Added Basic Auth using passport-http

This commit is contained in:
Vertmo 2018-11-06 17:28:17 +01:00 committed by Cassie Tarakajian
parent 3b55ff81d2
commit f0b669d5af
3 changed files with 45 additions and 9 deletions

View file

@ -123,6 +123,7 @@
"passport": "^0.3.2",
"passport-github": "^1.1.0",
"passport-google-oauth20": "^1.0.0",
"passport-http": "^0.3.0",
"passport-local": "^1.0.0",
"pretty-bytes": "^3.0.1",
"primer-tooltips": "^1.5.11",

View file

@ -1,14 +1,15 @@
import slugify from 'slugify';
import friendlyWords from 'friendly-words';
import lodash from 'lodash';
import passport from 'passport';
import GitHubStrategy from 'passport-github';
import LocalStrategy from 'passport-local';
import GoogleStrategy from 'passport-google-oauth20';
import { BasicStrategy } from 'passport-http';
import User from '../models/user';
const lodash = require('lodash');
const passport = require('passport');
const GitHubStrategy = require('passport-github').Strategy;
const LocalStrategy = require('passport-local').Strategy;
const GoogleStrategy = require('passport-google-oauth20').Strategy;
passport.serializeUser((user, done) => {
done(null, user.id);
});
@ -38,6 +39,26 @@ passport.use(new LocalStrategy({ usernameField: 'email' }, (email, password, don
.catch(err => done(null, false, { msg: err }));
}));
/**
* Authentificate using Basic Auth (Username + Api Key)
*/
passport.use(new BasicStrategy((userid, key, done) => {
User.findOne({ username: userid }, (err, user) => { // eslint-disable-line consistent-return
if (err) { return done(err); }
if (!user) { return done(null, false); }
user.findMatchingKey(key, (innerErr, isMatch, keyID) => {
if (isMatch) {
User.update(
{ 'apiKeys._id': keyID },
{ '$set': { 'apiKeys.$.lastUsedAt': Date.now() } }
);
return done(null, user);
}
return done(null, false, { msg: 'Invalid username or API key' });
});
});
}));
/*
Input:
[

View file

@ -71,14 +71,14 @@ userSchema.pre('save', function checkPassword(next) { // eslint-disable-line con
/**
* API keys hash middleware
*/
userSchema.pre('save', function checkApiKey(next) {
userSchema.pre('save', function checkApiKey(next) { // eslint-disable-line consistent-return
const user = this;
if (!user.isModified('apiKeys')) { return next(); }
let hasNew = false;
user.apiKeys.forEach((k) => {
if (k.isNew) {
hasNew = true;
bcrypt.genSalt(10, (err, salt) => {
bcrypt.genSalt(10, (err, salt) => { // eslint-disable-line consistent-return
if (err) { return next(err); }
bcrypt.hash(k.hashedKey, salt, null, (innerErr, hash) => {
if (innerErr) { return next(innerErr); }
@ -110,6 +110,20 @@ userSchema.methods.comparePassword = function comparePassword(candidatePassword,
});
};
/**
* Helper method for validating a user's api key
*/
userSchema.methods.findMatchingKey = function findMatchingKey(candidateKey, cb) {
let foundOne = false;
this.apiKeys.forEach((k) => {
if (bcrypt.compareSync(candidateKey, k.hashedKey)) {
foundOne = true;
cb(null, true, k._id);
}
});
if (!foundOne) cb('Matching API key not found !', false, null);
};
userSchema.statics.findByMailOrName = function findByMailOrName(email) {
const query = {
$or: [{