You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

79 lines
2.3 KiB

  1. var express = require('express');
  2. var router = express.Router();
  3. var passport = require('passport');
  4. var ExpressBrute = require('express-brute');
  5. var ExpressBruteMongooseStore = require('express-brute-mongoose');
  6. var moment = require('moment');
  7. /**
  8. * Setup Express-Brute
  9. */
  10. var EBstore = new ExpressBruteMongooseStore(db.Bruteforce);
  11. var bruteforce = new ExpressBrute(EBstore, {
  12. freeRetries: 5,
  13. minWait: 60 * 1000,
  14. maxWait: 5 * 60 * 1000,
  15. refreshTimeoutOnRequest: false,
  16. failCallback(req, res, next, nextValidRequestDate) {
  17. req.flash('alert', {
  18. class: 'error',
  19. title: 'Too many attempts!',
  20. message: "You've made too many failed attempts in a short period of time, please try again " + moment(nextValidRequestDate).fromNow() + '.',
  21. iconClass: 'fa-times'
  22. });
  23. res.redirect('/login');
  24. }
  25. });
  26. /**
  27. * Login form
  28. */
  29. router.get('/login', function(req, res, next) {
  30. res.render('auth/login', {
  31. usr: res.locals.usr
  32. });
  33. });
  34. router.post('/login', bruteforce.prevent, function(req, res, next) {
  35. passport.authenticate('local', function(err, user, info) {
  36. if (err) { return next(err); }
  37. if (!user) {
  38. req.flash('alert', {
  39. title: 'Invalid login',
  40. message: "The email or password is invalid."
  41. });
  42. return res.redirect('/login');
  43. }
  44. req.logIn(user, function(err) {
  45. if (err) { return next(err); }
  46. req.brute.reset(function () {
  47. return res.redirect('/');
  48. });
  49. });
  50. })(req, res, next);
  51. });
  52. /**
  53. * Social Login
  54. */
  55. router.get('/login/ms', passport.authenticate('windowslive', { scope: ['wl.signin', 'wl.basic', 'wl.emails'] }));
  56. router.get('/login/google', passport.authenticate('google', { scope: ['profile', 'email'] }));
  57. router.get('/login/facebook', passport.authenticate('facebook', { scope: ['public_profile', 'email'] }));
  58. router.get('/login/ms/callback', passport.authenticate('windowslive', { failureRedirect: '/login', successRedirect: '/' }));
  59. router.get('/login/google/callback', passport.authenticate('google', { failureRedirect: '/login', successRedirect: '/' }));
  60. router.get('/login/facebook/callback', passport.authenticate('facebook', { failureRedirect: '/login', successRedirect: '/' }));
  61. /**
  62. * Logout
  63. */
  64. router.get('/logout', function(req, res) {
  65. req.logout();
  66. res.redirect('/');
  67. });
  68. module.exports = router;