authenticate with passport but keep sessions temp.

arillo · Feb 15, 2021 · f3584ab · f3584ab
1 parent 8be0baa
commit f3584ab
Show file tree

Hide file tree

Showing 5 changed files with 44 additions and 9 deletions.
diff --git a/package.json b/package.json
@@ -17,6 +17,7 @@
     "body-parser": "^1.19.0",
     "cheerio": "0.22.0",
     "config": "1.25.1",
+    "connect-ensure-login": "^0.1.1",
     "cookie-parser": "~1.4.3",
     "ejs": "3.1.5",
     "execSync": "latest",

diff --git a/routes/api/passport.js b/routes/api/passport.js
@@ -3,7 +3,8 @@
 var express = require('express');
 var router = express.Router();
 
-// var config = require('config');
+var config = require('config');
+var crypto = require('crypto');
 const db = require('../../models/db');
 
 
@@ -55,8 +56,30 @@ router.post('/', (req, res, next) => {
             if (err) {
                 return next(err);
             }
-
-            return res.redirect('/');
+            crypto.randomBytes(48, function(ex, buf) {
+            var token = buf.toString('hex');
+
+            var session = {
+                user_id: user._id,
+                token: token,
+                ip: req.ip,
+                device: "web",
+                created_at: new Date()
+            };
+
+            db.Session.create(session)
+                .error(err => {
+                    console.error("Error creating Session:",err);
+                    res.sendStatus(500);
+                })
+                .then(() => {
+                    var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname;
+                    res.cookie('sdsession', token, { domain: domain, httpOnly: true });
+                    res.status(201).json(session);
+                });
+            });
+            // res.status(201).json(user);
+            // return res.redirect('/');
         });
 
     })(req, res, next);

diff --git a/routes/root.js b/routes/root.js
@@ -1,5 +1,7 @@
 "use strict";
 
+const connectEnsureLogin = require('connect-ensure-login');
+
 const config = require('config');
 
 const redis = require('../helpers/redis');
@@ -22,7 +24,7 @@ router.get('/ping', (req, res) => {
   res.status(200).json({"status": "ok"})
 });
 
-router.get('/spaces', (req, res) => {
+router.get('/spaces', connectEnsureLogin.ensureLoggedIn(), (req, res) => {
   res.render('spacedeck', { config:config, user:req.user });
 });
 
@@ -34,7 +36,7 @@ router.get('/confirm/:token', (req, res) => {
   res.render('spacedeck', { config:config, user:req.user });
 });
 
-router.get('/folders/:id', (req, res) => {
+router.get('/folders/:id', connectEnsureLogin.ensureLoggedIn(), (req, res) => {
   res.render('spacedeck', { config:config, user:req.user });
 });
 
@@ -86,7 +88,7 @@ router.get('/en', (req, res) => {
   res.redirect("/t/end");
 });
 
-router.get('/account', (req, res) => {
+router.get('/account', connectEnsureLogin.ensureLoggedIn(), (req, res) => {
   res.render('spacedeck');
 });
 
@@ -130,7 +132,7 @@ router.get('/s/:hash', (req, res) => {
   });
 });
 
-router.get('/spaces/:id', (req, res) => {
+router.get('/spaces/:id', connectEnsureLogin.ensureLoggedIn(), (req, res) => {
   res.render('spacedeck', { config:config, user:req.user });
 });
 

diff --git a/spacedeck.js b/spacedeck.js
@@ -15,11 +15,13 @@ const favicon = require('serve-favicon');
 const logger = require('morgan');
 const cookieParser = require('cookie-parser');
 const bodyParser = require('body-parser');
+
+// authentication
 const passport = require('passport');
 const session = require("express-session");
 
 const i18n = require('i18n-2');
-const helmet = require('helmet');
+// const helmet = require('helmet');
 
 const express = require('express');
 const app = express();
@@ -79,7 +81,9 @@ app.disable('x-powered-by');
 
 //app.use(require("./middlewares/error_helpers"));
 //app.use(require("./middlewares/cors"));
-app.use(require("./middlewares/session"));
+
+// app.use(require("./middlewares/session"));
+
 app.use(require("./middlewares/i18n"));
 app.use("/api", require("./middlewares/api_helpers"));
 app.use('/api/spaces/:id', require("./middlewares/space_helpers"));

diff --git a/yarn.lock b/yarn.lock
@@ -950,6 +950,11 @@ configstore@^5.0.1:
     write-file-atomic "^3.0.0"
     xdg-basedir "^4.0.0"
 
+connect-ensure-login@^0.1.1:
+  version "0.1.1"
+  resolved "https://registry.yarnpkg.com/connect-ensure-login/-/connect-ensure-login-0.1.1.tgz#174dcc51243b9eac23f8d98215aeb6694e2e8a12"
+  integrity sha1-F03MUSQ7nqwj+NmCFa62aU4uihI=
+
 console-control-strings@^1.0.0, console-control-strings@~1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e"