UNPKG

passport-atlassian-crowd2

Version:

Password authentication strategy using Atlassian Crowd for Passport

148 lines (126 loc) 4.74 kB
var express = require('express'), http = require('http'), passport = require('passport'), flash = require('connect-flash'), _ = require('underscore'), AtlassianCrowdStrategy = require('passport-atlassian-crowd2').Strategy; var users = []; // Passport session setup. // To support persistent login sessions, Passport needs to be able to // serialize users into and deserialize users out of the session. Typically, // this will be as simple as storing the user ID when serializing, and finding // the user by ID when deserializing. passport.serializeUser(function (user, done) { done(null, user.username); }); passport.deserializeUser(function (username, done) { var user = _.find(users, function (user) { return user.username == username; }); if (user === undefined) { done(new Error("No user with username '" + username + "' found.")); } else { done(null, user); } }); // Use the AtlassianCrowdStrategy within Passport. // Strategies in passport require a `verify` function, which accept // credentials (in this case a crowd user profile), and invoke a callback // with a user object. In the real world, this would query a database; // however, in this example we are using a baked-in set of users. passport.use(new AtlassianCrowdStrategy({ crowdServer:"http://localhost:2990/jira/", crowdApplication:"nodejs", crowdApplicationPassword:"password", retrieveGroupMemberships:true }, function (userprofile, done) { // asynchronous verification, for effect... process.nextTick(function () { var exists = _.any(users, function (user) { return user.id == userprofile.id; }); if (!exists) { users.push(userprofile); } return done(null, userprofile); }); } )); var app = express(); // configure Express app.configure(function () { app.set('port', process.env.PORT || 4000); app.set('views', __dirname + '/views'); app.set('view engine', 'ejs'); app.engine('ejs', require('ejs-locals')); app.use(express.logger()); app.use(express.cookieParser()); app.use(express.bodyParser()); app.use(express.methodOverride()); app.use(express.session({ secret:'sssh!' })); app.use(flash()); // Initialize Passport! Also use passport.session() middleware, to support // persistent login sessions (recommended). app.use(passport.initialize()); app.use(passport.session()); app.use(app.router); app.use(express.static(__dirname + '/../../public')); }); app.get('/', function (req, res) { res.render('index', { user:req.user }); }); app.get('/account', ensureAuthenticated, function (req, res) { res.render('account', { user:req.user }); }); app.get('/login', function (req, res) { res.render('login', { user:req.user, message:req.flash('error') }); }); // POST /login // Use passport.authenticate() as route middleware to authenticate the // request. If authentication fails, the user will be redirected back to the // login page. Otherwise, the primary route function function will be called, // which, in this example, will redirect the user to the home page. // // curl -v -d "username=bob&password=secret" http://127.0.0.1:3000/login app.post('/login', passport.authenticate('atlassian-crowd', { failureRedirect:'/login', failureFlash:"Invalid username or password."}), function (req, res) { res.redirect('/'); }); // POST /login // This is an alternative implementation that uses a custom callback to // acheive the same functionality. /* app.post('/login', function(req, res, next) { passport.authenticate('local', function(err, user, info) { if (err) { return next(err) } if (!user) { req.flash('error', info.message); return res.redirect('/login') } req.logIn(user, function(err) { if (err) { return next(err); } return res.redirect('/users/' + user.username); }); })(req, res, next); }); */ app.get('/logout', function (req, res) { req.logout(); res.redirect('/'); }); http.createServer(app).listen(app.get('port'), function () { console.log("Express server listening on port " + app.get('port')); }); // Simple route middleware to ensure user is authenticated. // Use this route middleware on any resource that needs to be protected. If // the request is authenticated (typically via a persistent login session), // the request will proceed. Otherwise, the user will be redirected to the // login page. function ensureAuthenticated(req, res, next) { if (req.isAuthenticated()) { return next(); } res.redirect('/login') }