feat: use mock authentication for local dev

api-server/package-lock.json

@@ -1064,6 +1064,15 @@
       "resolved": "https://registry.npmjs.org/@types/node/-/node-7.0.70.tgz",
       "integrity": "sha512-bAcW/1aM8/s5iFKhRpu/YJiQf/b1ZwnMRqqsWRCmAqEDQF2zY8Ez3Iu9AcZKFKc3vCJc8KJVpJ6Pn54sJ1BvXQ=="
     },
+    "@types/passport": {
+      "version": "0.4.6",
+      "resolved": "https://registry.npmjs.org/@types/passport/-/passport-0.4.6.tgz",
+      "integrity": "sha512-P7TxrdpAze3nvHghYPeLlHkYcFDiIkRBbp7xYz2ehX9zmi1yr/qWQMTpXsMxN5w3ESJpMzn917inK4giASaDcQ==",
+      "dev": true,
+      "requires": {
+        "@types/express": "*"
+      }
+    },
     "@types/range-parser": {
       "version": "1.2.2",
       "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.2.tgz",
@@ -10377,6 +10386,26 @@
         "passport-strategy": "1.x.x"
       }
     },
+    "passport-mock-strategy": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/passport-mock-strategy/-/passport-mock-strategy-1.1.1.tgz",
+      "integrity": "sha512-QSJoC2JB2piLVB3CIj0EaV3V8kfThN+dS7d34KNzcJaL03pYyFvfEl9Im8O8wTb+OZcmqWz6FAqUpobd1+IVNg==",
+      "dev": true,
+      "requires": {
+        "@types/express": "^4.11.1",
+        "@types/passport": "^0.4.5",
+        "es6-promise": "^4.2.4",
+        "passport": "^0.4.0"
+      },
+      "dependencies": {
+        "es6-promise": {
+          "version": "4.2.5",
+          "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.5.tgz",
+          "integrity": "sha512-n6wvpdE43VFtJq+lUDYDBFUwV8TZbuGXLV4D6wKafg13ldznKsyEvatubnmUe31zcvelSzOHF+XbaT+Bl9ObDg==",
+          "dev": true
+        }
+      }
+    },
     "passport-oauth": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/passport-oauth/-/passport-oauth-1.0.0.tgz",

api-server/package.json

@@ -98,6 +98,7 @@
     "joi-objectid": "^2.0.0",
     "loopback-component-explorer": "^6.3.1",
     "nodemon": "^1.18.4",
+    "passport-mock-strategy": "^1.1.1",
     "pm2": "^3.0.3",
     "prettier": "^1.14.2",
     "sinon": "^7.1.1",

api-server/server/boot/authentication.js

@@ -7,7 +7,11 @@ import { check } from 'express-validator/check';
 
 import { homeLocation } from '../../../config/env';
 import { createCookieConfig } from '../utils/cookieConfig';
-import { createPassportCallbackAuthenticator } from '../component-passport';
+import { 
+  createPassportCallbackAuthenticator,
+  saveResponseAuthCookies,
+  loginRedirect
+} from '../component-passport';
 import {
   ifUserRedirectTo,
   ifNoUserRedirectTo,
@@ -25,15 +29,34 @@ module.exports = function enableAuthentication(app) {
   // loopback.io/doc/en/lb2/Authentication-authorization-and-permissions.html
   app.enableAuth();
   const ifUserRedirect = ifUserRedirectTo();
+  const saveAuthCookies = saveResponseAuthCookies();
+  const loginSuccessRedirect = loginRedirect();
   const ifNoUserRedirectHome = ifNoUserRedirectTo(homeLocation);
   const api = app.loopback.Router();
   const { AuthToken, User } = app.models;
 
-  api.get('/signin', ifUserRedirect, passport.authenticate('auth0-login', {}));
+  // Use a local mock strategy for signing in if we are in dev mode.
-  api.get(
+  // Otherwise we use auth0 login. We use a string for 'true' because values
-    '/auth/auth0/callback',
+  // set in the env file will always be strings and never boolean.
-    createPassportCallbackAuthenticator('auth0-login', { provider: 'auth0' })
+  if (process.env.LOCAL_MOCK_AUTH === 'true') {
-  );
+    api.get(
+      '/signin',
+      passport.authenticate('devlogin'),
+      saveAuthCookies,
+      loginSuccessRedirect
+    );
+  } else {
+    api.get(
+      '/signin',
+      ifUserRedirect,
+      passport.authenticate('auth0-login', {})
+    );
+
+    api.get(
+      '/auth/auth0/callback',
+      createPassportCallbackAuthenticator('auth0-login', { provider: 'auth0' })
+    );
+  }
 
   api.get('/signout', (req, res) => {
     req.logout();

api-server/server/component-passport.js

@@ -131,6 +131,50 @@ export function setupPassport(app) {
   });
 }
 
+export const saveResponseAuthCookies = () => {
+
+  return (req, res, next) => {
+
+    const user = req.user;
+
+    if (!user) {
+      return res.redirect('/signin');
+    }
+
+    const { accessToken } = user;
+
+    const cookieConfig = {
+      ...createCookieConfig(req),
+      maxAge: 77760000000
+    };
+    const jwtAccess = jwt.sign({ accessToken }, jwtSecret);
+    res.cookie('jwt_access_token', jwtAccess, cookieConfig);
+    res.cookie('access_token', accessToken.id, cookieConfig);
+    res.cookie('userId', accessToken.userId, cookieConfig);
+
+    return next();
+  };
+};
+
+export const loginRedirect = () => {
+
+  return (req, res) => {
+    const successRedirect = req => {
+      if (!!req && req.session && req.session.returnTo) {
+        delete req.session.returnTo;
+        return `${homeLocation}/welcome`;
+      }
+      return `${homeLocation}/welcome`;
+    };
+
+    let redirect = url.parse(successRedirect(req), true);
+    delete redirect.search;
+
+    redirect = url.format(redirect);
+    return res.redirect(redirect);
+  };
+};
+
 export const createPassportCallbackAuthenticator = (strategy, config) => (
   req,
   res,

api-server/server/passport-providers.js

@@ -7,6 +7,11 @@ const successRedirect = `${homeLocation}/welcome`;
 const failureRedirect = '/signin';
 
 export default {
+  devlogin: {
+    authScheme: 'mock',
+    provider: 'dev',
+    module: 'passport-mock-strategy'
+  },
   local: {
     provider: 'local',
     module: 'passport-local',

package.json

@@ -12,6 +12,7 @@
     "seed": "npm-run-all -p seed:*",
     "seed:challenges": "cross-env DEBUG=fcc:* node ./tools/scripts/seed/seedChallenges",
     "seed:news": "cross-env DEBUG=fcc:* node ./tools/scripts/seed/seedNewsArticles",
+    "seed:auth-user": "cross-env DEBUG=fcc:* node ./tools/scripts/seed/seedAuthUser",
     "start-develop": "node ./tools/scripts/start-develop.js",
     "pretest": "npm-run-all -s test:lint",
     "test": "npm-run-all -p test:*",

sample.env

@@ -20,6 +20,7 @@ PAYPAL_SUPPORTERS=1703
 LOCAL_AUTH=true
 PEER=stuff
 DEBUG=true
+LOCAL_MOCK_AUTH=true
 
 IMAGE_BASE_URL='https://s3.amazonaws.com/freecodecamp/images/'
 

tools/scripts/seed/seedAuthUser.js

@@ -0,0 +1,101 @@
+const path = require('path');
+require('dotenv').config({ path: path.resolve(__dirname, '../../../.env') });
+const MongoClient = require('mongodb').MongoClient;
+const ObjectId = require('mongodb').ObjectID;
+const debug = require('debug');
+
+const log = debug('fcc:tools:seedLocalAuthUser');
+const { MONGOHQ_URL, LOCALE: lang } = process.env;
+
+function handleError(err, client) {
+  if (err) {
+    console.error('Oh noes!! Error seeding local auth user.');
+    console.error(err);
+    try {
+      client.close();
+    } catch (e) {
+      // no-op
+    } finally {
+      /* eslint-disable-next-line no-process-exit */
+      process.exit(1);
+    }
+  }
+}
+
+MongoClient.connect(
+  MONGOHQ_URL,
+  { useNewUrlParser: true },
+  function(err, client) {
+    handleError(err, client);
+
+    log('Connected successfully to mongo');
+
+    const db = client.db('freecodecamp');
+    const user = db.collection('user');
+
+    user.deleteOne({_id: ObjectId('5bd30e0f1caf6ac3ddddddb5') }, (err) => {
+      handleError(err, client);
+
+      try {
+        user.insertOne(
+          {
+            _id: ObjectId('5bd30e0f1caf6ac3ddddddb5'),
+            email: 'foo@bar.com',
+            emailVerified: true,
+            progressTimestamps: [],
+            isBanned: false,
+            isCheater: false,
+            username: 'DevelopmentUser',
+            about: '',
+            name: 'Development User',
+            location: '',
+            picture: 'https://identicon.org/?t=dev&s=256',
+            acceptedPrivacyTerms: true,
+            sendQuincyEmail: false,
+            currentChallengeId: '',
+            isHonest: false,
+            isFrontEndCert: false,
+            isDataVisCert: false,
+            isBackEndCert: false,
+            isFullStackCert: false,
+            isRespWebDesignCert: false,
+            is2018DataVisCert: false,
+            isFrontEndLibsCert: false,
+            isJsAlgoDataStructCert: false,
+            isApisMicroservicesCert: false,
+            isInfosecQaCert: false,
+            is2018FullStackCert: false,
+            completedChallenges: [],
+            portfolio: [],
+            yearsTopContributor: [],
+            rand: 0.6126749173148205,
+            theme: 'default',
+            profileUI: {
+              isLocked: true,
+              showAbout: false,
+              showCerts: false,
+              showDonation: false,
+              showHeatMap: false,
+              showLocation: false,
+              showName: false,
+              showPoints: false,
+              showPortfolio: false,
+              showTimeLine: false
+            },
+            badges: {
+              coreTeam: []
+            },
+            isDonating: false,
+            emailAuthLinkTTL: null,
+            emailVerifyTTL: null
+          }
+        );
+      } catch (e) {
+        handleError(e, client);
+      } finally {
+        log('local auth user seed complete');
+        client.close();
+      }
+    });
+  }
+);