|
|
'use strict'
const express = require('express') const router = express.Router() const passport = require('passport') const ExpressBrute = require('express-brute') const ExpressBruteMongooseStore = require('express-brute-mongoose') const moment = require('moment')
/** * Setup Express-Brute */ const EBstore = new ExpressBruteMongooseStore(db.Bruteforce) const bruteforce = new ExpressBrute(EBstore, { freeRetries: 5, minWait: 60 * 1000, maxWait: 5 * 60 * 1000, refreshTimeoutOnRequest: false, failCallback (req, res, next, nextValidRequestDate) { req.flash('alert', { class: 'error', title: 'Too many attempts!', message: "You've made too many failed attempts in a short period of time, please try again " + moment(nextValidRequestDate).fromNow() + '.', iconClass: 'fa-times' }) res.redirect('/login') } })
/** * Login form */ router.get('/login', function (req, res, next) { res.render('auth/login', { usr: res.locals.usr }) })
router.post('/login', bruteforce.prevent, function (req, res, next) { passport.authenticate('local', function (err, user, info) { if (err) { return next(err) }
if (!user) { req.flash('alert', { title: 'Invalid login', message: 'The email or password is invalid.' }) return res.redirect('/login') }
req.logIn(user, function (err) { if (err) { return next(err) } req.brute.reset(function () { return res.redirect('/') }) }) })(req, res, next) })
/** * Social Login */
router.get('/login/ms', passport.authenticate('windowslive', { scope: ['wl.signin', 'wl.basic', 'wl.emails'] })) router.get('/login/google', passport.authenticate('google', { scope: ['profile', 'email'] })) router.get('/login/facebook', passport.authenticate('facebook', { scope: ['public_profile', 'email'] }))
router.get('/login/ms/callback', passport.authenticate('windowslive', { failureRedirect: '/login', successRedirect: '/' })) router.get('/login/google/callback', passport.authenticate('google', { failureRedirect: '/login', successRedirect: '/' })) router.get('/login/facebook/callback', passport.authenticate('facebook', { failureRedirect: '/login', successRedirect: '/' }))
/** * Logout */ router.get('/logout', function (req, res) { req.logout() res.redirect('/') })
module.exports = router
|