Skip to content

Instantly share code, notes, and snippets.

@julianlam
Last active July 19, 2022 07:37
Show Gist options
  • Save julianlam/19deafaa4dbd624ceecd to your computer and use it in GitHub Desktop.
Save julianlam/19deafaa4dbd624ceecd to your computer and use it in GitHub Desktop.
How to create a login override plugin
var passport = module.parent.require('passport'),
passportLocal = module.parent.require('passport-local').Strategy,
plugin = {};
plugin.login = function() {
winston.info('[login] Registering new local login strategy');
passport.use(new passportLocal({passReqToCallback: true}, plugin.continueLogin));
};
plugin.continueLogin = function(req, username, password, next) {
// Do your stuff here (query API or SQL db, etc...)
// If the login was successful:
next(null, {
uid: uid
}, '[[success:authentication-successful]]');
// But if the login was unsuccessful, pass an error back, like so:
next(new Error('[[error:invalid-username-or-password]]'));
/*
You'll probably want to add login in this method to determine whether a login
refers to an existing user (in which case log in as above), or a new user, in
which case you'd want to create the user by calling User.create. For your
convenience, this is how you'd create a user:
var user = module.parent.require('./user');
user.create({
username: 'someuser',
email: 'someuser@example.com'
});
Acceptable values are: username, email, password
*/
};
module.exports = plugin;
{
"id": "nodebb-plugin-login-mysite",
"library": "./library.js",
"hooks": [
{ "hook": "action:auth.overrideLogin", "method": "login" }
]
}
@whittssg
Copy link

Hello,

How would you go about checking if the user already exists?

Thanks,

@julianlam
Copy link
Author

The easiest way would be to check if the email as passed back via your service is associated with an existing user account:

var user = module.parent.require('../user');
user.getUidByEmail(email, function(err, uid) {
  // now you can use the uid. Likely uid is null if the email is not associated with any account
});

@whittssg
Copy link

Ah thanks.. Got it working. Authenticate against LDAP.. If error; return error, if success; check if user already exists, if so log in, if not create user.. I tried to add extra user settings at the same time based on stuff returned from LDAP but I couldnt get that to work: user.setUserField(uid, 'fullname', user.givenName + " " + user.sn);

Any idea why that wouldnt work? If not I will create a question on the nodebb forums.. Thanks again for all your help and this sample code.

@morwalz
Copy link

morwalz commented May 17, 2018

How can i just al toghter remove login screen and redirect user to sso screen.
I do not want to see this screen.
https://forums.examsbook.com/login
rather it get redirected to https://forums.examsbook.com/auth/examsbook

@wuliupo
Copy link

wuliupo commented Apr 26, 2020

How can i just al toghter remove login screen and redirect user to sso screen.
I do not want to see this screen.
https://forums.examsbook.com/login
rather it get redirected to https://forums.examsbook.com/auth/examsbook

Hi @morwalz, you can do like this (plugin.json):

{
    "library": "./library.js",
    "hooks": [
        {
            "hook": "static:app.load",
            "method": "load"
        },
    ]
}

the library.js

exports.load = function (params, callback) {
    params.router && params.router.use(function autoLogin(req, res, next) {
        if (req.uid) { // already login, passed
            return next();
        }
        if (req.url.startsWith('/login')) {          // the old login path
            res.redirect('/auth/examsbook');   // the new login path
        }
    });
    callback && callback();
};

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment