alternate login engine, add google sign-in
Moe
parent
62177e886d
commit
adf3d1c8e9
|
|
@ -5,6 +5,7 @@ module.exports = function(s,config,lang){
|
|||
s.superUsersApi = {}
|
||||
s.factorAuth = {}
|
||||
s.failedLoginAttempts = {}
|
||||
s.alternateLogins = {}
|
||||
//
|
||||
var getUserByUid = function(params,columns,callback){
|
||||
if(!columns)columns = '*'
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
const {OAuth2Client} = require('google-auth-library');
|
||||
module.exports = (s,app,config) => {
|
||||
module.exports = (s,config,lang) => {
|
||||
const client = new OAuth2Client(config.appTokenGoogle);
|
||||
async function verifyToken(userLoginToken) {
|
||||
const ticket = await client.verifyIdToken({
|
||||
|
|
@ -83,8 +83,8 @@ module.exports = (s,app,config) => {
|
|||
['loginId','=',user.id],
|
||||
]
|
||||
})
|
||||
if(searchResponse[0]){
|
||||
const loginTokenRow = searchResponse[0]
|
||||
if(searchResponse.rows[0]){
|
||||
const loginTokenRow = searchResponse.rows[0]
|
||||
const userResponse = await s.knexQueryPromise({
|
||||
action: "select",
|
||||
columns: '*',
|
||||
|
|
@ -95,13 +95,24 @@ module.exports = (s,app,config) => {
|
|||
]
|
||||
})
|
||||
response.ok = true
|
||||
response.user = userResponse
|
||||
userResponse.rows[0].details = s.parseJSON(userResponse.rows[0].details)
|
||||
response.user = userResponse.rows[0]
|
||||
}else{
|
||||
console.log('This Token is Not Binded to a User!')
|
||||
// make new if no users?
|
||||
}
|
||||
}
|
||||
return response
|
||||
}
|
||||
s.alternateLogins['google'] = async (loginToken) => {
|
||||
const response = { ok: false }
|
||||
const tokenVerifyResponse = await loginWithGoogleAccount(loginToken)
|
||||
if(tokenVerifyResponse.user){
|
||||
response.ok = true
|
||||
response.user = tokenVerifyResponse.user
|
||||
}
|
||||
return response
|
||||
}
|
||||
return {
|
||||
client: client,
|
||||
verifyToken: verifyToken,
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ module.exports = function(s,config,lang,app,io){
|
|||
twoFactorVerification,
|
||||
ldapLogin,
|
||||
} = require('./auth/utils.js')(s,config,lang)
|
||||
const googleAuth = require('./auth/google.js')(s,config,lang)
|
||||
if(config.productType === 'Pro'){
|
||||
var LdapAuth = require('ldapauth-fork');
|
||||
}
|
||||
|
|
@ -170,7 +171,7 @@ module.exports = function(s,config,lang,app,io){
|
|||
],async function (req,res){
|
||||
var response = {ok: false};
|
||||
req.ip = s.getClientIp(req)
|
||||
var screenChooser = function(screen){
|
||||
const screenChooser = function(screen){
|
||||
var search = function(screen){
|
||||
if(req.url.indexOf(screen) > -1){
|
||||
return true
|
||||
|
|
@ -205,7 +206,7 @@ module.exports = function(s,config,lang,app,io){
|
|||
return false
|
||||
}
|
||||
//
|
||||
renderPage = function(focus,data){
|
||||
const renderPage = function(focus,data){
|
||||
if(s.failedLoginAttempts[req.body.mail]){
|
||||
clearTimeout(s.failedLoginAttempts[req.body.mail].timeout)
|
||||
delete(s.failedLoginAttempts[req.body.mail])
|
||||
|
|
@ -349,7 +350,37 @@ module.exports = function(s,config,lang,app,io){
|
|||
}
|
||||
})
|
||||
}
|
||||
if(req.body.mail&&req.body.pass){
|
||||
console.log(req.body)
|
||||
if(req.body.alternateLogin && s.alternateLogins[req.body.alternateLogin]){
|
||||
const alternateLogin = s.alternateLogins[req.body.alternateLogin]
|
||||
const alternateLoginResponse = await alternateLogin(req.body.alternateLoginToken)
|
||||
if(alternateLoginResponse.ok && alternateLoginResponse.user){
|
||||
const user = alternateLoginResponse.user
|
||||
const sessionKey = s.md5(s.gid())
|
||||
user.auth = sessionKey
|
||||
s.knexQuery({
|
||||
action: "update",
|
||||
table: "Users",
|
||||
update: {
|
||||
auth: sessionKey
|
||||
},
|
||||
where: [
|
||||
['ke','=',user.ke],
|
||||
['uid','=',user.uid],
|
||||
]
|
||||
})
|
||||
checkRoute(req.body.function,{
|
||||
ok: true,
|
||||
auth_token: user.auth,
|
||||
ke: user.ke,
|
||||
uid: user.uid,
|
||||
mail: user.mail,
|
||||
details: user.details
|
||||
})
|
||||
}else{
|
||||
return failedAuthentication(req.body.function,req.body.mail)
|
||||
}
|
||||
}else if(req.body.mail && req.body.pass){
|
||||
async function regularLogin(){
|
||||
const basicAuthResponse = await basicAuth(req.body.mail,req.body.pass)
|
||||
if(basicAuthResponse.user){
|
||||
|
|
|
|||
|
|
@ -81,6 +81,13 @@
|
|||
<div class="form-group f_i_input f_i_ldap" style="display:none">
|
||||
<input name="key" id="key" tabindex="2" class="monospace form-control wide-text" placeholder="Group Key">
|
||||
</div>
|
||||
<div class="form-group" style="display:none">
|
||||
<select class="form-control wide-text" name="alternateLogin">
|
||||
<option value="" selected>Default</option>
|
||||
<option value="google">Google</option>
|
||||
</select>
|
||||
<input style="display:none" name="alternateLoginToken" class="monospace form-control wide-text" placeholder="Group Key">
|
||||
</div>
|
||||
<% if(config.showLoginSelector === true){ %>
|
||||
<div class="form-group">
|
||||
<div class="row">
|
||||
|
|
@ -219,13 +226,11 @@ $('[selector]').change(function(e){
|
|||
<script src="https://apis.google.com/js/platform.js" async defer></script>
|
||||
<script>
|
||||
function onGoogleSignIn(googleUser) {
|
||||
var profile = googleUser.getBasicProfile();
|
||||
console.log('ID: ' + profile.getId()); // Do not send to your backend! Use an ID token instead.
|
||||
console.log('Name: ' + profile.getName());
|
||||
console.log('Image URL: ' + profile.getImageUrl());
|
||||
console.log('Email: ' + profile.getEmail()); // This is null if the 'email' scope is not present.
|
||||
|
||||
var id_token = googleUser.getAuthResponse().id_token;
|
||||
console.log("ID Token: " + id_token);
|
||||
$.ccio.f.find('[name="mail"],[name="pass"],.g-signin2').hide()
|
||||
$.ccio.f.find('[name="alternateLogin"]').val('google')
|
||||
$.ccio.f.find('[name="alternateLoginToken"]').val(id_token)
|
||||
$.ccio.f.find('[name="login-submit"]').html(`<i class="fa fa-google"></i> <%- lang.Login %>`)
|
||||
// $.ccio.f.submit()
|
||||
}
|
||||
</script>
|
||||
|
|
|
|||
Loading…
Reference in New Issue