UNPKG

authservestatic

Version:

Serve static files with google authentication

87 lines (75 loc) 2.67 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#! /usr/bin/env node const fs = require('fs') const express = require('express') const cookieParser = require('cookie-parser') const cookieSession = require('cookie-session') const app = express() const passport = require('passport') const GoogleStrategy = require('passport-google-oauth20').Strategy const config = JSON.parse(fs.readFileSync('staticauth.json', 'utf8')) console.log(config) //eslint-disable-line let port = 8080 let callbackURL = 'http://localhost:8080/auth/google/callback' if (process.env.NODE_ENV == 'production') { port = config.port callbackURL = `${config.domain}${config.callbackEndpoint}` } console.log('callbackURL: ', callbackURL) //eslint-disable-line const googleAuth = { ...config.googleAuth, callbackURL } // Passport utils passport.serializeUser((user, done) => { done(null, user) }) passport.deserializeUser((user, done) => { done(null, user) }) // Set up passport app.use(cookieParser()) app.set('trust proxy', 1) // trust first proxy app.use(cookieSession(config.cookie)) app.use(passport.initialize()) app.use(passport.session()) passport.use( new GoogleStrategy(googleAuth, (token, tokenSecret, profile, done) => { const domain = profile._json.email.split('@')[1] if (config.validDomains.indexOf(domain) === -1) done(null, false, { message: config.failureMessage }) return done(null, { user: profile._json }) }) ) const isAuthenticated = (req, res, next) => { if (req.isAuthenticated()) { next() } else { console.log('req:', req) // FIXME: figure out how to get the full url. currently the part after # is stripped req.session.returnTo = req.originalUrl res.redirect('/') } } // Endpoints app.get('/ping', (req, res) => res.send('pong')) app.use(config.successRedirect, isAuthenticated, express.static(config.contentFolder)) app.get( '/login', passport.authenticate('google', { hd: 'saama.com', scope: config.scope, successRedirect: config.successRedirect, failureRedirect: '/authfailed', prompt: 'select_account', // Do not login automatically if one account }) ) app.get('/authfailed', (req, res) => { res.send(`${config.failureMessage}<br><a href="/login">Relogin</a>`) // TODO: Load error page from config }) app.get('/', passport.authenticate('google', { scope: ['profile', 'email'] })) app.get( config.callbackEndpoint, passport.authenticate('google', { failureRedirect: '/authfailed', scope: config.scope }), (req, res) => { res.redirect(req.session.returnTo || config.successRedirect) delete req.session.returnTo } ) // Start app app.listen(port, () => console.log(`Server started on ${port}`)) // eslint-disable-line