forked from aniruddhsujish/SocialNetworkProject
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuserAuth.js
105 lines (96 loc) · 3.67 KB
/
userAuth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
const User = require('./models/User.js');
const LocalStrategy = require('passport-local').Strategy;
const hash = require('./utils/hash.js');
//encapsulate initialization of the passport functionality
module.exports.init = function(passport){
// Passport needs to be able to serialize and deserialize users to support persistent login sessions
passport.serializeUser(function(user, callback) {
console.log('serializing user: ' + user.email);
callback(null, user._id);
});
passport.deserializeUser(function(id, callback) {
User.findById(id, function(err, user) {
console.log('deserializing user: ' + user.email);
callback(err, user);
});
});
//set up the login handler
passport.use('login', new LocalStrategy(handleLoginAttempt));
//set up the signup handler
passport.use('join', new LocalStrategy(handleSignupAttempt));
}
//encapsulate validating whether this session has an authenticated user
module.exports.isAuthenticated = function (req, res, next) {
console.log('check if we have an authenticated user');
// if user is authenticated in the session
if (req.isAuthenticated()){
console.log('we do');
//allow them to proceed
next();
} else {
console.log('we do not');
// if the user is not authenticated then redirect him to the login page
res.redirect('/signin');
}
}
//passport will call this function when someone attempts to log in
function handleLoginAttempt(email, password, cb){
//don't log user's passwords in plain text to the console in production
console.log('userAuth: handleLoginAttempt: email: ' + email + ' password: ' + password);
Promise.resolve()
.then(function(){
//see if there's a user with this email
return User.findOne({'email' : email});
})
.then(function(user){
var param = false;
//if the user exists and the hash of the password provided matches
if (user && hash.isValid(user, password))
//return the user object
param = user;
//execute the callback with appropriate parameters
cb(null, param);
})
.catch(function(err){
//even if something went wrong, we still need to call the callback
console.log('userAuth: handleLoginAttempt: exception: ' + err);
cb(err);
});
}
//passport will call this function when someone attempts to join
function handleSignupAttempt(email, password, cb){
//don't log user's passwords in plain text to the console in production
console.log('userAuth: handleSignupAttempt: email: ' + email + ' password: ' + password);
Promise.resolve()
.then(function(){
//see if there's a user with this email
return User.findOne({'email' : email});
})
.then(function(user){
//if the user does not exist
if (!user){
//we can safely create one
//storing a hash of the password
Promise.resolve()
.then(function(){
user = new User();
user.username = email.split("@")[0];
user.email = email;
user.profilePicture= "./dp/No_dp.png";
user.password = hash.createHash(password);
return user.save();
})
.then(function(user){
//execute the callback with appropriate parameters
cb(null, user);
})
} else {
cb(null, false);
}
})
.catch(function(err){
//even if something went wrong, we still need to call the callback
console.log('userAuth: handleSignupAttempt: exception: ' + err);
cb(err);
});
}