ShinobiSystems
/
Shinobi
mirror of https://gitlab.com/Shinobi-Systems/Shinobi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

alternate login engine, add google sign-in

auto-build-api-doc-with-code
Moe 2021-04-02 22:14:34 -07:00
parent 62177e886d
commit adf3d1c8e9
4 changed files with 63 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
libs/auth.js
View File

@ -5,6 +5,7 @@ module.exports = function(s,config,lang){
s.superUsersApi = {}
s.factorAuth = {}
s.failedLoginAttempts = {}
s.alternateLogins = {}
//
var getUserByUid = function(params,columns,callback){
if(!columns)columns = '*'

19
libs/auth/google.js
View File

@ -1,5 +1,5 @@
const {OAuth2Client} = require('google-auth-library');
module.exports = (s,app,config) => {
module.exports = (s,config,lang) => {
const client = new OAuth2Client(config.appTokenGoogle);
async function verifyToken(userLoginToken) {
const ticket = await client.verifyIdToken({
@ -83,8 +83,8 @@ module.exports = (s,app,config) => {
['loginId','=',user.id],
]
})
if(searchResponse[0]){
const loginTokenRow = searchResponse[0]
if(searchResponse.rows[0]){
const loginTokenRow = searchResponse.rows[0]
const userResponse = await s.knexQueryPromise({
action: "select",
columns: '*',
@ -95,13 +95,24 @@ module.exports = (s,app,config) => {
]
})
response.ok = true
response.user = userResponse
userResponse.rows[0].details = s.parseJSON(userResponse.rows[0].details)
response.user = userResponse.rows[0]
}else{
console.log('This Token is Not Binded to a User!')
// make new if no users?
}
}
return response
}
s.alternateLogins['google'] = async (loginToken) => {
const response = { ok: false }
const tokenVerifyResponse = await loginWithGoogleAccount(loginToken)
if(tokenVerifyResponse.user){
response.ok = true
response.user = tokenVerifyResponse.user
}
return response
}
return {
client: client,
verifyToken: verifyToken,

37
libs/webServerPaths.js
View File

@ -26,6 +26,7 @@ module.exports = function(s,config,lang,app,io){
twoFactorVerification,
ldapLogin,
} = require('./auth/utils.js')(s,config,lang)
const googleAuth = require('./auth/google.js')(s,config,lang)
if(config.productType === 'Pro'){
var LdapAuth = require('ldapauth-fork');
}
@ -170,7 +171,7 @@ module.exports = function(s,config,lang,app,io){
],async function (req,res){
var response = {ok: false};
req.ip = s.getClientIp(req)
var screenChooser = function(screen){
const screenChooser = function(screen){
var search = function(screen){
if(req.url.indexOf(screen) > -1){
return true
@ -205,7 +206,7 @@ module.exports = function(s,config,lang,app,io){
return false
}
//
renderPage = function(focus,data){
const renderPage = function(focus,data){
if(s.failedLoginAttempts[req.body.mail]){
clearTimeout(s.failedLoginAttempts[req.body.mail].timeout)
delete(s.failedLoginAttempts[req.body.mail])
@ -349,7 +350,37 @@ module.exports = function(s,config,lang,app,io){
}
})
}
if(req.body.mail&&req.body.pass){
console.log(req.body)
if(req.body.alternateLogin && s.alternateLogins[req.body.alternateLogin]){
const alternateLogin = s.alternateLogins[req.body.alternateLogin]
const alternateLoginResponse = await alternateLogin(req.body.alternateLoginToken)
if(alternateLoginResponse.ok && alternateLoginResponse.user){
const user = alternateLoginResponse.user
const sessionKey = s.md5(s.gid())
user.auth = sessionKey
s.knexQuery({
action: "update",
table: "Users",
update: {
auth: sessionKey
},
where: [
['ke','=',user.ke],
['uid','=',user.uid],
]
})
checkRoute(req.body.function,{
ok: true,
auth_token: user.auth,
ke: user.ke,
uid: user.uid,
mail: user.mail,
details: user.details
})
}else{
return failedAuthentication(req.body.function,req.body.mail)
}
}else if(req.body.mail && req.body.pass){
async function regularLogin(){
const basicAuthResponse = await basicAuth(req.body.mail,req.body.pass)
if(basicAuthResponse.user){

21
web/pages/index.ejs
View File

@ -81,6 +81,13 @@
<div class="form-group f_i_input f_i_ldap" style="display:none">
<input name="key" id="key" tabindex="2" class="monospace form-control wide-text" placeholder="Group Key">
</div>
<div class="form-group" style="display:none">
<select class="form-control wide-text" name="alternateLogin">
<option value="" selected>Default</option>
<option value="google">Google</option>
</select>
<input style="display:none" name="alternateLoginToken" class="monospace form-control wide-text" placeholder="Group Key">
</div>
<% if(config.showLoginSelector === true){ %>
<div class="form-group">
<div class="row">
@ -219,13 +226,11 @@ $('[selector]').change(function(e){
<script src="https://apis.google.com/js/platform.js" async defer></script>
<script>
function onGoogleSignIn(googleUser) {
var profile = googleUser.getBasicProfile();
console.log('ID: ' + profile.getId()); // Do not send to your backend! Use an ID token instead.
console.log('Name: ' + profile.getName());
console.log('Image URL: ' + profile.getImageUrl());
console.log('Email: ' + profile.getEmail()); // This is null if the 'email' scope is not present.
var id_token = googleUser.getAuthResponse().id_token;
console.log("ID Token: " + id_token);
var id_token = googleUser.getAuthResponse().id_token;
$.ccio.f.find('[name="mail"],[name="pass"],.g-signin2').hide()
$.ccio.f.find('[name="alternateLogin"]').val('google')
$.ccio.f.find('[name="alternateLoginToken"]').val(id_token)
$.ccio.f.find('[name="login-submit"]').html(`<i class="fa fa-google"></i> <%- lang.Login %>`)
// $.ccio.f.submit()
}
</script>