From 34adfa8518ba0b57d1837db1847a13215f31a83c Mon Sep 17 00:00:00 2001 From: Johannes Zellner Date: Tue, 6 Aug 2019 16:21:26 +0200 Subject: Replace passport usage with simpler custom middleware --- frontend/js/app.js | 20 +++++------------ package-lock.json | 27 ---------------------- package.json | 2 -- server.js | 3 --- src/auth.js | 66 +++++++++++++++++++----------------------------------- 5 files changed, 29 insertions(+), 89 deletions(-) diff --git a/frontend/js/app.js b/frontend/js/app.js index 9a6251b..d99a840 100644 --- a/frontend/js/app.js +++ b/frontend/js/app.js @@ -23,14 +23,14 @@ function asyncForEach(items, handler, callback) { })(); } -function getProfile(accessToken, callback) { +function initWithToken(accessToken) { superagent.get('/api/profile').query({ access_token: accessToken }).end(function (error, result) { app.ready = true; - if (error && !error.response) return callback(error); + if (error && !error.response) return console.error(error); if (result.statusCode !== 200) { delete localStorage.accessToken; - return callback('Invalid access token'); + return; } localStorage.accessToken = accessToken; @@ -42,7 +42,7 @@ function getProfile(accessToken, callback) { app.folderListingEnabled = !!result.body.folderListingEnabled; - callback(); + loadDirectory(decode(window.location.hash.slice(1))); }); }); } @@ -292,11 +292,7 @@ var app = new Vue({ if (error && !result) return that.$message.error(error.message); if (result.statusCode === 401) return that.$message.error('Wrong username or password'); - getProfile(result.body.accessToken, function (error) { - if (error) return console.error(error); - - loadDirectory(decode(window.location.hash.slice(1))); - }); + initWithToken(result.body.accessToken); }); }, onOptionsMenu: function (command) { @@ -452,11 +448,7 @@ var app = new Vue({ } }); -getProfile(localStorage.accessToken, function (error) { - if (error) return console.error(error); - - loadDirectory(decode(window.location.hash.slice(1))); -}); +initWithToken(localStorage.accessToken); $(window).on('hashchange', function () { loadDirectory(decode(window.location.hash.slice(1))); diff --git a/package-lock.json b/package-lock.json index dccc4ed..3e6d191 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1164,28 +1164,6 @@ "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.2.tgz", "integrity": "sha1-/CidTtiZMRlGDBViUyYs3I3mW/M=" }, - "passport": { - "version": "0.2.2", - "resolved": "https://registry.npmjs.org/passport/-/passport-0.2.2.tgz", - "integrity": "sha1-nDjxe+uSnz2Br3uIOOhDDbhwPys=", - "requires": { - "passport-strategy": "1.x.x", - "pause": "0.0.1" - } - }, - "passport-http-bearer": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/passport-http-bearer/-/passport-http-bearer-1.0.1.tgz", - "integrity": "sha1-FHRp6jZp4qhMYWfvmdu3fh8AmKg=", - "requires": { - "passport-strategy": "1.x.x" - } - }, - "passport-strategy": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz", - "integrity": "sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ=" - }, "path-is-absolute": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", @@ -1201,11 +1179,6 @@ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=" }, - "pause": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz", - "integrity": "sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10=" - }, "pend": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz", diff --git a/package.json b/package.json index 7b8c0ff..df42b30 100644 --- a/package.json +++ b/package.json @@ -37,8 +37,6 @@ "mkdirp": "^0.5.1", "morgan": "^1.9.0", "multiparty": "^4.1.2", - "passport": "^0.2.2", - "passport-http-bearer": "^1.0.1", "readline-sync": "^1.4.9", "request": "^2.83.0", "safetydance": "^0.1.1", diff --git a/server.js b/server.js index e3d92e1..d3e4c6c 100755 --- a/server.js +++ b/server.js @@ -4,7 +4,6 @@ var express = require('express'), morgan = require('morgan'), - passport = require('passport'), path = require('path'), fs = require('fs'), compression = require('compression'), @@ -91,8 +90,6 @@ app.use('/api', bodyParser.json()); app.use('/api', bodyParser.urlencoded({ extended: false, limit: '100mb' })); app.use('/api', cookieParser()); app.use('/api', session({ secret: 'surfin surfin', resave: false, saveUninitialized: false })); -app.use('/api', passport.initialize()); -app.use('/api', passport.session()); app.use(router); app.use(webdav.extensions.express('/_webdav', webdavServer)); app.use('/_admin', express.static(__dirname + '/frontend')); diff --git a/src/auth.js b/src/auth.js index 96f3045..2532688 100644 --- a/src/auth.js +++ b/src/auth.js @@ -1,12 +1,10 @@ 'use strict'; -var passport = require('passport'), - path = require('path'), +var path = require('path'), safe = require('safetydance'), fs = require('fs'), bcrypt = require('bcryptjs'), uuid = require('uuid/v4'), - BearerStrategy = require('passport-http-bearer').Strategy, ldapjs = require('ldapjs'), HttpError = require('connect-lastmile').HttpError, HttpSuccess = require('connect-lastmile').HttpSuccess, @@ -56,27 +54,6 @@ try { // start with empty token store } -function issueAccessToken() { - return function (req, res, next) { - var accessToken = uuid(); - - tokenStore.set(accessToken, req.user, function (error) { - if (error) return next(new HttpError(500, error)); - next(new HttpSuccess(201, { accessToken: accessToken, user: req.user })); - }); - }; -} - -passport.serializeUser(function (user, done) { - console.log('serializeUser', user); - done(null, user.uid); -}); - -passport.deserializeUser(function (id, done) { - console.log('deserializeUser', id); - done(null, { uid: id }); -}); - function verifyUser(username, password, callback) { if (AUTH_METHOD === 'ldap') { var ldapClient = ldapjs.createClient({ url: process.env.CLOUDRON_LDAP_URL }); @@ -121,34 +98,37 @@ function verifyUser(username, password, callback) { } } -exports.login = [ - function (req, res, next) { - verifyUser(req.body.username, req.body.password, function (error, user) { - if (error) return next(new HttpError(401, 'Invalid credentials')); +exports.login = function (req, res, next) { + verifyUser(req.body.username, req.body.password, function (error, user) { + if (error) return next(new HttpError(401, 'Invalid credentials')); + + var accessToken = uuid(); - req.user = user; + tokenStore.set(accessToken, user, function (error) { + if (error) return next(new HttpError(500, error)); - next(); + next(new HttpSuccess(201, { accessToken: accessToken, user: user })); }); - }, - issueAccessToken() -]; + }); +}; -exports.verify = passport.authenticate('bearer', { session: false }); +exports.verify = function (req, res, next) { + var accessToken = req.query.access_token || req.body.accessToken; -passport.use(new BearerStrategy(function (token, done) { - tokenStore.get(token, function (error, result) { - if (error) { - console.error(error); - return done(null, false); - } + tokenStore.get(accessToken, function (error, user) { + if (error) return next(new HttpError(401, 'Invalid Access Token')); + + req.user = user; - done(null, result, { accessToken: token }); + next(); }); -})); + +}; exports.logout = function (req, res, next) { - tokenStore.del(req.authInfo.accessToken, function (error) { + var accessToken = req.query.access_token || req.body.accessToken; + + tokenStore.del(accessToken, function (error) { if (error) console.error(error); next(new HttpSuccess(200, {})); -- cgit v1.2.3