-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauth.js
More file actions
112 lines (94 loc) · 2.53 KB
/
auth.js
File metadata and controls
112 lines (94 loc) · 2.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
/**
* Module dependencies.
*/
var passport = require('passport');
var BearerStrategy = require('passport-http-bearer').Strategy;
var BasicStrategy = require('passport-http').BasicStrategy;
var ClientPasswordStrategy = require('passport-oauth2-client-password').Strategy;
var util = require('util');
var db = require('./db');
var settings = require('./settings');
/**
* BearerStrategy
*
* This strategy is used to authenticate users based on an access token (aka a bearer token). The user must have previously authorized a client application,
* which is issued an access token to make requests on behalf of the authorizing user.
*/
passport.use(new BearerStrategy(function(accessToken, done) {
db.model.AccessToken.findOne({
token : accessToken
}, function(err, token) {
if (err) {
return done(err, false);
}
if (!token) {
return done(null, false);
}
if (token.expires < new Date().getTime()) {
return done(null, false);
}
db.model.User.findOne({
_id : token.userId
}, function(err, user) {
if (err) {
return done(err);
}
if (!user) {
return done(null, false);
}
var info = {
scope : '*'
};
done(null, user, info);
});
});
}));
passport.use(new BasicStrategy(function(username, password, done) {
db.model.Client.findOne({
clientId : username,
clientSecret : password
}, function(err, client) {
if (err) {
return done(err);
}
if (!client) {
return done(null, false);
}
return done(null, client);
});
}));
passport.use(new ClientPasswordStrategy(function(clientId, clientSecret, done) {
db.model.Client.findOne({
clientId : clientId,
clientSecret : clientSecret
}, function(err, client) {
if (err) {
return done(err);
}
if (!client) {
return done(null, false);
}
return done(null, client);
});
}));
function AdminStrategy(options, verify) {
if (typeof options == 'function') {
verify = options;
options = {};
}
if (!verify) throw new Error('HTTP Basic authentication strategy requires a verify function');
passport.Strategy.call(this);
this.name = 'admin';
this._verify = verify;
this._realm = 'Admins';
};
util.inherits(AdminStrategy, BasicStrategy);
passport.use(new AdminStrategy(function(username, password, done) {
if ((settings.adminUsername == username) && (settings.adminPassword == password)) {
return done(null, {
user: 'admin'
});
} else {
return done(null, false);
}
}));