1
0
mirror of https://github.com/Foltik/Shimapan synced 2025-01-23 23:14:48 -05:00
shimapan/app/routes/auth.js

107 lines
3.4 KiB
JavaScript
Raw Normal View History

2017-10-11 10:15:19 -04:00
var fs = require('fs');
var path = require('path');
var express = require('express');
var router = express.Router();
2017-10-12 17:25:34 -04:00
var async = require('async');
2017-10-11 10:15:19 -04:00
2017-10-11 12:55:46 -04:00
var User = require('../models/User.js');
var Invite = require('../models/Invite.js');
2017-10-11 10:15:19 -04:00
var passport = require('passport');
var striptags = require('striptags');
2017-10-12 12:50:02 -04:00
function checkUsername(username, callback) {
if (username.length > 30) return callback(null, false);
if (striptags(username) !== username) return callback(null, false);
2017-10-14 17:49:11 -04:00
User.find({username: username}).limit(1).count(function (err, count) {
2017-10-11 12:55:46 -04:00
if (err) return callback(err);
(count === 0) ? callback(null, true) : callback(null, false);
2017-10-11 12:55:46 -04:00
});
}
2017-10-12 12:50:02 -04:00
function checkInvite(code, callback) {
2017-10-14 17:49:11 -04:00
Invite.findOne({code: code}, function (err, invite) {
2017-10-11 12:55:46 -04:00
if (err) return callback(err);
2017-10-12 12:50:02 -04:00
if (!invite || invite.used || invite.exp < new Date())
callback(null, false);
else
2017-10-11 12:55:46 -04:00
callback(null, true, invite);
2017-10-12 12:50:02 -04:00
});
}
function useInvite(code, username) {
2017-10-14 17:49:11 -04:00
Invite.updateOne({code: code}, {recipient: username, used: new Date()}, function (err, res) {
2017-10-12 12:50:02 -04:00
if (err) throw err;
});
2017-10-11 12:55:46 -04:00
}
2017-10-14 17:49:11 -04:00
router.post('/register', function (req, res) {
2017-10-12 12:50:02 -04:00
// Validate the parameters
async.parallel({
2017-10-14 17:49:11 -04:00
userCheck: function (callback) {
checkUsername(req.body.username, function (err, valid) {
2017-10-12 12:50:02 -04:00
callback(err, valid);
});
},
2017-10-14 17:49:11 -04:00
inviteCheck: function (callback) {
checkInvite(req.body.invite, function (err, valid, invite) {
2017-10-12 12:50:02 -04:00
callback(err, {valid: valid, invite: invite});
});
2017-10-11 12:55:46 -04:00
}
2017-10-14 17:49:11 -04:00
}, function (err, result) {
if (!result.userCheck) {
res.status(401).json({'message': 'Invalid username.'});
} else if (!result.inviteCheck.valid) {
2017-10-12 12:50:02 -04:00
res.status(401).json({'message': 'Invalid invite code.'});
} else {
2017-10-12 17:25:34 -04:00
useInvite(req.body.invite, req.body.username);
2017-10-11 12:55:46 -04:00
var user = new User();
user.username = req.body.username;
user.scope = result.inviteCheck.invite.scope;
2017-10-12 12:50:02 -04:00
user.date = new Date();
2017-10-11 12:55:46 -04:00
user.setPassword(req.body.password);
2017-10-11 10:15:19 -04:00
2017-10-14 17:49:11 -04:00
user.save(function (err) {
if (err) {
2017-10-12 12:50:02 -04:00
res.status(500).json({'message': 'Internal server error.'});
2017-10-14 17:49:11 -04:00
} else {
res.status(200)
.cookie('shimapan-token', user.genJwt(), {
expires: new Date(Date.now() + 604800000),
httpOnly: true
})
.json({'token': user.genJwt()});
}
});
2017-10-12 12:50:02 -04:00
}
2017-10-11 12:55:46 -04:00
});
2017-10-11 10:15:19 -04:00
});
2017-10-14 17:49:11 -04:00
router.post('/login', function (req, res) {
passport.authenticate('local', function (err, user, info) {
if (err) {
2017-10-12 12:50:02 -04:00
res.status(500).json(err);
2017-10-14 17:49:11 -04:00
} else if (user) {
res.status(200)
.cookie('shimapan-token', user.genJwt(), {
expires: new Date(Date.now() + 604800000),
httpOnly: true
})
.json({'token': user.genJwt()});
} else {
2017-10-11 10:15:19 -04:00
res.status(401).json(info);
2017-10-14 17:49:11 -04:00
}
2017-10-12 12:50:02 -04:00
2017-10-11 10:15:19 -04:00
})(req, res);
});
2017-10-14 17:49:11 -04:00
router.get('/logout', function(req, res) {
res.clearCookie('shimapan-token');
res.status(200).json({'message': 'Successfully logged out.'});
});
2017-10-11 10:15:19 -04:00
module.exports = router;