Skip to content

Instantly share code, notes, and snippets.

@guptaaman2011
Created July 5, 2016 17:10
Show Gist options
  • Save guptaaman2011/0fb55b50eecf4b1305ebfe15869b295d to your computer and use it in GitHub Desktop.
Save guptaaman2011/0fb55b50eecf4b1305ebfe15869b295d to your computer and use it in GitHub Desktop.
Auth Routes for angular application with login,signup,logout
var constants = require('../scripts/constants');
var logger = require(constants.paths.scripts + '/logger');
var util = require(constants.paths.scripts + '/util');
var assetBuilder = require(constants.paths.scripts + '/assetBuilder');
var menuBuilder = require(constants.paths.scripts + '/menuBuilder');
module.exports = function(app, passport) {
// normal routes ===============================================================
// show the home page (will also have our login links)
app.get('/', function(req, res) {
if (!req.isAuthenticated()){
/*res.locals.pageTitle = "Main";
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general,index");
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general,index");
res.render('index.ejs',{layout: 'layouts/public'});*/
res.redirect('/login');
} else {
renderHome(req, res);
}
});
// Token SECTION =========================
app.get('/token', isLoggedIn, function(req, res) {
//console.log("Auth token: " + req.user.token.token);
res.status(200).send(req.user);
});
app.get('/home', isLoggedIn, function(req, res) {
renderHome(req, res);
});
function renderHome(req, res){
res.locals.pageTitle = "Home";
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general,angular");
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general,home");
if("desktop".compare(res.locals.device)){
res.redirect(menuBuilder.getDefaultPage(req.user, 'web'));
} else {
res.redirect(menuBuilder.getDefaultPage(req.user, 'mobile'));
}
}
app.get('/app', isLoggedIn, function(req, res) {
res.locals.pageTitle = "App Info";
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general");
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general");
res.render('app.ejs', {
});
});
// LOGOUT ==============================
app.get('/logout', function(req, res) {
req.logout();
res.redirect('/');
});
// =============================================================================
// AUTHENTICATE (FIRST LOGIN) ==================================================
// =============================================================================
// locally --------------------------------
// LOGIN ===============================
// show the login form
app.get('/login', function(req, res) {
res.locals.pageTitle = "Login";
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general");
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general,login");
res.render('login.ejs', {
message: req.flash('loginMessage'),
layout: 'layouts/public'
});
});
// process the login form
app.post('/login', passport.authenticate('local-login', {
successRedirect : '/home', // redirect to the secure profile section
failureRedirect : '/login', // redirect back to the signup page if there is an error
failureFlash : true // allow flash messages
}));
// //process the login form
// app.get('/login/:email/:pwd', passport.authenticate('local-login', {
// successRedirect : '/home', // redirect to the secure profile section
// failureRedirect : '/login', // redirect back to the signup page if there is an error
// failureFlash : true // allow flash messages
// }));
// app.get('/login/:email/:pwd', function(req, res) {
// console.log(req.params.email);
// console.log(req.params.pwd);
// // res.redirect('/home');
// var querystring = require('querystring');
// var http = require('http');
// var data = querystring.stringify({
// email: req.params.email,
// password: req.params.pwd
// });
// var options = {
// host: 'localhost',
// port: 8080,
// path: '/login',
// method: 'POST',
// headers: {
// 'Content-Type': 'application/x-www-form-urlencoded',
// 'Content-Length': Buffer.byteLength(data)
// }
// };
// var req = http.request(options, function(res) {
// res.setEncoding('utf8');
// res.on('data', function (chunk) {
// console.log("body: " + chunk);
// });
// });
// req.write(data);
// console.log(req.write(data));
// req.end();
// });
app.get('/login/:email/:pwd', function(req, res) {
console.log(req.params.email);
console.log(req.params.pwd);
var request = require('request');
request.post({
headers: {'content-type' : 'application/x-www-form-urlencoded'},
url: 'http://localhost:8080/login/',
form: { email: req.params.email,password:req.params.pwd }
}, function(error, response, body){
console.log(error);
console.log(body);
console.log(response);
});
});
// SIGNUP =================================
// show the signup form
app.get('/signup', function(req, res) {
res.locals.pageTitle = "SignUp";
res.locals.stdAssets = assetBuilder.getAssets("stdAssets", "general");
res.locals.appAssets = assetBuilder.getAssets("appAssets", "general");
res.render('signup.ejs', {
layout: 'layouts/public',
message: req.flash('signupMessage')
});
});
// process the signup form
app.post('/signup', passport.authenticate('local-signup', {
successRedirect : '/home', // redirect to the secure profile section
failureRedirect : '/signup', // redirect back to the signup page if there is an error
failureFlash : true // allow flash messages
}));
// facebook -------------------------------
// send to facebook to do the authentication
app.get('/auth/facebook', passport.authenticate('facebook', { scope : 'email' }));
// handle the callback after facebook has authenticated the user
app.get('/auth/facebook/callback',
passport.authenticate('facebook', {
successRedirect : '/home',
failureRedirect : '/'
}));
// twitter --------------------------------
// send to twitter to do the authentication
app.get('/auth/twitter', passport.authenticate('twitter', { scope : 'email' }));
// handle the callback after twitter has authenticated the user
app.get('/auth/twitter/callback',
passport.authenticate('twitter', {
successRedirect : '/home',
failureRedirect : '/'
}));
// google ---------------------------------
// send to google to do the authentication
app.get('/auth/google', passport.authenticate('google', { scope : ['profile', 'email'] }));
// the callback after google has authenticated the user
app.get('/auth/google/callback',
passport.authenticate('google', {
successRedirect : '/home',
failureRedirect : '/'
}));
// =============================================================================
// AUTHORIZE (ALREADY LOGGED IN / CONNECTING OTHER SOCIAL ACCOUNT) =============
// =============================================================================
// locally --------------------------------
app.get('/connect/local', function(req, res) {
res.render('connect-local.ejs', { message: req.flash('loginMessage') });
});
app.post('/connect/local', passport.authenticate('local-signup', {
successRedirect : '/home', // redirect to the secure profile section
failureRedirect : '/connect/local', // redirect back to the signup page if there is an error
failureFlash : true // allow flash messages
}));
// facebook -------------------------------
// send to facebook to do the authentication
app.get('/connect/facebook', passport.authorize('facebook', { scope : 'email' }));
// handle the callback after facebook has authorized the user
app.get('/connect/facebook/callback',
passport.authorize('facebook', {
successRedirect : '/home',
failureRedirect : '/'
}));
// twitter --------------------------------
// send to twitter to do the authentication
app.get('/connect/twitter', passport.authorize('twitter', { scope : 'email' }));
// handle the callback after twitter has authorized the user
app.get('/connect/twitter/callback',
passport.authorize('twitter', {
successRedirect : '/home',
failureRedirect : '/'
}));
// google ---------------------------------
// send to google to do the authentication
app.get('/connect/google', passport.authorize('google', { scope : ['home', 'email'] }));
// the callback after google has authorized the user
app.get('/connect/google/callback',
passport.authorize('google', {
successRedirect : '/home',
failureRedirect : '/'
}));
// =============================================================================
// UNLINK ACCOUNTS =============================================================
// =============================================================================
// used to unlink accounts. for social accounts, just remove the token
// for local account, remove email and password
// user account will stay active in case they want to reconnect in the future
// local -----------------------------------
app.get('/unlink/local', isLoggedIn, function(req, res) {
var user = req.user;
user.local.email = undefined;
user.local.password = undefined;
user.save(function(err) {
res.redirect('/home');
});
});
// facebook -------------------------------
app.get('/unlink/facebook', isLoggedIn, function(req, res) {
var user = req.user;
user.facebook.token = undefined;
user.save(function(err) {
res.redirect('/home');
});
});
// twitter --------------------------------
app.get('/unlink/twitter', isLoggedIn, function(req, res) {
var user = req.user;
user.twitter.token = undefined;
user.save(function(err) {
res.redirect('/home');
});
});
// google ---------------------------------
app.get('/unlink/google', isLoggedIn, function(req, res) {
var user = req.user;
user.google.token = undefined;
user.save(function(err) {
res.redirect('/profile');
});
});
};
// route middleware to ensure user is logged in
function isLoggedIn(req, res, next) {
if (req.isAuthenticated())
return next();
// A simple detour for token access
// Application can access token after login to connect with API
if(req.url.indexOf('/token') > -1)
res.status(404).send("Not Found");
else
res.redirect('/login?' + req.path);
}
// load all the things we need
var LocalStrategy = require('passport-local').Strategy;
var FacebookStrategy = require('passport-facebook').Strategy;
var TwitterStrategy = require('passport-twitter').Strategy;
var GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;
var constants = require('../scripts/constants');
var User = require(constants.paths.models + '/user');
var userService = require(constants.paths.services + '/users');
var emailController = require(constants.paths.scripts + '/email');
var secure = require(constants.paths.scripts + '/secure');
// load the auth variables
var configAuth = require('./auth'); // use this one for testing
module.exports = function(passport,$routeParams) {
// =========================================================================
// passport session setup ==================================================
// =========================================================================
// required for persistent login sessions
// passport needs ability to serialize and unserialize users out of session
// used to serialize the user for the session
passport.serializeUser(function(user, done) {
done(null, user.id);
});
// used to deserialize the user
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
//var newUser = user;
user.set('groups', secure.getGroups(user), { strict: false });
//newUser.groups = "secure.getGroups(user)";
// console.log("User groups:" + user.groups);
// console.log(user);
done(err, user);
});
});
// =========================================================================
// LOCAL LOGIN =============================================================
// =========================================================================
passport.use('local-login', new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField : 'email',
passwordField : 'password',
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
},
function(req, email, password, done) {
if (email)
email = email.toLowerCase(); // Use lower-case e-mails to avoid case-sensitive e-mail matching
// asynchronous
process.nextTick(function() {
User.findOne({ 'local.email' : email }, function(err, user) {
// if there are any errors, return the error
if (err)
return done(err);
// if no user is found, return the message
if (!user)
return done(null, false, req.flash('loginMessage', 'Invalid Username/Password'));
// if (!user.validPassword(password))
// return done(null, false, req.flash('loginMessage', 'Invalid Password'));
if(user.status == 'Locked')
return done(null, false, req.flash('loginMessage', 'User is Locked.Please Contact Administrator'));
// all is well, return user
else{
// set last login time on successful login
user.stats.dateLastLogin = new Date();
userService.updateById(user._id, user);
return done(null, user);
}
});
});
}));
// =========================================================================
// LOCAL LOGIN WITH VERIFY==================================================
// =========================================================================
passport.use('local-loginverify', new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField : 'email',
passwordField : 'password',
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
},
function(req, email, password, done,$routeParams) {
console.log(req.params.email);
console.log(req.params.pwd);
var email = req.params.email;
if (email)
useremail = email; // Use lower-case e-mails to avoid case-sensitive e-mail matching
password = req.params.pwd;
// asynchronous
process.nextTick(function() {
User.findOne({ 'local.email' : useremail }, function(err, user) {
// if there are any errors, return the error
if (err)
return done(err);
// if no user is found, return the message
if (!user)
return done(null, false, req.flash('loginMessage', 'Invalid Username/Password'));
if (!user.validPassword(password))
return done(null, false, req.flash('loginMessage', 'Invalid Username/Password'));
if(user.status == 'Locked')
return done(null, false, req.flash('loginMessage', 'User is Locked.Please Contact Administrator'));
// all is well, return user
else{
// set last login time on successful login
user.stats.dateLastLogin = new Date();
userService.updateById(user._id, user);
return done(null, user);
}
});
});
}));
// =========================================================================
// LOCAL SIGNUP ============================================================
// =========================================================================
passport.use('local-signup', new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField : 'email',
passwordField : 'password',
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
},
function(req, email, password, done) {
if (email)
email = email.toLowerCase(); // Use lower-case e-mails to avoid case-sensitive e-mail matching
// asynchronous
process.nextTick(function() {
// if the user is not already logged in:
if (!req.user) {
User.findOne({ 'local.email' : email }, function(err, user) {
// if there are any errors, return the error
if (err)
return done(err);
// check to see if theres already a user with that email
if (user) {
return done(null, false, req.flash('signupMessage', 'That email is already taken.'));
} else {
// create the user
var newUser = new User();
newUser.local.email = email;
newUser.local.password = newUser.generateHash(password);
newUser.name.first = req.body.firstname;
newUser.name.last = req.body.lastname;
newUser.email = email;
newUser.organization = "CSC";
newUser.association = "employee";
newUser.stats.dateCreated = Date.now();
newUser.stats.dateLastLogin = Date.now();
newUser.save(function(err) {
if (err)
return done(err);
emailController.newUserAdd(newUser);
return done(null, newUser);
});
}
});
// if the user is logged in but has no local account...
} else if ( !req.user.local.email ) {
// ...presumably they're trying to connect a local account
// BUT let's check if the email used to connect a local account is being used by another user
User.findOne({ 'local.email' : email }, function(err, user) {
if (err)
return done(err);
if (user) {
return done(null, false, req.flash('loginMessage', 'That email is already taken.'));
// Using 'loginMessage instead of signupMessage because it's used by /connect/local'
} else {
var user = req.user;
user.local.email = email;
user.local.password = user.generateHash(password);
user.save(function (err) {
if (err)
return done(err);
return done(null,user);
});
}
});
} else {
// user is logged in and already has a local account. Ignore signup. (You should log out before trying to create a new account, user!)
return done(null, req.user);
}
});
}));
// =========================================================================
// FACEBOOK ================================================================
// =========================================================================
passport.use(new FacebookStrategy({
clientID : configAuth.facebookAuth.clientID,
clientSecret : configAuth.facebookAuth.clientSecret,
callbackURL : configAuth.facebookAuth.callbackURL,
profileFields : ['id', 'name', 'email'],
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
},
function(req, token, refreshToken, profile, done) {
// asynchronous
process.nextTick(function() {
// check if the user is already logged in
if (!req.user) {
User.findOne({ 'facebook.id' : profile.id }, function(err, user) {
if (err)
return done(err);
if (user) {
// if there is a user id already but no token (user was linked at one point and then removed)
if (!user.facebook.token) {
user.facebook.token = token;
user.facebook.name = profile.name.givenName + ' ' + profile.name.familyName;
user.facebook.email = (profile.emails[0].value || '').toLowerCase();
user.save(function(err) {
if (err)
return done(err);
return done(null, user);
});
}
return done(null, user); // user found, return that user
} else {
// if there is no user, create them
var newUser = new User();
newUser.facebook.id = profile.id;
newUser.facebook.token = token;
newUser.facebook.name = profile.name.givenName + ' ' + profile.name.familyName;
newUser.facebook.email = (profile.emails[0].value || '').toLowerCase();
newUser.save(function(err) {
if (err)
return done(err);
return done(null, newUser);
});
}
});
} else {
// user already exists and is logged in, we have to link accounts
var user = req.user; // pull the user out of the session
user.facebook.id = profile.id;
user.facebook.token = token;
user.facebook.name = profile.name.givenName + ' ' + profile.name.familyName;
user.facebook.email = (profile.emails[0].value || '').toLowerCase();
user.save(function(err) {
if (err)
return done(err);
return done(null, user);
});
}
});
}));
// =========================================================================
// TWITTER =================================================================
// =========================================================================
passport.use(new TwitterStrategy({
consumerKey : configAuth.twitterAuth.consumerKey,
consumerSecret : configAuth.twitterAuth.consumerSecret,
callbackURL : configAuth.twitterAuth.callbackURL,
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
},
function(req, token, tokenSecret, profile, done) {
// asynchronous
process.nextTick(function() {
// check if the user is already logged in
if (!req.user) {
User.findOne({ 'twitter.id' : profile.id }, function(err, user) {
if (err)
return done(err);
if (user) {
// if there is a user id already but no token (user was linked at one point and then removed)
if (!user.twitter.token) {
user.twitter.token = token;
user.twitter.username = profile.username;
user.twitter.displayName = profile.displayName;
user.save(function(err) {
if (err)
return done(err);
return done(null, user);
});
}
return done(null, user); // user found, return that user
} else {
// if there is no user, create them
var newUser = new User();
newUser.twitter.id = profile.id;
newUser.twitter.token = token;
newUser.twitter.username = profile.username;
newUser.twitter.displayName = profile.displayName;
newUser.save(function(err) {
if (err)
return done(err);
return done(null, newUser);
});
}
});
} else {
// user already exists and is logged in, we have to link accounts
var user = req.user; // pull the user out of the session
user.twitter.id = profile.id;
user.twitter.token = token;
user.twitter.username = profile.username;
user.twitter.displayName = profile.displayName;
user.save(function(err) {
if (err)
return done(err);
return done(null, user);
});
}
});
}));
// =========================================================================
// GOOGLE ==================================================================
// =========================================================================
passport.use(new GoogleStrategy({
clientID : configAuth.googleAuth.clientID,
clientSecret : configAuth.googleAuth.clientSecret,
callbackURL : configAuth.googleAuth.callbackURL,
passReqToCallback : true // allows us to pass in the req from our route (lets us check if a user is logged in or not)
},
function(req, token, refreshToken, profile, done) {
// asynchronous
process.nextTick(function() {
// check if the user is already logged in
if (!req.user) {
User.findOne({ 'google.id' : profile.id }, function(err, user) {
if (err)
return done(err);
if (user) {
// if there is a user id already but no token (user was linked at one point and then removed)
if (!user.google.token) {
user.google.token = token;
user.google.name = profile.displayName;
user.google.email = (profile.emails[0].value || '').toLowerCase(); // pull the first email
user.save(function(err) {
if (err)
return done(err);
return done(null, user);
});
}
return done(null, user);
} else {
var newUser = new User();
newUser.google.id = profile.id;
newUser.google.token = token;
newUser.google.name = profile.displayName;
newUser.google.email = (profile.emails[0].value || '').toLowerCase(); // pull the first email
newUser.save(function(err) {
if (err)
return done(err);
return done(null, newUser);
});
}
});
} else {
// user already exists and is logged in, we have to link accounts
var user = req.user; // pull the user out of the session
user.google.id = profile.id;
user.google.token = token;
user.google.name = profile.displayName;
user.google.email = (profile.emails[0].value || '').toLowerCase(); // pull the first email
user.save(function(err) {
if (err)
return done(err);
return done(null, user);
});
}
});
}));
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment