mirror of
https://github.com/node-red/node-red.git
synced 2023-10-10 13:36:53 +02:00
Allow oauth schemes provide a custom verify function
This commit is contained in:
parent
7bd0943412
commit
fb05960d79
@ -118,6 +118,21 @@ function revoke(req,res) {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function completeVerify(profile,done) {
|
||||||
|
Users.authenticate(profile).then(function(user) {
|
||||||
|
if (user) {
|
||||||
|
Tokens.create(user.username,"node-red-editor",user.permissions).then(function(tokens) {
|
||||||
|
log.audit({event: "auth.login",username:user.username,scope:user.permissions});
|
||||||
|
user.tokens = tokens;
|
||||||
|
done(null,user);
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
log.audit({event: "auth.login.fail.oauth",username:profile.id});
|
||||||
|
done(null,false);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
init: init,
|
init: init,
|
||||||
needsPermission: needsPermission,
|
needsPermission: needsPermission,
|
||||||
@ -134,8 +149,11 @@ module.exports = {
|
|||||||
revoke: revoke,
|
revoke: revoke,
|
||||||
oauthStrategy: function(adminApp,strategy) {
|
oauthStrategy: function(adminApp,strategy) {
|
||||||
var session = require('express-session');
|
var session = require('express-session');
|
||||||
|
var crypto = require("crypto");
|
||||||
adminApp.use(session({
|
adminApp.use(session({
|
||||||
secret: 'keyboard cat', // TODO: pull this out
|
// As the session is only used across the life-span of an oauth
|
||||||
|
// hand-shake, we can use a instance specific random string
|
||||||
|
secret: crypto.randomBytes(20).toString('hex'),
|
||||||
resave: false,
|
resave: false,
|
||||||
saveUninitialized:false
|
saveUninitialized:false
|
||||||
}));
|
}));
|
||||||
@ -144,20 +162,25 @@ module.exports = {
|
|||||||
adminApp.use(passport.session());
|
adminApp.use(passport.session());
|
||||||
|
|
||||||
var options = strategy.options;
|
var options = strategy.options;
|
||||||
|
|
||||||
passport.use(new strategy.strategy(options,
|
passport.use(new strategy.strategy(options,
|
||||||
function(token, tokenSecret, profile, done) {
|
function() {
|
||||||
Users.authenticate(profile).then(function(user) {
|
var originalDone = arguments[arguments.length-1];
|
||||||
if (user) {
|
if (options.verify) {
|
||||||
Tokens.create(user.username,"node-red-editor",user.permissions).then(function(tokens) {
|
var args = Array.prototype.slice.call(arguments);
|
||||||
log.audit({event: "auth.login",username:user.username,scope:user.permissions});
|
args[args.length-1] = function(err,profile) {
|
||||||
user.tokens = tokens;
|
if (err) {
|
||||||
done(null,user);
|
return originalDone(err);
|
||||||
});
|
} else {
|
||||||
} else {
|
return completeVerify(profile,originalDone);
|
||||||
log.audit({event: "auth.login.fail.oauth",username:profile.id});
|
}
|
||||||
done(null,false);
|
};
|
||||||
}
|
options.verify.apply(null,args);
|
||||||
});
|
} else {
|
||||||
|
var profile = arguments[arguments.length - 2];
|
||||||
|
return completeVerify(profile,originalDone);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
));
|
));
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user