UNPKG

@inspire-platform/sails-hook-auth

Version:

Passport-based User Authentication system for sails.js applications.

134 lines (118 loc) 3.61 kB
/** * Authentication Controller */ module.exports = { /** * Log out a user and return them to the homepage * * Passport exposes a logout() function on req (also aliased as logOut()) that * can be called from any route handler which needs to terminate a login * session. Invoking logout() will remove the req.user property and clear the * login session (if any). * * For more information on logging out users in Passport.js, check out: * http://passportjs.org/guide/logout/ * * @param {Object} req * @param {Object} res */ logout: function (req, res) { req.logout(); delete req.user; delete req.session.passport; req.session.authenticated = false; // revoke second factor on logout? if ( true === 'twoFactor' in sails.config.auth && true === 'revokeOnLogout' in sails.config.auth.twoFactor && true === sails.config.auth.twoFactor.revokeOnLogout ) { req.session.secondFactor = null; } if (!req.isSocket && req.query.next) { res.redirect(req.query.next); } else { res.ok(); } }, /** * Create a third-party authentication endpoint * * @param {Object} req * @param {Object} res */ provider: function (req, res) { sails.services.passport.endpoint(req, res); }, /** * Create a authentication callback endpoint * * This endpoint handles everything related to creating and verifying Pass- * ports and users, both locally and from third-aprty providers. * * Passport exposes a login() function on req (also aliased as logIn()) that * can be used to establish a login session. When the login operation * completes, user will be assigned to req.user. * * For more information on logging in users in Passport.js, check out: * http://passportjs.org/guide/login/ * * @param {Object} req * @param {Object} res */ callback: function (req, res) { var action = req.param('action'); function negotiateError (err) { if (action === 'register') { res.redirect('/register'); } else if (action === 'login') { res.redirect('/login'); } else if (action === 'disconnect') { res.redirect('back'); } else { // make sure the server always returns a response to the client // i.e passport-local bad username/email or password res.send(403, err); } } sails.services.passport.callback(req, res, function (err, user, info, status) { if (err || !user) { sails.log.warn(user, err, info, status); if(!err && info) { return negotiateError(info); } return negotiateError(err); } req.login(user, function (err) { if (err) { sails.log.warn(err); return negotiateError(err); } req.session.authenticated = true; // maybe update last login return sails.models.user.updateLastLogin(user).then(() => { // Upon successful login, optionally redirect the user if there is a // `next` query param if (req.query.next) { var url = sails.services.authservice.buildCallbackNextUrl(req); res.status(302).set('Location', url); } sails.log.info('user', user, 'authenticated successfully'); return res.json(user); }); }); }); }, /** * Disconnect a passport from a user * * @param {Object} req * @param {Object} res */ disconnect: function (req, res) { sails.services.passport.disconnect(req, res); } };