freeCodeCamp/api-server/server/component-passport.js

import passport from 'passport';
// eslint-disable-next-line
import {
  // prettier ignore
  PassportConfigurator
} from '@freecodecamp/loopback-component-passport';
import url from 'url';
import dedent from 'dedent';

import { getUserById } from './utils/user-stats';
import { homeLocation } from '../../config/env';
import passportProviders from './passport-providers';
import { setAccessTokenToResponse } from './utils/getSetAccessToken';

const passportOptions = {
  emailOptional: true,
  profileToUser: null
};

PassportConfigurator.prototype.init = function passportInit(noSession) {
  this.app.middleware('session:after', passport.initialize());

  if (noSession) {
    return;
  }

  this.app.middleware('session:after', passport.session());

  // Serialization and deserialization is only required if passport session is
  // enabled

  passport.serializeUser((user, done) => done(null, user.id));

  passport.deserializeUser(async (id, done) => {
    const user = await getUserById(id).catch(done);
    return done(null, user);
  });
};

export function setupPassport(app) {
  const configurator = new PassportConfigurator(app);

  configurator.setupModels({
    userModel: app.models.user,
    userIdentityModel: app.models.userIdentity,
    userCredentialModel: app.models.userCredential
  });

  configurator.init();

  Object.keys(passportProviders).map(function(strategy) {
    let config = passportProviders[strategy];
    config.session = config.session !== false;

    config.customCallback = !config.useCustomCallback
      ? null
      : createPassportCallbackAuthenticator(strategy, config);

    configurator.configureProvider(strategy, {
      ...config,
      ...passportOptions
    });
  });
}

export const saveResponseAuthCookies = () => {
  return (req, res, next) => {
    const user = req.user;

    if (!user) {
      return res.redirect('/signin');
    }

    const { accessToken } = user;

    setAccessTokenToResponse({ accessToken }, req, res);
    return next();
  };
};

export const loginRedirect = () => {
  return (req, res) => {
    const successRedirect = req => {
      if (!!req && req.session && req.session.returnTo) {
        delete req.session.returnTo;
        return `${homeLocation}/learn`;
      }
      return `${homeLocation}/learn`;
    };

    let redirect = url.parse(successRedirect(req), true);
    delete redirect.search;

    redirect = url.format(redirect);
    return res.redirect(redirect);
  };
};

export const createPassportCallbackAuthenticator = (strategy, config) => (
  req,
  res,
  next
) => {
  const returnTo =
    req && req.query && req.query.state
      ? Buffer.from(req.query.state, 'base64').toString('utf-8')
      : `${homeLocation}/learn`;
  return passport.authenticate(
    strategy,
    { session: false },
    (err, user, userInfo) => {
      if (err) {
        return next(err);
      }

      if (!user || !userInfo) {
        return res.redirect('/signin');
      }
      const redirect = `${returnTo}`;

      const { accessToken } = userInfo;
      const { provider } = config;
      if (accessToken && accessToken.id) {
        if (provider === 'auth0') {
          req.flash(
            'success',
            dedent`
              Success! You have signed in to your account. Happy Coding!
            `
          );
        } else if (user.email) {
          req.flash(
            'info',
            dedent`
We are moving away from social authentication for privacy reasons. Next time
we recommend using your email address: ${user.email} to sign in instead.
            `
          );
        }
        setAccessTokenToResponse({ accessToken }, req, res);
        req.login(user);
      }
      return res.redirectWithFlash(redirect);
    }
  )(req, res, next);
};
Reduce initial user query load Refactor passport to own file 2016-02-11 22:33:54 -08:00			`import passport from 'passport';`
feat: Use prettier-eslint to format code 2019-02-18 19:32:49 +00:00			`// eslint-disable-next-line`
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00			`import {`
feat: Use prettier-eslint to format code 2019-02-18 19:32:49 +00:00			`// prettier ignore`
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00			`PassportConfigurator`
			`} from '@freecodecamp/loopback-component-passport';`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`import url from 'url';`
fix(auth): Login everyone with an social account (#17333) * fix(auth): Login everyone with an social account * fix: update the flash message for social 2018-06-01 02:29:27 +05:30			`import dedent from 'dedent';`
Reduce initial user query load Refactor passport to own file 2016-02-11 22:33:54 -08:00
fix: Centralise user deserialization 2019-03-04 21:10:12 +00:00			`import { getUserById } from './utils/user-stats';`
feat(docker): Prep master for docker deploys 2019-02-04 11:42:31 +00:00			`import { homeLocation } from '../../config/env';`
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00			`import passportProviders from './passport-providers';`
feat: Use new (tested) accessToken utils to set and remove cookies 2019-02-20 23:07:12 +00:00			`import { setAccessTokenToResponse } from './utils/getSetAccessToken';`
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00
Reduce initial user query load Refactor passport to own file 2016-02-11 22:33:54 -08:00			`const passportOptions = {`
			`emailOptional: true,`
fix(signup): signup auth (#15628) * fix(models.user): Colocate all user methods Moved user methods/extensions into one file. Tracked down `next method called more than once` error and setting headers after their sent. Let regular error handler handle api errors as well. * feat(server.auth): Disable github account creation We are no longer allowing account creation through github * refactor(Auth): Move user identity link into models dir * feat(Disable link account login): This removes the ability to use a linked account t * feat(errorhandlers): Add opbeat, filter out handled error 2017-07-13 11:39:07 -07:00			`profileToUser: null`
Reduce initial user query load Refactor passport to own file 2016-02-11 22:33:54 -08:00			`};`

			`PassportConfigurator.prototype.init = function passportInit(noSession) {`
			`this.app.middleware('session:after', passport.initialize());`

			`if (noSession) {`
			`return;`
			`}`

			`this.app.middleware('session:after', passport.session());`

			`// Serialization and deserialization is only required if passport session is`
			`// enabled`

fix: Centralise user deserialization 2019-03-04 21:10:12 +00:00			`passport.serializeUser((user, done) => done(null, user.id));`
Reduce initial user query load Refactor passport to own file 2016-02-11 22:33:54 -08:00
fix: Centralise user deserialization 2019-03-04 21:10:12 +00:00			`passport.deserializeUser(async (id, done) => {`
			`const user = await getUserById(id).catch(done);`
			`return done(null, user);`
Reduce initial user query load Refactor passport to own file 2016-02-11 22:33:54 -08:00			`});`
			`};`

feat(gatsby): Initial gatsby scaffolding 2018-08-23 16:29:26 +01:00			`export function setupPassport(app) {`
Reduce initial user query load Refactor passport to own file 2016-02-11 22:33:54 -08:00			`const configurator = new PassportConfigurator(app);`

			`configurator.setupModels({`
			`userModel: app.models.user,`
			`userIdentityModel: app.models.userIdentity,`
			`userCredentialModel: app.models.userCredential`
			`});`

			`configurator.init();`

			`Object.keys(passportProviders).map(function(strategy) {`
feat: update user identity login 2018-05-19 21:21:49 +05:30			`let config = passportProviders[strategy];`
Reduce initial user query load Refactor passport to own file 2016-02-11 22:33:54 -08:00			`config.session = config.session !== false;`
fix(component-passport): Add falback redirects for external paths 2018-05-20 00:50:55 +05:30
fix: add user object to Observables 2018-05-20 13:40:15 +05:30			`config.customCallback = !config.useCustomCallback`
fix(component-passport): Add falback redirects for external paths 2018-05-20 00:50:55 +05:30			`? null`
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00			`: createPassportCallbackAuthenticator(strategy, config);`

			`configurator.configureProvider(strategy, {`
			`...config,`
			`...passportOptions`
			`});`
Reduce initial user query load Refactor passport to own file 2016-02-11 22:33:54 -08:00			`});`
			`}`
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00
feat: use mock authentication for local dev 2018-10-30 18:17:07 -03:00			`export const saveResponseAuthCookies = () => {`
			`return (req, res, next) => {`
			`const user = req.user;`

			`if (!user) {`
			`return res.redirect('/signin');`
			`}`

			`const { accessToken } = user;`

feat: Use new (tested) accessToken utils to set and remove cookies 2019-02-20 23:07:12 +00:00			`setAccessTokenToResponse({ accessToken }, req, res);`
feat: use mock authentication for local dev 2018-10-30 18:17:07 -03:00			`return next();`
			`};`
			`};`

			`export const loginRedirect = () => {`
			`return (req, res) => {`
			`const successRedirect = req => {`
			`if (!!req && req.session && req.session.returnTo) {`
			`delete req.session.returnTo;`
feat: remove portfolio and add conditional intro 2019-10-22 13:38:19 +03:00			return `${homeLocation}/learn`;
feat: use mock authentication for local dev 2018-10-30 18:17:07 -03:00			`}`
feat: remove portfolio and add conditional intro 2019-10-22 13:38:19 +03:00			return `${homeLocation}/learn`;
feat: use mock authentication for local dev 2018-10-30 18:17:07 -03:00			`};`

			`let redirect = url.parse(successRedirect(req), true);`
			`delete redirect.search;`

			`redirect = url.format(redirect);`
			`return res.redirect(redirect);`
			`};`
			`};`

fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00			`export const createPassportCallbackAuthenticator = (strategy, config) => (`
			`req,`
			`res,`
			`next`
			`) => {`
feat(api): add custom redirect back 2019-10-21 17:03:00 +05:30			`const returnTo =`
			`req && req.query && req.query.state`
			`? Buffer.from(req.query.state, 'base64').toString('utf-8')`
			: `${homeLocation}/learn`;
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00			`return passport.authenticate(`
			`strategy,`
			`{ session: false },`
			`(err, user, userInfo) => {`
			`if (err) {`
			`return next(err);`
			`}`

			`if (!user \|\| !userInfo) {`
			`return res.redirect('/signin');`
			`}`
feat(api): add custom redirect back 2019-10-21 17:03:00 +05:30			const redirect = `${returnTo}`;
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00
			`const { accessToken } = userInfo;`
			`const { provider } = config;`
			`if (accessToken && accessToken.id) {`
			`if (provider === 'auth0') {`
			`req.flash(`
			`'success',`
			dedent`
			`Success! You have signed in to your account. Happy Coding!`
			`
			`);`
			`} else if (user.email) {`
			`req.flash(`
			`'info',`
			dedent`
			`We are moving away from social authentication for privacy reasons. Next time`
			`we recommend using your email address: ${user.email} to sign in instead.`
			`
			`);`
			`}`
feat: Use new (tested) accessToken utils to set and remove cookies 2019-02-20 23:07:12 +00:00			`setAccessTokenToResponse({ accessToken }, req, res);`
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00			`req.login(user);`
			`}`
fix: Sesssions should not have an effect on the request routing 2019-03-04 21:12:51 +00:00			`return res.redirectWithFlash(redirect);`
fix(auth): Fix auth flow for the client app 2018-10-24 00:24:48 +01:00			`}`
			`)(req, res, next);`
			`};`