hopfma
/
om
Watch 4
Star 1
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

User creation on login (server-seitig)

master
Erik Römmelt 5 years ago
parent
a6dd34cf81
commit
85bca37a8c
6 changed files with 117 additions and 65 deletions
Split View Show Diff Stats
  1. 6
    3
      mong.js
  2. 2
    2
      mong_usr.js
  3. 33
    7
      public/routes/auth.js
  4. 2
    2
      server.js
  5. 51
    7
      server/authorization.js
  6. 23
    44
      server/dbs.js

+ 6
- 3
mong.js View File

@@ -1,13 +1,16 @@
var db = db.getSiblingDB('omdb');

// Delete all collections + all records
db.messages.deleteMany({});
db.tags.deleteMany({});
db.users.deleteMany({});
db.sessions.deleteMany({});

// Insert data in collections
load('mong_msg.js');
load('mong_tag.js');
load('mong_usr.js');

// Delete all collections + all records
//db.messages.drop(); db.tags.drop(); db.user.drop(); db.sessions.drop()

// Print all collections + records count
var collections = db.getCollectionNames();
print('Collections inside the db:');

+ 2
- 2
mong_usr.js View File

@@ -1,8 +1,8 @@
db.users.insert([
// author,OHMNEWS2019
{"_id":"author","name":"Test Author","type":"author","roles":["user","author"],"hash":"sha256","salt":"cy5CkPrplcEze6o4psURhw==","pwd":"Gc8ozlxjEGITkS+fW9tz2xLROzws44s04EOCWuP04qE=","tags":["wichtig","th"],"bookmarks":["th"],},
{"_id":"author","name":"Test Author","type":"author","roles":["user","author"],"hash":"sha256","salt":"cy5CkPrplcEze6o4psURhw==","pwd":"Gc8ozlxjEGITkS+fW9tz2xLROzws44s04EOCWuP04qE=","abos":["wichtig","th"],"bookmarks":["th"],},
// admin,oZuse1
{"_id":"admin","name":"Test Admin","type":"admin","roles":["user","author","admin"],"hash":"sha256","salt":"PoIUHbDp7tP34ji31iQ0zw==","pwd":"mJpIfIksYs6LJJwYRBemFKqR6TacsSl2E0ZtpO1GMuk=","tags":["wichtig","th"],"bookmarks":["wichtig"],},
{"_id":"admin","name":"Test Admin","type":"admin","roles":["user","author","admin"],"hash":"sha256","salt":"PoIUHbDp7tP34ji31iQ0zw==","pwd":"mJpIfIksYs6LJJwYRBemFKqR6TacsSl2E0ZtpO1GMuk=","abos":["wichtig","th"],"bookmarks":["wichtig"],},
])

db.users.insert({"name":"mustermannmax", "roles":["user"],"abos":[],"bookmarks":[]})

+ 33
- 7
public/routes/auth.js View File

@@ -5,8 +5,8 @@ function clearAuthState() {
auth.mail = ''; // Full mail address
auth.roles = {}; // Role authorizations e.g. {user: true}
auth.gender = ''; // Gender (e.g. Frau)
auth.bookmarks = []; // Ids of bookmarks
auth.abos = []; // Abos
auth.abos = []; // Followed tags
auth.bookmarks = []; // Ids of bookmarks
}
clearAuthState();

@@ -20,6 +20,32 @@ function fillAuthState(state) {
}
}

function updateUserInDB() {
$.ajax({
url: "api/usr",
data: {
abos: JSON.stringify(auth.abos),
bookmarks: JSON.stringify(auth.bookmarks),
mail: auth.mail,
name: auth.name,
_id: auth.user,
roles: JSON.stringify(auth.roles),
type: auth.type,
},
method: "POST"
}).done(successful_save).fail(failed_save);

function successful_save(res) {
console.info("User-save: Successful.");
console.info(res);
}

function failed_save(err) {
console.info("User-save: Failed.");
console.error(err);
}
}

// Login component: Login panel (if not logged in) or Logout element (if logged in)
Vue.component('login-panel', {
template: `
@@ -57,13 +83,13 @@ Vue.component('login-panel', {
</div>`,
data: function () {
return {
auth: auth,
user: '',
pwd: '',
error: false,
};
},
// TODO: Check if enough for session cookie re-login; checkbox
// Doesn't work
// mounted: function() {
// this.checkData();
// },
@@ -94,6 +120,7 @@ Vue.component('login-panel', {

function successful_login(resData) {
fillAuthState(resData);
updateUserInDB();
console.info("Correct credentials");
this.closeLoginPanel;

@@ -103,7 +130,7 @@ Vue.component('login-panel', {

function failed_login(err) {
console.info("Wrong credentials");
this.showError=true;
this.error=true;
this.showLoginPanel;

console.log("error: " + err.responseText);
@@ -129,10 +156,9 @@ Vue.component('login-panel', {

function failed_login(err) {
console.info("Re-Auth: Wrong credentials");
this.showError=true;
this.error=true;
this.showLoginPanel;

console.log("error: " + err.responseText);
console.log(err);
}
},
@@ -140,6 +166,6 @@ Vue.component('login-panel', {
clearAuthState();
$.ajax({ url: "api/logout", method: "POST" });
this.closeLoginPanel;
}
},
},
});

+ 2
- 2
server.js View File

@@ -53,8 +53,8 @@ app.disable('x-powered-by');
app.set('trust proxy', 1) // trust first proxy, neccessary for cookie secure: true flag
app.use(session({
secret: 'ahhgylhuvh', // caesar(3) 2 letter surname
resave: false,
saveUninitialized: false,
saveUninitialized: false, // don't create session until something stored
resave: false, //don't save session if unmodified
cookie: {
maxAge: 30 * 24 * 3600 * 1000, // TODO: ttl for session as well (Store)
secure: true, // true for https only (since our app works only with https)

+ 51
- 7
server/authorization.js View File

@@ -17,18 +17,61 @@ const clientVisibleSession = { user: true, name: true, type: true, mail: true, r
function fillSession (req, user, roles, cb) {
if (req.session === undefined)
next (common.genError (500, "Error"));
// regenerate a new session-id with clean instance
req.session.regenerate (function (err) {
if (user !== undefined && ! err) {
common.shallowCopy (user, serverVisibleSession, {roles: true}, req.session);
console.info(req.session);
if (user._id) {
req.session.user = user._id;
}
req.session.roles = roles;
} else if (user === undefined && roles === undefined) {
// User logged out
req.session.destroy(function(err) {
if (err) {
console.error(err);
}
});
}
return cb (err);
});
}

// Save found user into DB, if not already exists
function saveFoundToDB(found) {
console.info(found);
Users.findById(found.user)
.exec(function(err, result){
if (err) {
console.error("Error: Users collection.");
console.error(err);
}
// User doesn't exist
if (found !== undefined && !result) {
Users.create({
_id: found.user,
name: found.name,
mail: found.mail,
type: found.type,
abos: '',
bookmarks: '',
roles: '',
}, function(err, done) {
if (err) {
console.error("User creation: Failed");
console.error(err);
} else {
console.info("New User created!");
}
if (done == null) {
console.error("Can not create user.");
}
});
}
});
}

const authorization = {
// Generate Error object suitible for throwing or next()ing
genCheckAuthorized: function (group) {
@@ -62,7 +105,7 @@ const authorization = {

// Check whether to just validate current session ID
if (user === '' && pwd === '') {
console.log ("auth revalidate: " + req.session.user);
console.log ("auth revalidate: " + req.session._id);
if (req.session.user === undefined)
return returnError();
return returnSession ();
@@ -71,12 +114,12 @@ const authorization = {
// check local database, then ldap
Users.findById (req.body.user) .exec (function (err, entry) {
// If there is a local user AND it has a password associated, test against this, and only this
if (entry != null && entry.pwd) {
if (crypto.checkLocalAuth (entry, req.body.pwd)) {
return fillSession (req, entry, common.arrayToHash(entry.roles), returnSession);
}
return returnError ();
}
// if (entry != null && entry.pwd) {
// if (crypto.checkLocalAuth (entry, req.body.pwd)) {
// return fillSession (req, entry, common.arrayToHash(entry.roles), returnSession);
// }
// return returnError ();
// }

// check ldap
ldap.authorize (user.toLowerCase(), pwd, function (found) {
@@ -98,6 +141,7 @@ const authorization = {
return fillSession (req, entry, entry.roles.length > 0 ? common.arrayToHash(entry.roles) : {user:true}, returnSession);
}
// Otherwise create standard user entry
saveFoundToDB(found);
return fillSession (req, found, {user:true}, returnSession);
});
});

+ 23
- 44
server/dbs.js View File

@@ -217,25 +217,22 @@ const dbs = {
* -> User schema
* Create a new user
*/
post: function (req, res) {
post: function(req, res) {
// console.info(req.body);
model.Users.create({
_id: req.body.id,
_id: req.body._id,
name: req.body.name,
mail: req.body.mail,
type: req.body.type,
roles: req.body.roles,
hash: req.body.hash,
salt: req.body.salt,
pwd: req.body.pwd,
abos: req.body.abos,
bookmarks: req.body.bookmarks,
}, function (err, result) {
roles: req.body.roles,
}, function(err, result) {
if (err) {
console.log(err);
return res.status(401).json(err.message);
} else {
res.json({
message: "User created!!"
});
res.json({message: "User created!", user: req.body});
}
if (result == null) {
return res.status(500).json("Can not create user.")
@@ -365,42 +362,24 @@ const dbs = {
model.Tags._list = [""];

var userSchema = common.mongoose.Schema({
/*_id: {
type: String
},*/
name: {
type: String,
required: true,
_comment: ""
},
pwd: {
type: String,
_comment: ""
},
hash: {
type: String
},
salt: {
type: String
},
type: {
type: String
},
roles: {
type: [String],
required: true,
_comment: ""
},
abos: {
type: [String],
_comment: ""
},
_id: { type: String, required: true },
name: { type: String,
_comment: "" },
mail: { type: String },
type: { type: String },
pwd: { type: String,
_comment: "" },
hash: { type: String },
salt: { type: String },
abos: { type: [String],
_comment: "" },
//deactivated: { type: Boolean },
//host: { type: Boolean },
bookmarks: {
type: [String],
_comment: ""
},
bookmarks: { type: [String],
_comment: "" },
sessionid: { type: String },
roles: { type: [String], required: true,
_comment: "" },
});
model.Users = common.mongoose.model('users', userSchema);
model.Users._list = [""];

Write Preview
Loading…
Cancel
Save