richard
/
wiki
mirror of https://github.com/Requarks/wiki.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
815 Commits
3 Branches
120 Tags
80 MiB
Tree: de10a55c4c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'de10a55c4c'
${ noResults }
wiki/server/middlewares/auth.js

72 lines
1.8 KiB
Raw Normal View History

feat: auth jwt, permissions, login ui (wip)
6 years ago
refactor: global namespace + admin pages UI
6 years ago
Merged core back into main project
7 years ago
Base Project Files
8 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
feat: auth advanced settings UI + reload auth on save
6 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
feat: jwt renew via graphql + users create/authorize UI
6 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
feat: auth advanced settings UI + reload auth on save
6 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
Base Project Files
8 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
Merged core back into main project
7 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
Merged core back into main project
7 years ago
Base Project Files
8 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
Base Project Files
8 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
Merged core back into main project
7 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
Added access rights feature + read access check
8 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
Base Project Files
8 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
Base Project Files
8 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
Standard JS code conversion + fixes
7 years ago
  1. const jwt = require('jsonwebtoken')
  2. const moment = require('moment')
  4. const securityHelper = require('../helpers/security')
  6. /* global WIKI */
  8. /**
  9. * Authentication middleware
  10. */
  11. module.exports = {
  12. jwt(req, res, next) {
  13. WIKI.auth.passport.authenticate('jwt', {session: false}, async (err, user, info) => {
  14. if (err) { return next() }
  16. // Expired but still valid within 7 days, just renew
  17. if (info instanceof jwt.TokenExpiredError && moment().subtract(14, 'days').isBefore(info.expiredAt)) {
  18. const jwtPayload = jwt.decode(securityHelper.extractJWT(req))
  19. try {
  20. const newToken = await WIKI.models.users.refreshToken(jwtPayload.id)
  21. user = newToken.user
  23. // Try headers, otherwise cookies for response
  24. if (req.get('content-type') === 'application/json') {
  25. res.set('new-jwt', newToken.token)
  26. } else {
  27. res.cookie('jwt', newToken.token, { expires: moment().add(365, 'days').toDate() })
  28. }
  29. } catch (err) {
  30. return next()
  31. }
  32. }
  34. // JWT is NOT valid
  35. if (!user) { return next() }
  37. // JWT is valid
  38. req.logIn(user, { session: false }, (err) => {
  39. if (err) { return next(err) }
  40. next()
  41. })
  42. })(req, res, next)
  43. },
  44. checkPath(req, res, next) {
  45. // Is user authenticated ?
  47. if (!req.isAuthenticated()) {
  48. if (WIKI.config.public !== true) {
  49. return res.redirect('/login')
  50. } else {
  51. // req.user = rights.guest
  52. res.locals.isGuest = true
  53. }
  54. } else {
  55. res.locals.isGuest = false
  56. }
  58. // Check permissions
  60. // res.locals.rights = rights.check(req)
  62. // if (!res.locals.rights.read) {
  63. // return res.render('error-forbidden')
  64. // }
  66. // Expose user data
  68. res.locals.user = req.user
  70. return next()
  71. }
  72. }