessToken]; 133 tokenStore.del(req.authInfo.accessToken, function (error) {
134 if (error) console.error(error);
95 135
96 next(new HttpSuccess(200, {})); 136 next(new HttpSuccess(200, {}));
137 });
97}; 138};
98 139
99exports.getProfile = function (req, res, next) { 140exports.getProfile = function (req, res, next) {