-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.js
156 lines (131 loc) · 5.23 KB
/
auth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
var everyauth = require('everyauth');
var getData = require('./getData');
var bcrypt = require('bcrypt');
//everyauth.debug = true;
everyauth.password
.getLoginPath('/login') // Uri path to the login page
.postLoginPath('/login') // Uri path that your login form POSTs to
.loginView('login.jade')
.loginFormFieldName('email')
.loginHumanName('email')
.loginKey('email')
.authenticate( function (login, password) {
var promise
, errors = [];
if (!login) errors.push('Missing login.');
if (!password) errors.push('Missing password.');
if (errors.length) return errors;
promise = this.Promise();
//findUser passes an error or user to a callback after finding the
//user by login
getData.findUserByEmail( login, function (err, user) {
if (err) {
errors.push(err.message || err);
return promise.fulfill(errors);
}
if (!user) {
errors.push('User with login ' + login + ' does not exist.');
return promise.fulfill(errors);
}
//console.log("## password and user.hash and user are " + password + " and " + user[0].hash + " and " + JSON.stringify(user));
bcrypt.compare(password, user[0].hash, function (err, didSucceed) {
if (err) {
return promise.fail(err);
console.log('err during bcrypt password comparison');
errors.push('Wrong password.');
return promise.fulfill(errors);
}
if (didSucceed) {
console.log("SUCCESS! password is valid.");
return promise.fulfill(user[0]);
}
console.log("error passwords are not same");
errors.push('Wrong password. Remember, cheaters never win.');
return promise.fulfill(errors);
});
});
return promise;
})
.loginSuccessRedirect('/order') // Where to redirect to after a login
// If login fails, we render the errors via the login view template,
// so just make sure your loginView() template incorporates an `errors` local.
// See './example/views/login.jade'
.getRegisterPath('/register') // Uri path to the registration page
.postRegisterPath('/register') // The Uri path that your registration form POSTs to
.registerView('register.jade')
.extractExtraRegistrationParams( function (req) {
return {
email: req.body.email
, name: {
first: req.body.firstName
, last: req.body.lastName
}
}
})
.validateRegistration( function (newUserAttrs) {
// Validate the registration input
// Return undefined, null, or [] if validation succeeds
// Return an array of error messages (or Promise promising this array)
// if validation fails
//
// e.g., assuming you define validate with the following signature
// var errors = validate(login, password, extraParams);
// return errors;
//
// The `errors` you return show up as an `errors` local in your jade template
var errors = [];
var promise = this.Promise();
// Make sure the user has their email address and first and last name and password (twice)
var email = newUserAttrs.email;
var firstName = newUserAttrs.name.first;
var lastName = newUserAttrs.name.last;
// var login = newUserAttrs.login;
var password = newUserAttrs.password;
if (!email || !firstName || !lastName || !password) {
// return an error
console.log("incomplete data during validate registration ");
console.log(email + firstName + lastName + password);
errors.push('please complete all fields and try again');
return promise.fulfill(errors);
}
// check if user already exists
getData.fetchUsersByLogin(newUserAttrs.email, function(err, users) {
if (!users) {
// no users exist with this login; continue
console.log("email is available. create user.");
//return promise.fulfill(errors);
return promise.fulfill(null);
} else {
console.log("Error: email " + newUserAttrs.email + " is already taken.");
errors.push("email " + newUserAttrs.email + " is already taken. Please try to be more original.");
return promise.fulfill(errors);
}
});
return promise;
})
.registerUser( function (newUserAttrs) {
var promise = this.Promise()
, password = newUserAttrs.password;
delete newUserAttrs['password']; // Don't store password
newUserAttrs.salt = bcrypt.genSaltSync(10);
newUserAttrs.hash = bcrypt.hashSync(password, newUserAttrs.salt);
// Create a new user in your data store
getData.createUser( newUserAttrs, function (err, createdUser) {
if (err) return promise.fail(err);
return promise.fulfill(createdUser[0]);
});
return promise;
})
.registerSuccessRedirect('/login'); // Where to redirect to after a successful registration
everyauth.everymodule.userPkey = '_id';
everyauth.everymodule
// .userPkey('_id')
.findUserById( function (userId, callback) {
console.log("()()( IN FIND BY USER ID of everyauth");
getData.findUserById(userId, function(err, user) {
callback(err, user);
})
// User.findById(userId, callback);
// callback has the signature, function (err, user) {...}
});
exports.auth = everyauth;