147 lines
4.6 KiB
JavaScript
147 lines
4.6 KiB
JavaScript
import User from '../models/user';
|
|
|
|
const lodash = require('lodash');
|
|
const passport = require('passport');
|
|
const GitHubStrategy = require('passport-github').Strategy;
|
|
const LocalStrategy = require('passport-local').Strategy;
|
|
const GoogleStrategy = require('passport-google-oauth20').Strategy;
|
|
|
|
|
|
passport.serializeUser((user, done) => {
|
|
done(null, user.id);
|
|
});
|
|
|
|
passport.deserializeUser((id, done) => {
|
|
User.findById(id, (err, user) => {
|
|
done(err, user);
|
|
});
|
|
});
|
|
|
|
/**
|
|
* Sign in using Email/Username and Password.
|
|
*/
|
|
passport.use(new LocalStrategy({ usernameField: 'email' }, (email, password, done) => {
|
|
User.findByMailOrName(email.toLowerCase())
|
|
.then((user) => { // eslint-disable-line consistent-return
|
|
if (!user) {
|
|
return done(null, false, { msg: `Email ${email} not found.` });
|
|
}
|
|
user.comparePassword(password, (innerErr, isMatch) => {
|
|
if (isMatch) {
|
|
return done(null, user);
|
|
}
|
|
return done(null, false, { msg: 'Invalid email or password.' });
|
|
});
|
|
})
|
|
.catch(err => done(null, false, { msg: err }));
|
|
}));
|
|
|
|
/*
|
|
Input:
|
|
[
|
|
{ value: 'email@example.com', primary: false, verified: true },
|
|
{ value: 'unverified@example.com', primary: false, verified: false }
|
|
]
|
|
|
|
Output:
|
|
['email@example.com']
|
|
*/
|
|
const getVerifiedEmails = githubEmails => (
|
|
(githubEmails || [])
|
|
.filter(item => item.verified === true)
|
|
.map(item => item.value)
|
|
);
|
|
|
|
const getPrimaryEmail = githubEmails => (
|
|
(
|
|
lodash.find(githubEmails, { primary: true }) || {}
|
|
).value
|
|
);
|
|
|
|
/**
|
|
* Sign in with GitHub.
|
|
*/
|
|
passport.use(new GitHubStrategy({
|
|
clientID: process.env.GITHUB_ID,
|
|
clientSecret: process.env.GITHUB_SECRET,
|
|
callbackURL: '/auth/github/callback',
|
|
passReqToCallback: true,
|
|
scope: ['user:email'],
|
|
}, (req, accessToken, refreshToken, profile, done) => {
|
|
User.findOne({ github: profile.id }, (findByGithubErr, existingUser) => {
|
|
if (existingUser) {
|
|
done(null, existingUser);
|
|
return;
|
|
}
|
|
|
|
const emails = getVerifiedEmails(profile.emails);
|
|
const primaryEmail = getPrimaryEmail(profile.emails);
|
|
|
|
User.findOne({
|
|
email: { $in: emails },
|
|
}, (findByEmailErr, existingEmailUser) => {
|
|
if (existingEmailUser) {
|
|
existingEmailUser.email = existingEmailUser.email || primaryEmail;
|
|
existingEmailUser.github = profile.id;
|
|
existingEmailUser.username = existingEmailUser.username || profile.username;
|
|
existingEmailUser.tokens.push({ kind: 'github', accessToken });
|
|
existingEmailUser.name = existingEmailUser.name || profile.displayName;
|
|
existingEmailUser.verified = User.EmailConfirmation.Verified;
|
|
existingEmailUser.save(saveErr => done(null, existingEmailUser));
|
|
} else {
|
|
const user = new User();
|
|
user.email = primaryEmail;
|
|
user.github = profile.id;
|
|
user.username = profile.username;
|
|
user.tokens.push({ kind: 'github', accessToken });
|
|
user.name = profile.displayName;
|
|
user.verified = User.EmailConfirmation.Verified;
|
|
user.save(saveErr => done(null, user));
|
|
}
|
|
});
|
|
});
|
|
}));
|
|
|
|
/**
|
|
* Sign in with Google.
|
|
*/
|
|
passport.use(new GoogleStrategy({
|
|
clientID: process.env.GOOGLE_ID,
|
|
clientSecret: process.env.GOOGLE_SECRET,
|
|
callbackURL: '/auth/google/callback',
|
|
passReqToCallback: true,
|
|
scope: ['email'],
|
|
}, (req, accessToken, refreshToken, profile, done) => {
|
|
User.findOne({ google: profile._json.emails[0].value }, (findByGoogleErr, existingUser) => {
|
|
if (existingUser) {
|
|
done(null, existingUser);
|
|
return;
|
|
}
|
|
|
|
const primaryEmail = profile._json.emails[0].value;
|
|
|
|
User.findOne({
|
|
email: primaryEmail,
|
|
}, (findByEmailErr, existingEmailUser) => {
|
|
if (existingEmailUser) {
|
|
existingEmailUser.email = existingEmailUser.email || primaryEmail;
|
|
existingEmailUser.google = profile._json.emails[0].value;
|
|
existingEmailUser.username = existingEmailUser.username || profile._json.emails[0].value;
|
|
existingEmailUser.tokens.push({ kind: 'google', accessToken });
|
|
existingEmailUser.name = existingEmailUser.name || profile._json.displayName;
|
|
existingEmailUser.verified = User.EmailConfirmation.Verified;
|
|
existingEmailUser.save(saveErr => done(null, existingEmailUser));
|
|
} else {
|
|
const user = new User();
|
|
user.email = primaryEmail;
|
|
user.google = profile._json.emails[0].value;
|
|
user.username = profile._json.emails[0].value;
|
|
user.tokens.push({ kind: 'google', accessToken });
|
|
user.name = profile._json.displayName;
|
|
user.verified = User.EmailConfirmation.Verified;
|
|
user.save(saveErr => done(null, user));
|
|
}
|
|
});
|
|
});
|
|
}));
|