hopfma/om
4
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

User creation on login (server-seitig)

Browse Source
This commit is contained in:
Erik Römmelt 2019-07-23 10:34:20 +02:00
parent a6dd34cf81
commit 85bca37a8c
6 changed files with 117 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
mong.js
View File

@ -1,13 +1,16 @@
var db = db.getSiblingDB('omdb');
// Delete all collections + all records
db.messages.deleteMany({});
db.tags.deleteMany({});
db.users.deleteMany({});
db.sessions.deleteMany({});
// Insert data in collections
load('mong_msg.js');
load('mong_tag.js');
load('mong_usr.js');
// Delete all collections + all records
//db.messages.drop(); db.tags.drop(); db.user.drop(); db.sessions.drop()
// Print all collections + records count
var collections = db.getCollectionNames();
print('Collections inside the db:');

4
mong_usr.js
View File

@ -1,8 +1,8 @@
db.users.insert([
// author,OHMNEWS2019
{"_id":"author","name":"Test Author","type":"author","roles":["user","author"],"hash":"sha256","salt":"cy5CkPrplcEze6o4psURhw==","pwd":"Gc8ozlxjEGITkS+fW9tz2xLROzws44s04EOCWuP04qE=","tags":["wichtig","th"],"bookmarks":["th"],},
{"_id":"author","name":"Test Author","type":"author","roles":["user","author"],"hash":"sha256","salt":"cy5CkPrplcEze6o4psURhw==","pwd":"Gc8ozlxjEGITkS+fW9tz2xLROzws44s04EOCWuP04qE=","abos":["wichtig","th"],"bookmarks":["th"],},
// admin,oZuse1
{"_id":"admin","name":"Test Admin","type":"admin","roles":["user","author","admin"],"hash":"sha256","salt":"PoIUHbDp7tP34ji31iQ0zw==","pwd":"mJpIfIksYs6LJJwYRBemFKqR6TacsSl2E0ZtpO1GMuk=","tags":["wichtig","th"],"bookmarks":["wichtig"],},
{"_id":"admin","name":"Test Admin","type":"admin","roles":["user","author","admin"],"hash":"sha256","salt":"PoIUHbDp7tP34ji31iQ0zw==","pwd":"mJpIfIksYs6LJJwYRBemFKqR6TacsSl2E0ZtpO1GMuk=","abos":["wichtig","th"],"bookmarks":["wichtig"],},
])
db.users.insert({"name":"mustermannmax", "roles":["user"],"abos":[],"bookmarks":[]})

38
public/routes/auth.js
View File

@ -5,8 +5,8 @@ function clearAuthState() {
auth.mail = ''; // Full mail address
auth.roles = {}; // Role authorizations e.g. {user: true}
auth.gender = ''; // Gender (e.g. Frau)
auth.abos = []; // Followed tags
auth.bookmarks = []; // Ids of bookmarks
auth.abos = []; // Abos
}
clearAuthState();
@ -20,6 +20,32 @@ function fillAuthState(state) {
}
}
function updateUserInDB() {
$.ajax({
url: "api/usr",
data: {
abos: JSON.stringify(auth.abos),
bookmarks: JSON.stringify(auth.bookmarks),
mail: auth.mail,
name: auth.name,
_id: auth.user,
roles: JSON.stringify(auth.roles),
type: auth.type,
},
method: "POST"
}).done(successful_save).fail(failed_save);
function successful_save(res) {
console.info("User-save: Successful.");
console.info(res);
}
function failed_save(err) {
console.info("User-save: Failed.");
console.error(err);
}
}
// Login component: Login panel (if not logged in) or Logout element (if logged in)
Vue.component('login-panel', {
template: `
@ -57,13 +83,13 @@ Vue.component('login-panel', {
</div>`,
data: function () {
return {
auth: auth,
user: '',
pwd: '',
error: false,
};
},
// TODO: Check if enough for session cookie re-login; checkbox
// Doesn't work
// mounted: function() {
// this.checkData();
// },
@ -94,6 +120,7 @@ Vue.component('login-panel', {
function successful_login(resData) {
fillAuthState(resData);
updateUserInDB();
console.info("Correct credentials");
this.closeLoginPanel;
@ -103,7 +130,7 @@ Vue.component('login-panel', {
function failed_login(err) {
console.info("Wrong credentials");
this.showError=true;
this.error=true;
this.showLoginPanel;
console.log("error: " + err.responseText);
@ -129,10 +156,9 @@ Vue.component('login-panel', {
function failed_login(err) {
console.info("Re-Auth: Wrong credentials");
this.showError=true;
this.error=true;
this.showLoginPanel;
console.log("error: " + err.responseText);
console.log(err);
}
},
@ -140,6 +166,6 @@ Vue.component('login-panel', {
clearAuthState();
$.ajax({ url: "api/logout", method: "POST" });
this.closeLoginPanel;
}
},
},
});

4
server.js
View File

@ -53,8 +53,8 @@ app.disable('x-powered-by');
app.set('trust proxy', 1) // trust first proxy, neccessary for cookie secure: true flag
app.use(session({
secret: 'ahhgylhuvh', // caesar(3) 2 letter surname
resave: false,
saveUninitialized: false,
saveUninitialized: false, // don't create session until something stored
resave: false, //don't save session if unmodified
cookie: {
maxAge: 30 * 24 * 3600 * 1000, // TODO: ttl for session as well (Store)
secure: true, // true for https only (since our app works only with https)

58
server/authorization.js
View File

@ -17,18 +17,61 @@ const clientVisibleSession = { user: true, name: true, type: true, mail: true, r
function fillSession (req, user, roles, cb) {
if (req.session === undefined)
next (common.genError (500, "Error"));
// regenerate a new session-id with clean instance
req.session.regenerate (function (err) {
if (user !== undefined && ! err) {
common.shallowCopy (user, serverVisibleSession, {roles: true}, req.session);
console.info(req.session);
if (user._id) {
req.session.user = user._id;
}
req.session.roles = roles;
} else if (user === undefined && roles === undefined) {
// User logged out
req.session.destroy(function(err) {
if (err) {
console.error(err);
}
});
}
return cb (err);
});
}
// Save found user into DB, if not already exists
function saveFoundToDB(found) {
console.info(found);
Users.findById(found.user)
.exec(function(err, result){
if (err) {
console.error("Error: Users collection.");
console.error(err);
}
// User doesn't exist
if (found !== undefined && !result) {
Users.create({
_id: found.user,
name: found.name,
mail: found.mail,
type: found.type,
abos: '',
bookmarks: '',
roles: '',
}, function(err, done) {
if (err) {
console.error("User creation: Failed");
console.error(err);
} else {
console.info("New User created!");
}
if (done == null) {
console.error("Can not create user.");
}
});
}
});
}
const authorization = {
// Generate Error object suitible for throwing or next()ing
genCheckAuthorized: function (group) {
@ -62,7 +105,7 @@ const authorization = {
// Check whether to just validate current session ID
if (user === '' && pwd === '') {
console.log ("auth revalidate: " + req.session.user);
console.log ("auth revalidate: " + req.session._id);
if (req.session.user === undefined)
return returnError();
return returnSession ();
@ -71,12 +114,12 @@ const authorization = {
// check local database, then ldap
Users.findById (req.body.user) .exec (function (err, entry) {
// If there is a local user AND it has a password associated, test against this, and only this
if (entry != null && entry.pwd) {
if (crypto.checkLocalAuth (entry, req.body.pwd)) {
return fillSession (req, entry, common.arrayToHash(entry.roles), returnSession);
}
return returnError ();
}
// if (entry != null && entry.pwd) {
// if (crypto.checkLocalAuth (entry, req.body.pwd)) {
// return fillSession (req, entry, common.arrayToHash(entry.roles), returnSession);
// }
// return returnError ();
// }
// check ldap
ldap.authorize (user.toLowerCase(), pwd, function (found) {
@ -98,6 +141,7 @@ const authorization = {
return fillSession (req, entry, entry.roles.length > 0 ? common.arrayToHash(entry.roles) : {user:true}, returnSession);
}
// Otherwise create standard user entry
saveFoundToDB(found);
return fillSession (req, found, {user:true}, returnSession);
});
});

63
server/dbs.js
View File

@ -218,24 +218,21 @@ const dbs = {
* Create a new user
*/
post: function(req, res) {
// console.info(req.body);
model.Users.create({
_id: req.body.id,
_id: req.body._id,
name: req.body.name,
mail: req.body.mail,
type: req.body.type,
roles: req.body.roles,
hash: req.body.hash,
salt: req.body.salt,
pwd: req.body.pwd,
abos: req.body.abos,
bookmarks: req.body.bookmarks,
roles: req.body.roles,
}, function(err, result) {
if (err) {
console.log(err);
return res.status(401).json(err.message);
} else {
res.json({
message: "User created!!"
});
res.json({message: "User created!", user: req.body});
}
if (result == null) {
return res.status(500).json("Can not create user.")
@ -365,42 +362,24 @@ const dbs = {
model.Tags._list = [""];
var userSchema = common.mongoose.Schema({
/*_id: {
type: String
},*/
name: {
type: String,
required: true,
_comment: ""
},
pwd: {
type: String,
_comment: ""
},
hash: {
type: String
},
salt: {
type: String
},
type: {
type: String
},
roles: {
type: [String],
required: true,
_comment: ""
},
abos: {
type: [String],
_comment: ""
},
_id: { type: String, required: true },
name: { type: String,
_comment: "" },
mail: { type: String },
type: { type: String },
pwd: { type: String,
_comment: "" },
hash: { type: String },
salt: { type: String },
abos: { type: [String],
_comment: "" },
//deactivated: { type: Boolean },
//host: { type: Boolean },
bookmarks: {
type: [String],
_comment: ""
},
bookmarks: { type: [String],
_comment: "" },
sessionid: { type: String },
roles: { type: [String], required: true,
_comment: "" },
});
model.Users = common.mongoose.model('users', userSchema);
model.Users._list = [""];