Created
July 5, 2016 17:10
-
-
Save guptaaman2011/0fb55b50eecf4b1305ebfe15869b295d to your computer and use it in GitHub Desktop.
Auth Routes for angular application with login,signup,logout
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var constants = require('../scripts/constants'); | |
var logger = require(constants.paths.scripts + '/logger'); | |
var util = require(constants.paths.scripts + '/util'); | |
var assetBuilder = require(constants.paths.scripts + '/assetBuilder'); | |
var menuBuilder = require(constants.paths.scripts + '/menuBuilder'); | |
module.exports = function(app, passport) { | |
// normal routes =============================================================== | |
// show the home page (will also have our login links) | |
app.get('/', function(req, res) { | |
if (!req.isAuthenticated()){ | |
/*res.locals.pageTitle = "Main"; | |
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general,index"); | |
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general,index"); | |
res.render('index.ejs',{layout: 'layouts/public'});*/ | |
res.redirect('/login'); | |
} else { | |
renderHome(req, res); | |
} | |
}); | |
// Token SECTION ========================= | |
app.get('/token', isLoggedIn, function(req, res) { | |
//console.log("Auth token: " + req.user.token.token); | |
res.status(200).send(req.user); | |
}); | |
app.get('/home', isLoggedIn, function(req, res) { | |
renderHome(req, res); | |
}); | |
function renderHome(req, res){ | |
res.locals.pageTitle = "Home"; | |
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general,angular"); | |
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general,home"); | |
if("desktop".compare(res.locals.device)){ | |
res.redirect(menuBuilder.getDefaultPage(req.user, 'web')); | |
} else { | |
res.redirect(menuBuilder.getDefaultPage(req.user, 'mobile')); | |
} | |
} | |
app.get('/app', isLoggedIn, function(req, res) { | |
res.locals.pageTitle = "App Info"; | |
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general"); | |
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general"); | |
res.render('app.ejs', { | |
}); | |
}); | |
// LOGOUT ============================== | |
app.get('/logout', function(req, res) { | |
req.logout(); | |
res.redirect('/'); | |
}); | |
// ============================================================================= | |
// AUTHENTICATE (FIRST LOGIN) ================================================== | |
// ============================================================================= | |
// locally -------------------------------- | |
// LOGIN =============================== | |
// show the login form | |
app.get('/login', function(req, res) { | |
res.locals.pageTitle = "Login"; | |
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general"); | |
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general,login"); | |
res.render('login.ejs', { | |
message: req.flash('loginMessage'), | |
layout: 'layouts/public' | |
}); | |
}); | |
// process the login form | |
app.post('/login', passport.authenticate('local-login', { | |
successRedirect : '/home', // redirect to the secure profile section | |
failureRedirect : '/login', // redirect back to the signup page if there is an error | |
failureFlash : true // allow flash messages | |
})); | |
// //process the login form | |
// app.get('/login/:email/:pwd', passport.authenticate('local-login', { | |
// successRedirect : '/home', // redirect to the secure profile section | |
// failureRedirect : '/login', // redirect back to the signup page if there is an error | |
// failureFlash : true // allow flash messages | |
// })); | |
// app.get('/login/:email/:pwd', function(req, res) { | |
// console.log(req.params.email); | |
// console.log(req.params.pwd); | |
// // res.redirect('/home'); | |
// var querystring = require('querystring'); | |
// var http = require('http'); | |
// var data = querystring.stringify({ | |
// email: req.params.email, | |
// password: req.params.pwd | |
// }); | |
// var options = { | |
// host: 'localhost', | |
// port: 8080, | |
// path: '/login', | |
// method: 'POST', | |
// headers: { | |
// 'Content-Type': 'application/x-www-form-urlencoded', | |
// 'Content-Length': Buffer.byteLength(data) | |
// } | |
// }; | |
// var req = http.request(options, function(res) { | |
// res.setEncoding('utf8'); | |
// res.on('data', function (chunk) { | |
// console.log("body: " + chunk); | |
// }); | |
// }); | |
// req.write(data); | |
// console.log(req.write(data)); | |
// req.end(); | |
// }); | |
app.get('/login/:email/:pwd', function(req, res) { | |
console.log(req.params.email); | |
console.log(req.params.pwd); | |
var request = require('request'); | |
request.post({ | |
headers: {'content-type' : 'application/x-www-form-urlencoded'}, | |
url: 'http://localhost:8080/login/', | |
form: { email: req.params.email,password:req.params.pwd } | |
}, function(error, response, body){ | |
console.log(error); | |
console.log(body); | |
console.log(response); | |
}); | |
}); | |
// SIGNUP ================================= | |
// show the signup form | |
app.get('/signup', function(req, res) { | |
res.locals.pageTitle = "SignUp"; | |
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general"); | |
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general"); | |
res.render('signup.ejs', { | |
layout: 'layouts/public', | |
message: req.flash('signupMessage') | |
}); | |
}); | |
// process the signup form | |
app.post('/signup', passport.authenticate('local-signup', { | |
successRedirect : '/home', // redirect to the secure profile section | |
failureRedirect : '/signup', // redirect back to the signup page if there is an error | |
failureFlash : true // allow flash messages | |
})); | |
// facebook ------------------------------- | |
// send to facebook to do the authentication | |
app.get('/auth/facebook', passport.authenticate('facebook', { scope : 'email' })); | |
// handle the callback after facebook has authenticated the user | |
app.get('/auth/facebook/callback', | |
passport.authenticate('facebook', { | |
successRedirect : '/home', | |
failureRedirect : '/' | |
})); | |
// twitter -------------------------------- | |
// send to twitter to do the authentication | |
app.get('/auth/twitter', passport.authenticate('twitter', { scope : 'email' })); | |
// handle the callback after twitter has authenticated the user | |
app.get('/auth/twitter/callback', | |
passport.authenticate('twitter', { | |
successRedirect : '/home', | |
failureRedirect : '/' | |
})); | |
// google --------------------------------- | |
// send to google to do the authentication | |
app.get('/auth/google', passport.authenticate('google', { scope : ['profile', 'email'] })); | |
// the callback after google has authenticated the user | |
app.get('/auth/google/callback', | |
passport.authenticate('google', { | |
successRedirect : '/home', | |
failureRedirect : '/' | |
})); | |
// ============================================================================= | |
// AUTHORIZE (ALREADY LOGGED IN / CONNECTING OTHER SOCIAL ACCOUNT) ============= | |
// ============================================================================= | |
// locally -------------------------------- | |
app.get('/connect/local', function(req, res) { | |
res.render('connect-local.ejs', { message: req.flash('loginMessage') }); | |
}); | |
app.post('/connect/local', passport.authenticate('local-signup', { | |
successRedirect : '/home', // redirect to the secure profile section | |
failureRedirect : '/connect/local', // redirect back to the signup page if there is an error | |
failureFlash : true // allow flash messages | |
})); | |
// facebook ------------------------------- | |
// send to facebook to do the authentication | |
app.get('/connect/facebook', passport.authorize('facebook', { scope : 'email' })); | |
// handle the callback after facebook has authorized the user | |
app.get('/connect/facebook/callback', | |
passport.authorize('facebook', { | |
successRedirect : '/home', | |
failureRedirect : '/' | |
})); | |
// twitter -------------------------------- | |
// send to twitter to do the authentication | |
app.get('/connect/twitter', passport.authorize('twitter', { scope : 'email' })); | |
// handle the callback after twitter has authorized the user | |
app.get('/connect/twitter/callback', | |
passport.authorize('twitter', { | |
successRedirect : '/home', | |
failureRedirect : '/' | |
})); | |
// google --------------------------------- | |
// send to google to do the authentication | |
app.get('/connect/google', passport.authorize('google', { scope : ['home', 'email'] })); | |
// the callback after google has authorized the user | |
app.get('/connect/google/callback', | |
passport.authorize('google', { | |
successRedirect : '/home', | |
failureRedirect : '/' | |
})); | |
// ============================================================================= | |
// UNLINK ACCOUNTS ============================================================= | |
// ============================================================================= | |
// used to unlink accounts. for social accounts, just remove the token | |
// for local account, remove email and password | |
// user account will stay active in case they want to reconnect in the future | |
// local ----------------------------------- | |
app.get('/unlink/local', isLoggedIn, function(req, res) { | |
var user = req.user; | |
user.local.email = undefined; | |
user.local.password = undefined; | |
user.save(function(err) { | |
res.redirect('/home'); | |
}); | |
}); | |
// facebook ------------------------------- | |
app.get('/unlink/facebook', isLoggedIn, function(req, res) { | |
var user = req.user; | |
user.facebook.token = undefined; | |
user.save(function(err) { | |
res.redirect('/home'); | |
}); | |
}); | |
// twitter -------------------------------- | |
app.get('/unlink/twitter', isLoggedIn, function(req, res) { | |
var user = req.user; | |
user.twitter.token = undefined; | |
user.save(function(err) { | |
res.redirect('/home'); | |
}); | |
}); | |
// google --------------------------------- | |
app.get('/unlink/google', isLoggedIn, function(req, res) { | |
var user = req.user; | |
user.google.token = undefined; | |
user.save(function(err) { | |
res.redirect('/profile'); | |
}); | |
}); | |
}; | |
// route middleware to ensure user is logged in | |
function isLoggedIn(req, res, next) { | |
if (req.isAuthenticated()) | |
return next(); | |
// A simple detour for token access | |
// Application can access token after login to connect with API | |
if(req.url.indexOf('/token') > -1) | |
res.status(404).send("Not Found"); | |
else | |
res.redirect('/login?' + req.path); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// load all the things we need | |
var LocalStrategy = require('passport-local').Strategy; | |
var FacebookStrategy = require('passport-facebook').Strategy; | |
var TwitterStrategy = require('passport-twitter').Strategy; | |
var GoogleStrategy = require('passport-google-oauth').OAuth2Strategy; | |
var constants = require('../scripts/constants'); | |
var User = require(constants.paths.models + '/user'); | |
var userService = require(constants.paths.services + '/users'); | |
var emailController = require(constants.paths.scripts + '/email'); | |
var secure = require(constants.paths.scripts + '/secure'); | |
// load the auth variables | |
var configAuth = require('./auth'); // use this one for testing | |
module.exports = function(passport,$routeParams) { | |
// ========================================================================= | |
// passport session setup ================================================== | |
// ========================================================================= | |
// required for persistent login sessions | |
// passport needs ability to serialize and unserialize users out of session | |
// used to serialize the user for the session | |
passport.serializeUser(function(user, done) { | |
done(null, user.id); | |
}); | |
// used to deserialize the user | |
passport.deserializeUser(function(id, done) { | |
User.findById(id, function(err, user) { | |
//var newUser = user; | |
user.set('groups', secure.getGroups(user), { strict: false }); | |
//newUser.groups = "secure.getGroups(user)"; | |
// console.log("User groups:" + user.groups); | |
// console.log(user); | |
done(err, user); | |
}); | |
}); | |
// ========================================================================= | |
// LOCAL LOGIN ============================================================= | |
// ========================================================================= | |
passport.use('local-login', new LocalStrategy({ | |
// by default, local strategy uses username and password, we will override with email | |
usernameField : 'email', | |
passwordField : 'password', | |
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not) | |
}, | |
function(req, email, password, done) { | |
if (email) | |
email = email.toLowerCase(); // Use lower-case e-mails to avoid case-sensitive e-mail matching | |
// asynchronous | |
process.nextTick(function() { | |
User.findOne({ 'local.email' : email }, function(err, user) { | |
// if there are any errors, return the error | |
if (err) | |
return done(err); | |
// if no user is found, return the message | |
if (!user) | |
return done(null, false, req.flash('loginMessage', 'Invalid Username/Password')); | |
// if (!user.validPassword(password)) | |
// return done(null, false, req.flash('loginMessage', 'Invalid Password')); | |
if(user.status == 'Locked') | |
return done(null, false, req.flash('loginMessage', 'User is Locked.Please Contact Administrator')); | |
// all is well, return user | |
else{ | |
// set last login time on successful login | |
user.stats.dateLastLogin = new Date(); | |
userService.updateById(user._id, user); | |
return done(null, user); | |
} | |
}); | |
}); | |
})); | |
// ========================================================================= | |
// LOCAL LOGIN WITH VERIFY================================================== | |
// ========================================================================= | |
passport.use('local-loginverify', new LocalStrategy({ | |
// by default, local strategy uses username and password, we will override with email | |
usernameField : 'email', | |
passwordField : 'password', | |
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not) | |
}, | |
function(req, email, password, done,$routeParams) { | |
console.log(req.params.email); | |
console.log(req.params.pwd); | |
var email = req.params.email; | |
if (email) | |
useremail = email; // Use lower-case e-mails to avoid case-sensitive e-mail matching | |
password = req.params.pwd; | |
// asynchronous | |
process.nextTick(function() { | |
User.findOne({ 'local.email' : useremail }, function(err, user) { | |
// if there are any errors, return the error | |
if (err) | |
return done(err); | |
// if no user is found, return the message | |
if (!user) | |
return done(null, false, req.flash('loginMessage', 'Invalid Username/Password')); | |
if (!user.validPassword(password)) | |
return done(null, false, req.flash('loginMessage', 'Invalid Username/Password')); | |
if(user.status == 'Locked') | |
return done(null, false, req.flash('loginMessage', 'User is Locked.Please Contact Administrator')); | |
// all is well, return user | |
else{ | |
// set last login time on successful login | |
user.stats.dateLastLogin = new Date(); | |
userService.updateById(user._id, user); | |
return done(null, user); | |
} | |
}); | |
}); | |
})); | |
// ========================================================================= | |
// LOCAL SIGNUP ============================================================ | |
// ========================================================================= | |
passport.use('local-signup', new LocalStrategy({ | |
// by default, local strategy uses username and password, we will override with email | |
usernameField : 'email', | |
passwordField : 'password', | |
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not) | |
}, | |
function(req, email, password, done) { | |
if (email) | |
email = email.toLowerCase(); // Use lower-case e-mails to avoid case-sensitive e-mail matching | |
// asynchronous | |
process.nextTick(function() { | |
// if the user is not already logged in: | |
if (!req.user) { | |
User.findOne({ 'local.email' : email }, function(err, user) { | |
// if there are any errors, return the error | |
if (err) | |
return done(err); | |
// check to see if theres already a user with that email | |
if (user) { | |
return done(null, false, req.flash('signupMessage', 'That email is already taken.')); | |
} else { | |
// create the user | |
var newUser = new User(); | |
newUser.local.email = email; | |
newUser.local.password = newUser.generateHash(password); | |
newUser.name.first = req.body.firstname; | |
newUser.name.last = req.body.lastname; | |
newUser.email = email; | |
newUser.organization = "CSC"; | |
newUser.association = "employee"; | |
newUser.stats.dateCreated = Date.now(); | |
newUser.stats.dateLastLogin = Date.now(); | |
newUser.save(function(err) { | |
if (err) | |
return done(err); | |
emailController.newUserAdd(newUser); | |
return done(null, newUser); | |
}); | |
} | |
}); | |
// if the user is logged in but has no local account... | |
} else if ( !req.user.local.email ) { | |
// ...presumably they're trying to connect a local account | |
// BUT let's check if the email used to connect a local account is being used by another user | |
User.findOne({ 'local.email' : email }, function(err, user) { | |
if (err) | |
return done(err); | |
if (user) { | |
return done(null, false, req.flash('loginMessage', 'That email is already taken.')); | |
// Using 'loginMessage instead of signupMessage because it's used by /connect/local' | |
} else { | |
var user = req.user; | |
user.local.email = email; | |
user.local.password = user.generateHash(password); | |
user.save(function (err) { | |
if (err) | |
return done(err); | |
return done(null,user); | |
}); | |
} | |
}); | |
} else { | |
// user is logged in and already has a local account. Ignore signup. (You should log out before trying to create a new account, user!) | |
return done(null, req.user); | |
} | |
}); | |
})); | |
// ========================================================================= | |
// FACEBOOK ================================================================ | |
// ========================================================================= | |
passport.use(new FacebookStrategy({ | |
clientID : configAuth.facebookAuth.clientID, | |
clientSecret : configAuth.facebookAuth.clientSecret, | |
callbackURL : configAuth.facebookAuth.callbackURL, | |
profileFields : ['id', 'name', 'email'], | |
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not) | |
}, | |
function(req, token, refreshToken, profile, done) { | |
// asynchronous | |
process.nextTick(function() { | |
// check if the user is already logged in | |
if (!req.user) { | |
User.findOne({ 'facebook.id' : profile.id }, function(err, user) { | |
if (err) | |
return done(err); | |
if (user) { | |
// if there is a user id already but no token (user was linked at one point and then removed) | |
if (!user.facebook.token) { | |
user.facebook.token = token; | |
user.facebook.name = profile.name.givenName + ' ' + profile.name.familyName; | |
user.facebook.email = (profile.emails[0].value || '').toLowerCase(); | |
user.save(function(err) { | |
if (err) | |
return done(err); | |
return done(null, user); | |
}); | |
} | |
return done(null, user); // user found, return that user | |
} else { | |
// if there is no user, create them | |
var newUser = new User(); | |
newUser.facebook.id = profile.id; | |
newUser.facebook.token = token; | |
newUser.facebook.name = profile.name.givenName + ' ' + profile.name.familyName; | |
newUser.facebook.email = (profile.emails[0].value || '').toLowerCase(); | |
newUser.save(function(err) { | |
if (err) | |
return done(err); | |
return done(null, newUser); | |
}); | |
} | |
}); | |
} else { | |
// user already exists and is logged in, we have to link accounts | |
var user = req.user; // pull the user out of the session | |
user.facebook.id = profile.id; | |
user.facebook.token = token; | |
user.facebook.name = profile.name.givenName + ' ' + profile.name.familyName; | |
user.facebook.email = (profile.emails[0].value || '').toLowerCase(); | |
user.save(function(err) { | |
if (err) | |
return done(err); | |
return done(null, user); | |
}); | |
} | |
}); | |
})); | |
// ========================================================================= | |
// TWITTER ================================================================= | |
// ========================================================================= | |
passport.use(new TwitterStrategy({ | |
consumerKey : configAuth.twitterAuth.consumerKey, | |
consumerSecret : configAuth.twitterAuth.consumerSecret, | |
callbackURL : configAuth.twitterAuth.callbackURL, | |
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not) | |
}, | |
function(req, token, tokenSecret, profile, done) { | |
// asynchronous | |
process.nextTick(function() { | |
// check if the user is already logged in | |
if (!req.user) { | |
User.findOne({ 'twitter.id' : profile.id }, function(err, user) { | |
if (err) | |
return done(err); | |
if (user) { | |
// if there is a user id already but no token (user was linked at one point and then removed) | |
if (!user.twitter.token) { | |
user.twitter.token = token; | |
user.twitter.username = profile.username; | |
user.twitter.displayName = profile.displayName; | |
user.save(function(err) { | |
if (err) | |
return done(err); | |
return done(null, user); | |
}); | |
} | |
return done(null, user); // user found, return that user | |
} else { | |
// if there is no user, create them | |
var newUser = new User(); | |
newUser.twitter.id = profile.id; | |
newUser.twitter.token = token; | |
newUser.twitter.username = profile.username; | |
newUser.twitter.displayName = profile.displayName; | |
newUser.save(function(err) { | |
if (err) | |
return done(err); | |
return done(null, newUser); | |
}); | |
} | |
}); | |
} else { | |
// user already exists and is logged in, we have to link accounts | |
var user = req.user; // pull the user out of the session | |
user.twitter.id = profile.id; | |
user.twitter.token = token; | |
user.twitter.username = profile.username; | |
user.twitter.displayName = profile.displayName; | |
user.save(function(err) { | |
if (err) | |
return done(err); | |
return done(null, user); | |
}); | |
} | |
}); | |
})); | |
// ========================================================================= | |
// GOOGLE ================================================================== | |
// ========================================================================= | |
passport.use(new GoogleStrategy({ | |
clientID : configAuth.googleAuth.clientID, | |
clientSecret : configAuth.googleAuth.clientSecret, | |
callbackURL : configAuth.googleAuth.callbackURL, | |
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not) | |
}, | |
function(req, token, refreshToken, profile, done) { | |
// asynchronous | |
process.nextTick(function() { | |
// check if the user is already logged in | |
if (!req.user) { | |
User.findOne({ 'google.id' : profile.id }, function(err, user) { | |
if (err) | |
return done(err); | |
if (user) { | |
// if there is a user id already but no token (user was linked at one point and then removed) | |
if (!user.google.token) { | |
user.google.token = token; | |
user.google.name = profile.displayName; | |
user.google.email = (profile.emails[0].value || '').toLowerCase(); // pull the first email | |
user.save(function(err) { | |
if (err) | |
return done(err); | |
return done(null, user); | |
}); | |
} | |
return done(null, user); | |
} else { | |
var newUser = new User(); | |
newUser.google.id = profile.id; | |
newUser.google.token = token; | |
newUser.google.name = profile.displayName; | |
newUser.google.email = (profile.emails[0].value || '').toLowerCase(); // pull the first email | |
newUser.save(function(err) { | |
if (err) | |
return done(err); | |
return done(null, newUser); | |
}); | |
} | |
}); | |
} else { | |
// user already exists and is logged in, we have to link accounts | |
var user = req.user; // pull the user out of the session | |
user.google.id = profile.id; | |
user.google.token = token; | |
user.google.name = profile.displayName; | |
user.google.email = (profile.emails[0].value || '').toLowerCase(); // pull the first email | |
user.save(function(err) { | |
if (err) | |
return done(err); | |
return done(null, user); | |
}); | |
} | |
}); | |
})); | |
}; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment