p5.js-web-editor/server/config/passport.js

import slugify from 'slugify';
import friendlyWords from 'friendly-words';
import lodash from 'lodash';

import passport from 'passport';
// import GitHubStrategy from 'passport-github';
import LocalStrategy from 'passport-local';
// import GoogleStrategy from 'passport-google-oauth20';
import { BasicStrategy } from 'passport-http';

import User from '../models/user';

passport.serializeUser((user, done) => {
  done(null, user.id);
});

passport.deserializeUser((id, done) => {
  User.findById(id, (err, user) => {
    done(err, user);
  });
});

/**
 * Sign in using Email/Username and Password.
 */
passport.use(new LocalStrategy({ usernameField: 'email' }, (email, password, done) => {
  User.findByEmailOrUsername(email)
    .then((user) => { // eslint-disable-line consistent-return
      if (!user) {
        return done(null, false, { msg: `Email ${email} not found.` });
      }
      user.comparePassword(password, (innerErr, isMatch) => {
        if (isMatch) {
          return done(null, user);
        }
        return done(null, false, { msg: 'Invalid email or password.' });
      });
    })
    .catch(err => done(null, false, { msg: err }));
}));

/**
 * Authentificate using Basic Auth (Username + Api Key)
 */
passport.use(new BasicStrategy((userid, key, done) => {
  User.findByUsername(userid, (err, user) => { // eslint-disable-line consistent-return
    if (err) { return done(err); }
    if (!user) { return done(null, false); }
    user.findMatchingKey(key, (innerErr, isMatch, keyDocument) => {
      if (isMatch) {
        keyDocument.lastUsedAt = Date.now();
        user.save();
        return done(null, user);
      }
      return done(null, false, { msg: 'Invalid username or API key' });
    });
  });
}));

/*
  Input:
  [
    { value: 'email@example.com', primary: false, verified: true },
    { value: 'unverified@example.com', primary: false, verified: false }
  ]

  Output:
    ['email@example.com']
*/
const getVerifiedEmails = githubEmails => (
  (githubEmails || [])
    .filter(item => item.verified === true)
    .map(item => item.value)
);

const getPrimaryEmail = githubEmails => (
  (
    lodash.find(githubEmails, { primary: true }) || {}
  ).value
);

/**
 * Sign in with GitHub.
 */
// passport.use(new GitHubStrategy({
//   clientID: process.env.GITHUB_ID,
//   clientSecret: process.env.GITHUB_SECRET,
//   callbackURL: '/auth/github/callback',
//   passReqToCallback: true,
//   scope: ['user:email'],
// }, (req, accessToken, refreshToken, profile, done) => {
//   User.findOne({ github: profile.id }, (findByGithubErr, existingUser) => {
//     if (existingUser) {
//       done(null, existingUser);
//       return;
//     }

//     const emails = getVerifiedEmails(profile.emails);
//     const primaryEmail = getPrimaryEmail(profile.emails);

//     User.findByEmail(emails, (findByEmailErr, existingEmailUser) => {
//       if (existingEmailUser) {
//         existingEmailUser.email = existingEmailUser.email || primaryEmail;
//         existingEmailUser.github = profile.id;
//         existingEmailUser.username = existingEmailUser.username || profile.username;
//         existingEmailUser.tokens.push({ kind: 'github', accessToken });
//         existingEmailUser.name = existingEmailUser.name || profile.displayName;
//         existingEmailUser.verified = User.EmailConfirmation.Verified;
//         existingEmailUser.save(saveErr => done(null, existingEmailUser));
//       } else {
//         const user = new User();
//         user.email = primaryEmail;
//         user.github = profile.id;
//         user.username = profile.username;
//         user.tokens.push({ kind: 'github', accessToken });
//         user.name = profile.displayName;
//         user.verified = User.EmailConfirmation.Verified;
//         user.save(saveErr => done(null, user));
//       }
//     });
//   });
// }));

// /**
//  * Sign in with Google.
//  */
// passport.use(new GoogleStrategy({
//   clientID: process.env.GOOGLE_ID,
//   clientSecret: process.env.GOOGLE_SECRET,
//   callbackURL: '/auth/google/callback',
//   passReqToCallback: true,
//   scope: ['openid email'],
// }, (req, accessToken, refreshToken, profile, done) => {
//   User.findOne({ google: profile._json.emails[0].value }, (findByGoogleErr, existingUser) => {
//     if (existingUser) {
//       done(null, existingUser);
//       return;
//     }

//     const primaryEmail = profile._json.emails[0].value;

//     User.findByEmail(primaryEmail, (findByEmailErr, existingEmailUser) => {
//       let username = profile._json.emails[0].value.split('@')[0];
//       User.findByUsername(username, (findByUsernameErr, existingUsernameUser) => {
//         if (existingUsernameUser) {
//           const adj = friendlyWords.predicates[Math.floor(Math.random() * friendlyWords.predicates.length)];
//           username = slugify(`${username} ${adj}`);
//         }
//         // what if a username is already taken from the display name too?
//         // then, append a random friendly word?
//         if (existingEmailUser) {
//           existingEmailUser.email = existingEmailUser.email || primaryEmail;
//           existingEmailUser.google = profile._json.emails[0].value;
//           existingEmailUser.username = existingEmailUser.username || username;
//           existingEmailUser.tokens.push({ kind: 'google', accessToken });
//           existingEmailUser.name = existingEmailUser.name || profile._json.displayName;
//           existingEmailUser.verified = User.EmailConfirmation.Verified;
//           existingEmailUser.save((saveErr) => {
//             if (saveErr) {
//               console.log(saveErr);
//             }
//             done(null, existingEmailUser);
//           });
//         } else {
//           const user = new User();
//           user.email = primaryEmail;
//           user.google = profile._json.emails[0].value;
//           user.username = username;
//           user.tokens.push({ kind: 'google', accessToken });
//           user.name = profile._json.displayName;
//           user.verified = User.EmailConfirmation.Verified;
//           user.save((saveErr) => {
//             if (saveErr) {
//               console.log(saveErr);
//             }
//             done(null, user);
//           });
//         }
//       });
//     });
//   });
// }));
Fixes #760 (#1046) * fixes #760 * fixes linting errors 2019-05-01 19:38:11 +00:00			`import slugify from 'slugify';`
			`import friendlyWords from 'friendly-words';`
Added Basic Auth using passport-http 2018-11-06 16:28:17 +00:00			`import lodash from 'lodash';`
update eslint to latest version, fix lots of linting errors (#308) * update eslint and dependencies, fix linting errors that can be fixed with --fix * fix lots of linting errors * update eslintrc, fix some linting errors * fix all server side linting errors, untested * fix errors that fixing linting errors had caused * fix client side eslint errors * fix client side linting errors * fix refs lint errors * fix more linting errors * update eslint and dependencies, fix linting errors that can be fixed with --fix * fix lots of linting errors * update eslintrc, fix some linting errors * fix all server side linting errors, untested * fix errors that fixing linting errors had caused * fix client side eslint errors * fix client side linting errors * fix refs lint errors * fix more linting errors * fix some accessibility linting errors * fix a lot of linting errors * fix a billion more linting errors * hopefully fix all linting errors, still need to test * fix bugs that fixing linting had caused 2017-02-22 19:29:35 +00:00
Added Basic Auth using passport-http 2018-11-06 16:28:17 +00:00			`import passport from 'passport';`
WIP to run without mailgun and social logins 2020-09-07 11:59:15 +00:00			`// import GitHubStrategy from 'passport-github';`
Added Basic Auth using passport-http 2018-11-06 16:28:17 +00:00			`import LocalStrategy from 'passport-local';`
WIP to run without mailgun and social logins 2020-09-07 11:59:15 +00:00			`// import GoogleStrategy from 'passport-google-oauth20';`
Added Basic Auth using passport-http 2018-11-06 16:28:17 +00:00			`import { BasicStrategy } from 'passport-http';`
Solving #553 Addition of google oauth 2.0 for easy login (#608) * google oauth added * google credentials updated .env description for google oauth * changes done wrt review 2018-04-18 20:38:02 +00:00
Added Basic Auth using passport-http 2018-11-06 16:28:17 +00:00			`import User from '../models/user';`
add a lot of server side libraries, preemptively, still hooking everything up 2016-05-17 19:50:37 +00:00
			`passport.serializeUser((user, done) => {`
			`done(null, user.id);`
			`});`

			`passport.deserializeUser((id, done) => {`
			`User.findById(id, (err, user) => {`
			`done(err, user);`
			`});`
			`});`

			`/**`
Use username also to log in (#250) * Use username also to log in * Minor changes 2017-01-06 23:14:42 +00:00			`* Sign in using Email/Username and Password.`
add a lot of server side libraries, preemptively, still hooking everything up 2016-05-17 19:50:37 +00:00			`*/`
			`passport.use(new LocalStrategy({ usernameField: 'email' }, (email, password, done) => {`
[#1314][#1489] Add static methods to user model - Add new static methods to user model - `findByEmailAndUsername` - renames `findByMailOrName` to `findByEmailOrUsername` - `findByUsername` - `findByEmail` - Reverts case insensitive behavior for username 2020-07-15 21:33:11 +00:00			`User.findByEmailOrUsername(email)`
update eslint and fix linting errors 2018-05-05 00:22:39 +00:00			`.then((user) => { // eslint-disable-line consistent-return`
			`if (!user) {`
			return done(null, false, { msg: `Email ${email} not found.` });
add a lot of server side libraries, preemptively, still hooking everything up 2016-05-17 19:50:37 +00:00			`}`
update eslint and fix linting errors 2018-05-05 00:22:39 +00:00			`user.comparePassword(password, (innerErr, isMatch) => {`
			`if (isMatch) {`
			`return done(null, user);`
			`}`
			`return done(null, false, { msg: 'Invalid email or password.' });`
			`});`
			`})`
			`.catch(err => done(null, false, { msg: err }));`
add a lot of server side libraries, preemptively, still hooking everything up 2016-05-17 19:50:37 +00:00			`}));`

Added Basic Auth using passport-http 2018-11-06 16:28:17 +00:00			`/**`
			`* Authentificate using Basic Auth (Username + Api Key)`
			`*/`
			`passport.use(new BasicStrategy((userid, key, done) => {`
[#1314][#1489] Add static methods to user model - Add new static methods to user model - `findByEmailAndUsername` - renames `findByMailOrName` to `findByEmailOrUsername` - `findByUsername` - `findByEmail` - Reverts case insensitive behavior for username 2020-07-15 21:33:11 +00:00			`User.findByUsername(userid, (err, user) => { // eslint-disable-line consistent-return`
Added Basic Auth using passport-http 2018-11-06 16:28:17 +00:00			`if (err) { return done(err); }`
			`if (!user) { return done(null, false); }`
Fixes bug where lastUsedAt timestamp wasn't set when access token used 2019-05-15 12:07:46 +00:00			`user.findMatchingKey(key, (innerErr, isMatch, keyDocument) => {`
Added Basic Auth using passport-http 2018-11-06 16:28:17 +00:00			`if (isMatch) {`
Fixes bug where lastUsedAt timestamp wasn't set when access token used 2019-05-15 12:07:46 +00:00			`keyDocument.lastUsedAt = Date.now();`
			`user.save();`
Added Basic Auth using passport-http 2018-11-06 16:28:17 +00:00			`return done(null, user);`
			`}`
			`return done(null, false, { msg: 'Invalid username or API key' });`
			`});`
			`});`
			`}));`

Search for existing user account using Github emails (#337) * Tries to match user account from list of emails in Github API Requests the 'user:email' scope from Github which returns the private emails associated with the user's account. * Centres GitHub button in layout 2017-04-13 16:04:10 +00:00			`/*`
			`Input:`
			`[`
			`{ value: 'email@example.com', primary: false, verified: true },`
			`{ value: 'unverified@example.com', primary: false, verified: false }`
			`]`

			`Output:`
			`['email@example.com']`
			`*/`
			`const getVerifiedEmails = githubEmails => (`
			`(githubEmails \|\| [])`
			`.filter(item => item.verified === true)`
			`.map(item => item.value)`
			`);`

			`const getPrimaryEmail = githubEmails => (`
			`(`
			`lodash.find(githubEmails, { primary: true }) \|\| {}`
			`).value`
			`);`

add a lot of server side libraries, preemptively, still hooking everything up 2016-05-17 19:50:37 +00:00			`/**`
			`* Sign in with GitHub.`
			`*/`
WIP to run without mailgun and social logins 2020-09-07 11:59:15 +00:00			`// passport.use(new GitHubStrategy({`
			`// clientID: process.env.GITHUB_ID,`
			`// clientSecret: process.env.GITHUB_SECRET,`
			`// callbackURL: '/auth/github/callback',`
			`// passReqToCallback: true,`
			`// scope: ['user:email'],`
			`// }, (req, accessToken, refreshToken, profile, done) => {`
			`// User.findOne({ github: profile.id }, (findByGithubErr, existingUser) => {`
			`// if (existingUser) {`
			`// done(null, existingUser);`
			`// return;`
			`// }`
Search for existing user account using Github emails (#337) * Tries to match user account from list of emails in Github API Requests the 'user:email' scope from Github which returns the private emails associated with the user's account. * Centres GitHub button in layout 2017-04-13 16:04:10 +00:00
WIP to run without mailgun and social logins 2020-09-07 11:59:15 +00:00			`// const emails = getVerifiedEmails(profile.emails);`
			`// const primaryEmail = getPrimaryEmail(profile.emails);`
Search for existing user account using Github emails (#337) * Tries to match user account from list of emails in Github API Requests the 'user:email' scope from Github which returns the private emails associated with the user's account. * Centres GitHub button in layout 2017-04-13 16:04:10 +00:00
WIP to run without mailgun and social logins 2020-09-07 11:59:15 +00:00			`// User.findByEmail(emails, (findByEmailErr, existingEmailUser) => {`
			`// if (existingEmailUser) {`
			`// existingEmailUser.email = existingEmailUser.email \|\| primaryEmail;`
			`// existingEmailUser.github = profile.id;`
			`// existingEmailUser.username = existingEmailUser.username \|\| profile.username;`
			`// existingEmailUser.tokens.push({ kind: 'github', accessToken });`
			`// existingEmailUser.name = existingEmailUser.name \|\| profile.displayName;`
			`// existingEmailUser.verified = User.EmailConfirmation.Verified;`
			`// existingEmailUser.save(saveErr => done(null, existingEmailUser));`
			`// } else {`
			`// const user = new User();`
			`// user.email = primaryEmail;`
			`// user.github = profile.id;`
			`// user.username = profile.username;`
			`// user.tokens.push({ kind: 'github', accessToken });`
			`// user.name = profile.displayName;`
			`// user.verified = User.EmailConfirmation.Verified;`
			`// user.save(saveErr => done(null, user));`
			`// }`
			`// });`
			`// });`
			`// }));`
Solving #553 Addition of google oauth 2.0 for easy login (#608) * google oauth added * google credentials updated .env description for google oauth * changes done wrt review 2018-04-18 20:38:02 +00:00
WIP to run without mailgun and social logins 2020-09-07 11:59:15 +00:00			`// /**`
			`// * Sign in with Google.`
			`// */`
			`// passport.use(new GoogleStrategy({`
			`// clientID: process.env.GOOGLE_ID,`
			`// clientSecret: process.env.GOOGLE_SECRET,`
			`// callbackURL: '/auth/google/callback',`
			`// passReqToCallback: true,`
			`// scope: ['openid email'],`
			`// }, (req, accessToken, refreshToken, profile, done) => {`
			`// User.findOne({ google: profile._json.emails[0].value }, (findByGoogleErr, existingUser) => {`
			`// if (existingUser) {`
			`// done(null, existingUser);`
			`// return;`
			`// }`
Solving #553 Addition of google oauth 2.0 for easy login (#608) * google oauth added * google credentials updated .env description for google oauth * changes done wrt review 2018-04-18 20:38:02 +00:00
WIP to run without mailgun and social logins 2020-09-07 11:59:15 +00:00			`// const primaryEmail = profile._json.emails[0].value;`
Solving #553 Addition of google oauth 2.0 for easy login (#608) * google oauth added * google credentials updated .env description for google oauth * changes done wrt review 2018-04-18 20:38:02 +00:00
WIP to run without mailgun and social logins 2020-09-07 11:59:15 +00:00			`// User.findByEmail(primaryEmail, (findByEmailErr, existingEmailUser) => {`
			`// let username = profile._json.emails[0].value.split('@')[0];`
			`// User.findByUsername(username, (findByUsernameErr, existingUsernameUser) => {`
			`// if (existingUsernameUser) {`
			`// const adj = friendlyWords.predicates[Math.floor(Math.random() * friendlyWords.predicates.length)];`
			// username = slugify(`${username} ${adj}`);
			`// }`
			`// // what if a username is already taken from the display name too?`
			`// // then, append a random friendly word?`
			`// if (existingEmailUser) {`
			`// existingEmailUser.email = existingEmailUser.email \|\| primaryEmail;`
			`// existingEmailUser.google = profile._json.emails[0].value;`
			`// existingEmailUser.username = existingEmailUser.username \|\| username;`
			`// existingEmailUser.tokens.push({ kind: 'google', accessToken });`
			`// existingEmailUser.name = existingEmailUser.name \|\| profile._json.displayName;`
			`// existingEmailUser.verified = User.EmailConfirmation.Verified;`
			`// existingEmailUser.save((saveErr) => {`
			`// if (saveErr) {`
			`// console.log(saveErr);`
			`// }`
			`// done(null, existingEmailUser);`
			`// });`
			`// } else {`
			`// const user = new User();`
			`// user.email = primaryEmail;`
			`// user.google = profile._json.emails[0].value;`
			`// user.username = username;`
			`// user.tokens.push({ kind: 'google', accessToken });`
			`// user.name = profile._json.displayName;`
			`// user.verified = User.EmailConfirmation.Verified;`
			`// user.save((saveErr) => {`
			`// if (saveErr) {`
			`// console.log(saveErr);`
			`// }`
			`// done(null, user);`
			`// });`
			`// }`
			`// });`
			`// });`
			`// });`
			`// }));`