greatbody
/
freeCodeCamp
mirror of https://github.com/freeCodeCamp/freeCodeCamp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #17217 from raisedadead/feat/authentication 

fix(auth): Set domain cookies, and chain user
pull/17172/head
Stuart Taylor 2018-05-22 23:05:49 +01:00 committed by GitHub
parent 8535669ea4 e35fbef5d1
commit 5fbf8a93a0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 36 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
common/models/User-Identity.js
View File

@ -53,6 +53,24 @@ export default function(UserIdent) {
const email = profile.emails[0].value; const email = profile.emails[0].value;
return User.findOne$({ where: { email } }) return User.findOne$({ where: { email } })
.flatMap(user => { .flatMap(user => {
return user ?
Observable.of(user) :
User.create$({ email }).toPromise();
})
.flatMap(user => {
if (!user) {
throw wrapHandledError(
new Error('could not find or create a user'),
{
message: dedent`
Oops... something is not right. We could not find or create a
user with that email.
`,
type: 'info',
redirectTo: '/'
}
);
}
const createToken = observeQuery( const createToken = observeQuery(
AccessToken, AccessToken,
'create', 'create',
@ -62,16 +80,15 @@ export default function(UserIdent) {
ttl: user.constructor.settings.ttl ttl: user.constructor.settings.ttl
} }
); );
if (!user) { const updateUser = user.update$({
return Observable.combineLatest( emailVerified: true,
User.create$({ email }), emailAuthLinkTTL: null,
createToken, emailVerifyTTL: null
(user, token) => ({ user, token }) });
);
}
return Observable.combineLatest( return Observable.combineLatest(
Observable.of(user), Observable.of(user),
createToken, createToken,
updateUser,
(user, token) => ({user, token}) (user, token) => ({user, token})
); );
}) })
@ -90,10 +107,9 @@ export default function(UserIdent) {
{ {
message: dedent` message: dedent`
New accounts can only be created using an email address. New accounts can only be created using an email address.
Please create an account below
`, `,
type: 'info', type: 'info',
redirectTo: '/signup' redirectTo: '/'
} }
); );
} }
@ -113,7 +129,7 @@ export default function(UserIdent) {
new Error('user identity is not associated with a user'), new Error('user identity is not associated with a user'),
{ {
type: 'info', type: 'info',
redirectTo: '/signup', redirectTo: '/',
message: dedent` message: dedent`
The user account associated with the ${provider} user ${username || 'Anon'} The user account associated with the ${provider} user ${username || 'Anon'}
no longer exists. no longer exists.

2
common/models/user.js
View File

@ -376,7 +376,7 @@ module.exports = function(User) {
const config = { const config = {
signed: !!req.signedCookies, signed: !!req.signedCookies,
maxAge: accessToken.ttl, maxAge: accessToken.ttl,
domain: '.freecodecamp.org' domain: process.env.COOKIE_DOMAIN || 'localhost'
}; };
if (accessToken && accessToken.id) { if (accessToken && accessToken.id) {
res.cookie('access_token', accessToken.id, config); res.cookie('access_token', accessToken.id, config);

12
server/boot/authentication.js
View File

@ -29,16 +29,16 @@ module.exports = function enableAuthentication(app) {
const api = app.loopback.Router(); const api = app.loopback.Router();
const { AuthToken, User } = app.models; const { AuthToken, User } = app.models;
router.get('/signup', (req, res) => res.redirect(301, '/login')); router.get('/signup', (req, res) => res.redirect(301, '/signin'));
router.get('/email-signin', (req, res) => res.redirect(301, '/login')); router.get('/email-signin', (req, res) => res.redirect(301, '/signin'));
router.get('/signin', (req, res) => res.redirect(301, '/login')); router.get('/login', (req, res) => res.redirect(301, '/signin'));
router.get('/signout', (req, res) => res.redirect(301, '/logout')); router.get('/logout', (req, res) => res.redirect(301, '/signout'));
router.get('/login', router.get('/signin',
ifUserRedirect, ifUserRedirect,
(req, res) => res.redirect(301, '/auth/auth0')); (req, res) => res.redirect(301, '/auth/auth0'));
router.get('/logout', (req, res) => { router.get('/signout', (req, res) => {
req.logout(); req.logout();
res.redirect('/'); res.redirect('/');
}); });

3
server/component-passport.js
View File

@ -140,7 +140,8 @@ export default function setupPassport(app) {
); );
const cookieConfig = { const cookieConfig = {
signed: !!req.signedCookies, signed: !!req.signedCookies,
maxAge: accessToken.ttl maxAge: accessToken.ttl,
domain: process.env.COOKIE_DOMAIN || 'localhost'
}; };
res.cookie('access_token', accessToken.id, cookieConfig); res.cookie('access_token', accessToken.id, cookieConfig);
res.cookie('userId', accessToken.userId, cookieConfig); res.cookie('userId', accessToken.userId, cookieConfig);