Merge pull request #17217 from raisedadead/feat/authentication
fix(auth): Set domain cookies, and chain userpull/17172/head
commit
5fbf8a93a0
|
@ -53,6 +53,24 @@ export default function(UserIdent) {
|
||||||
const email = profile.emails[0].value;
|
const email = profile.emails[0].value;
|
||||||
return User.findOne$({ where: { email } })
|
return User.findOne$({ where: { email } })
|
||||||
.flatMap(user => {
|
.flatMap(user => {
|
||||||
|
return user ?
|
||||||
|
Observable.of(user) :
|
||||||
|
User.create$({ email }).toPromise();
|
||||||
|
})
|
||||||
|
.flatMap(user => {
|
||||||
|
if (!user) {
|
||||||
|
throw wrapHandledError(
|
||||||
|
new Error('could not find or create a user'),
|
||||||
|
{
|
||||||
|
message: dedent`
|
||||||
|
Oops... something is not right. We could not find or create a
|
||||||
|
user with that email.
|
||||||
|
`,
|
||||||
|
type: 'info',
|
||||||
|
redirectTo: '/'
|
||||||
|
}
|
||||||
|
);
|
||||||
|
}
|
||||||
const createToken = observeQuery(
|
const createToken = observeQuery(
|
||||||
AccessToken,
|
AccessToken,
|
||||||
'create',
|
'create',
|
||||||
|
@ -62,16 +80,15 @@ export default function(UserIdent) {
|
||||||
ttl: user.constructor.settings.ttl
|
ttl: user.constructor.settings.ttl
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
if (!user) {
|
const updateUser = user.update$({
|
||||||
return Observable.combineLatest(
|
emailVerified: true,
|
||||||
User.create$({ email }),
|
emailAuthLinkTTL: null,
|
||||||
createToken,
|
emailVerifyTTL: null
|
||||||
(user, token) => ({ user, token })
|
});
|
||||||
);
|
|
||||||
}
|
|
||||||
return Observable.combineLatest(
|
return Observable.combineLatest(
|
||||||
Observable.of(user),
|
Observable.of(user),
|
||||||
createToken,
|
createToken,
|
||||||
|
updateUser,
|
||||||
(user, token) => ({user, token})
|
(user, token) => ({user, token})
|
||||||
);
|
);
|
||||||
})
|
})
|
||||||
|
@ -90,10 +107,9 @@ export default function(UserIdent) {
|
||||||
{
|
{
|
||||||
message: dedent`
|
message: dedent`
|
||||||
New accounts can only be created using an email address.
|
New accounts can only be created using an email address.
|
||||||
Please create an account below
|
|
||||||
`,
|
`,
|
||||||
type: 'info',
|
type: 'info',
|
||||||
redirectTo: '/signup'
|
redirectTo: '/'
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -113,7 +129,7 @@ export default function(UserIdent) {
|
||||||
new Error('user identity is not associated with a user'),
|
new Error('user identity is not associated with a user'),
|
||||||
{
|
{
|
||||||
type: 'info',
|
type: 'info',
|
||||||
redirectTo: '/signup',
|
redirectTo: '/',
|
||||||
message: dedent`
|
message: dedent`
|
||||||
The user account associated with the ${provider} user ${username || 'Anon'}
|
The user account associated with the ${provider} user ${username || 'Anon'}
|
||||||
no longer exists.
|
no longer exists.
|
||||||
|
|
|
@ -376,7 +376,7 @@ module.exports = function(User) {
|
||||||
const config = {
|
const config = {
|
||||||
signed: !!req.signedCookies,
|
signed: !!req.signedCookies,
|
||||||
maxAge: accessToken.ttl,
|
maxAge: accessToken.ttl,
|
||||||
domain: '.freecodecamp.org'
|
domain: process.env.COOKIE_DOMAIN || 'localhost'
|
||||||
};
|
};
|
||||||
if (accessToken && accessToken.id) {
|
if (accessToken && accessToken.id) {
|
||||||
res.cookie('access_token', accessToken.id, config);
|
res.cookie('access_token', accessToken.id, config);
|
||||||
|
|
|
@ -29,16 +29,16 @@ module.exports = function enableAuthentication(app) {
|
||||||
const api = app.loopback.Router();
|
const api = app.loopback.Router();
|
||||||
const { AuthToken, User } = app.models;
|
const { AuthToken, User } = app.models;
|
||||||
|
|
||||||
router.get('/signup', (req, res) => res.redirect(301, '/login'));
|
router.get('/signup', (req, res) => res.redirect(301, '/signin'));
|
||||||
router.get('/email-signin', (req, res) => res.redirect(301, '/login'));
|
router.get('/email-signin', (req, res) => res.redirect(301, '/signin'));
|
||||||
router.get('/signin', (req, res) => res.redirect(301, '/login'));
|
router.get('/login', (req, res) => res.redirect(301, '/signin'));
|
||||||
router.get('/signout', (req, res) => res.redirect(301, '/logout'));
|
router.get('/logout', (req, res) => res.redirect(301, '/signout'));
|
||||||
|
|
||||||
router.get('/login',
|
router.get('/signin',
|
||||||
ifUserRedirect,
|
ifUserRedirect,
|
||||||
(req, res) => res.redirect(301, '/auth/auth0'));
|
(req, res) => res.redirect(301, '/auth/auth0'));
|
||||||
|
|
||||||
router.get('/logout', (req, res) => {
|
router.get('/signout', (req, res) => {
|
||||||
req.logout();
|
req.logout();
|
||||||
res.redirect('/');
|
res.redirect('/');
|
||||||
});
|
});
|
||||||
|
|
|
@ -140,7 +140,8 @@ export default function setupPassport(app) {
|
||||||
);
|
);
|
||||||
const cookieConfig = {
|
const cookieConfig = {
|
||||||
signed: !!req.signedCookies,
|
signed: !!req.signedCookies,
|
||||||
maxAge: accessToken.ttl
|
maxAge: accessToken.ttl,
|
||||||
|
domain: process.env.COOKIE_DOMAIN || 'localhost'
|
||||||
};
|
};
|
||||||
res.cookie('access_token', accessToken.id, cookieConfig);
|
res.cookie('access_token', accessToken.id, cookieConfig);
|
||||||
res.cookie('userId', accessToken.userId, cookieConfig);
|
res.cookie('userId', accessToken.userId, cookieConfig);
|
||||||
|
|
Loading…
Reference in New Issue