hopfma/om
4
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

User creation on login (server-seitig)

Browse Source
This commit is contained in:
Erik Römmelt 2019-07-23 10:34:20 +02:00
parent a6dd34cf81
commit 85bca37a8c
6 changed files with 117 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
mong.js
View File

@ -1,13 +1,16 @@
var db = db.getSiblingDB('omdb'); var db = db.getSiblingDB('omdb');
// Delete all collections + all records
db.messages.deleteMany({});
db.tags.deleteMany({});
db.users.deleteMany({});
db.sessions.deleteMany({});
// Insert data in collections // Insert data in collections
load('mong_msg.js'); load('mong_msg.js');
load('mong_tag.js'); load('mong_tag.js');
load('mong_usr.js'); load('mong_usr.js');
// Delete all collections + all records
//db.messages.drop(); db.tags.drop(); db.user.drop(); db.sessions.drop()
// Print all collections + records count // Print all collections + records count
var collections = db.getCollectionNames(); var collections = db.getCollectionNames();
print('Collections inside the db:'); print('Collections inside the db:');

4
mong_usr.js
View File

@ -1,8 +1,8 @@
db.users.insert([ db.users.insert([
// author,OHMNEWS2019 // author,OHMNEWS2019
{"_id":"author","name":"Test Author","type":"author","roles":["user","author"],"hash":"sha256","salt":"cy5CkPrplcEze6o4psURhw==","pwd":"Gc8ozlxjEGITkS+fW9tz2xLROzws44s04EOCWuP04qE=","tags":["wichtig","th"],"bookmarks":["th"],}, {"_id":"author","name":"Test Author","type":"author","roles":["user","author"],"hash":"sha256","salt":"cy5CkPrplcEze6o4psURhw==","pwd":"Gc8ozlxjEGITkS+fW9tz2xLROzws44s04EOCWuP04qE=","abos":["wichtig","th"],"bookmarks":["th"],},
// admin,oZuse1 // admin,oZuse1
{"_id":"admin","name":"Test Admin","type":"admin","roles":["user","author","admin"],"hash":"sha256","salt":"PoIUHbDp7tP34ji31iQ0zw==","pwd":"mJpIfIksYs6LJJwYRBemFKqR6TacsSl2E0ZtpO1GMuk=","tags":["wichtig","th"],"bookmarks":["wichtig"],}, {"_id":"admin","name":"Test Admin","type":"admin","roles":["user","author","admin"],"hash":"sha256","salt":"PoIUHbDp7tP34ji31iQ0zw==","pwd":"mJpIfIksYs6LJJwYRBemFKqR6TacsSl2E0ZtpO1GMuk=","abos":["wichtig","th"],"bookmarks":["wichtig"],},
]) ])
db.users.insert({"name":"mustermannmax", "roles":["user"],"abos":[],"bookmarks":[]}) db.users.insert({"name":"mustermannmax", "roles":["user"],"abos":[],"bookmarks":[]})

40
public/routes/auth.js
View File

@ -5,8 +5,8 @@ function clearAuthState() {
auth.mail = ''; // Full mail address auth.mail = ''; // Full mail address
auth.roles = {}; // Role authorizations e.g. {user: true} auth.roles = {}; // Role authorizations e.g. {user: true}
auth.gender = ''; // Gender (e.g. Frau) auth.gender = ''; // Gender (e.g. Frau)
auth.bookmarks = []; // Ids of bookmarks auth.abos = []; // Followed tags
auth.abos = []; // Abos auth.bookmarks = []; // Ids of bookmarks
} }
clearAuthState(); clearAuthState();
@ -20,6 +20,32 @@ function fillAuthState(state) {
} }
} }
function updateUserInDB() {
$.ajax({
url: "api/usr",
data: {
abos: JSON.stringify(auth.abos),
bookmarks: JSON.stringify(auth.bookmarks),
mail: auth.mail,
name: auth.name,
_id: auth.user,
roles: JSON.stringify(auth.roles),
type: auth.type,
},
method: "POST"
}).done(successful_save).fail(failed_save);
function successful_save(res) {
console.info("User-save: Successful.");
console.info(res);
}
function failed_save(err) {
console.info("User-save: Failed.");
console.error(err);
}
}
// Login component: Login panel (if not logged in) or Logout element (if logged in) // Login component: Login panel (if not logged in) or Logout element (if logged in)
Vue.component('login-panel', { Vue.component('login-panel', {
template: ` template: `
@ -57,13 +83,13 @@ Vue.component('login-panel', {
</div>`, </div>`,
data: function () { data: function () {
return { return {
auth: auth,
user: '', user: '',
pwd: '', pwd: '',
error: false, error: false,
}; };
}, },
// TODO: Check if enough for session cookie re-login; checkbox // TODO: Check if enough for session cookie re-login; checkbox
// Doesn't work
// mounted: function() { // mounted: function() {
// this.checkData(); // this.checkData();
// }, // },
@ -94,6 +120,7 @@ Vue.component('login-panel', {
function successful_login(resData) { function successful_login(resData) {
fillAuthState(resData); fillAuthState(resData);
updateUserInDB();
console.info("Correct credentials"); console.info("Correct credentials");
this.closeLoginPanel; this.closeLoginPanel;
@ -103,7 +130,7 @@ Vue.component('login-panel', {
function failed_login(err) { function failed_login(err) {
console.info("Wrong credentials"); console.info("Wrong credentials");
this.showError=true; this.error=true;
this.showLoginPanel; this.showLoginPanel;
console.log("error: " + err.responseText); console.log("error: " + err.responseText);
@ -129,10 +156,9 @@ Vue.component('login-panel', {
function failed_login(err) { function failed_login(err) {
console.info("Re-Auth: Wrong credentials"); console.info("Re-Auth: Wrong credentials");
this.showError=true; this.error=true;
this.showLoginPanel; this.showLoginPanel;
console.log("error: " + err.responseText);
console.log(err); console.log(err);
} }
}, },
@ -140,6 +166,6 @@ Vue.component('login-panel', {
clearAuthState(); clearAuthState();
$.ajax({ url: "api/logout", method: "POST" }); $.ajax({ url: "api/logout", method: "POST" });
this.closeLoginPanel; this.closeLoginPanel;
} },
}, },
}); });

4
server.js
View File

@ -53,8 +53,8 @@ app.disable('x-powered-by');
app.set('trust proxy', 1) // trust first proxy, neccessary for cookie secure: true flag app.set('trust proxy', 1) // trust first proxy, neccessary for cookie secure: true flag
app.use(session({ app.use(session({
secret: 'ahhgylhuvh', // caesar(3) 2 letter surname secret: 'ahhgylhuvh', // caesar(3) 2 letter surname
resave: false, saveUninitialized: false, // don't create session until something stored
saveUninitialized: false, resave: false, //don't save session if unmodified
cookie: { cookie: {
maxAge: 30 * 24 * 3600 * 1000, // TODO: ttl for session as well (Store) maxAge: 30 * 24 * 3600 * 1000, // TODO: ttl for session as well (Store)
secure: true, // true for https only (since our app works only with https) secure: true, // true for https only (since our app works only with https)

58
server/authorization.js
View File

@ -17,18 +17,61 @@ const clientVisibleSession = { user: true, name: true, type: true, mail: true, r
function fillSession (req, user, roles, cb) { function fillSession (req, user, roles, cb) {
if (req.session === undefined) if (req.session === undefined)
next (common.genError (500, "Error")); next (common.genError (500, "Error"));
// regenerate a new session-id with clean instance
req.session.regenerate (function (err) { req.session.regenerate (function (err) {
if (user !== undefined && ! err) { if (user !== undefined && ! err) {
common.shallowCopy (user, serverVisibleSession, {roles: true}, req.session); common.shallowCopy (user, serverVisibleSession, {roles: true}, req.session);
console.info(req.session);
if (user._id) { if (user._id) {
req.session.user = user._id; req.session.user = user._id;
} }
req.session.roles = roles; req.session.roles = roles;
} else if (user === undefined && roles === undefined) {
// User logged out
req.session.destroy(function(err) {
if (err) {
console.error(err);
}
});
} }
return cb (err); return cb (err);
}); });
} }
// Save found user into DB, if not already exists
function saveFoundToDB(found) {
console.info(found);
Users.findById(found.user)
.exec(function(err, result){
if (err) {
console.error("Error: Users collection.");
console.error(err);
}
// User doesn't exist
if (found !== undefined && !result) {
Users.create({
_id: found.user,
name: found.name,
mail: found.mail,
type: found.type,
abos: '',
bookmarks: '',
roles: '',
}, function(err, done) {
if (err) {
console.error("User creation: Failed");
console.error(err);
} else {
console.info("New User created!");
}
if (done == null) {
console.error("Can not create user.");
}
});
}
});
}
const authorization = { const authorization = {
// Generate Error object suitible for throwing or next()ing // Generate Error object suitible for throwing or next()ing
genCheckAuthorized: function (group) { genCheckAuthorized: function (group) {
@ -62,7 +105,7 @@ const authorization = {
// Check whether to just validate current session ID // Check whether to just validate current session ID
if (user === '' && pwd === '') { if (user === '' && pwd === '') {
console.log ("auth revalidate: " + req.session.user); console.log ("auth revalidate: " + req.session._id);
if (req.session.user === undefined) if (req.session.user === undefined)
return returnError(); return returnError();
return returnSession (); return returnSession ();
@ -71,12 +114,12 @@ const authorization = {
// check local database, then ldap // check local database, then ldap
Users.findById (req.body.user) .exec (function (err, entry) { Users.findById (req.body.user) .exec (function (err, entry) {
// If there is a local user AND it has a password associated, test against this, and only this // If there is a local user AND it has a password associated, test against this, and only this
if (entry != null && entry.pwd) { // if (entry != null && entry.pwd) {
if (crypto.checkLocalAuth (entry, req.body.pwd)) { // if (crypto.checkLocalAuth (entry, req.body.pwd)) {
return fillSession (req, entry, common.arrayToHash(entry.roles), returnSession); // return fillSession (req, entry, common.arrayToHash(entry.roles), returnSession);
} // }
return returnError (); // return returnError ();
} // }
// check ldap // check ldap
ldap.authorize (user.toLowerCase(), pwd, function (found) { ldap.authorize (user.toLowerCase(), pwd, function (found) {
@ -98,6 +141,7 @@ const authorization = {
return fillSession (req, entry, entry.roles.length > 0 ? common.arrayToHash(entry.roles) : {user:true}, returnSession); return fillSession (req, entry, entry.roles.length > 0 ? common.arrayToHash(entry.roles) : {user:true}, returnSession);
} }
// Otherwise create standard user entry // Otherwise create standard user entry
saveFoundToDB(found);
return fillSession (req, found, {user:true}, returnSession); return fillSession (req, found, {user:true}, returnSession);
}); });
}); });

67
server/dbs.js
View File

@ -217,25 +217,22 @@ const dbs = {
* -> User schema * -> User schema
* Create a new user * Create a new user
*/ */
post: function (req, res) { post: function(req, res) {
// console.info(req.body);
model.Users.create({ model.Users.create({
_id: req.body.id, _id: req.body._id,
name: req.body.name, name: req.body.name,
mail: req.body.mail,
type: req.body.type, type: req.body.type,
roles: req.body.roles,
hash: req.body.hash,
salt: req.body.salt,
pwd: req.body.pwd,
abos: req.body.abos, abos: req.body.abos,
bookmarks: req.body.bookmarks, bookmarks: req.body.bookmarks,
}, function (err, result) { roles: req.body.roles,
}, function(err, result) {
if (err) { if (err) {
console.log(err); console.log(err);
return res.status(401).json(err.message); return res.status(401).json(err.message);
} else { } else {
res.json({ res.json({message: "User created!", user: req.body});
message: "User created!!"
});
} }
if (result == null) { if (result == null) {
return res.status(500).json("Can not create user.") return res.status(500).json("Can not create user.")
@ -365,42 +362,24 @@ const dbs = {
model.Tags._list = [""]; model.Tags._list = [""];
var userSchema = common.mongoose.Schema({ var userSchema = common.mongoose.Schema({
/*_id: { _id: { type: String, required: true },
type: String name: { type: String,
},*/ _comment: "" },
name: { mail: { type: String },
type: String, type: { type: String },
required: true, pwd: { type: String,
_comment: "" _comment: "" },
}, hash: { type: String },
pwd: { salt: { type: String },
type: String, abos: { type: [String],
_comment: "" _comment: "" },
},
hash: {
type: String
},
salt: {
type: String
},
type: {
type: String
},
roles: {
type: [String],
required: true,
_comment: ""
},
abos: {
type: [String],
_comment: ""
},
//deactivated: { type: Boolean }, //deactivated: { type: Boolean },
//host: { type: Boolean }, //host: { type: Boolean },
bookmarks: { bookmarks: { type: [String],
type: [String], _comment: "" },
_comment: "" sessionid: { type: String },
}, roles: { type: [String], required: true,
_comment: "" },
}); });
model.Users = common.mongoose.model('users', userSchema); model.Users = common.mongoose.model('users', userSchema);
model.Users._list = [""]; model.Users._list = [""];