wikijs-fork/server/modules/authentication/local/authentication.js

45 lines
1.3 KiB
JavaScript
Raw Normal View History

const bcrypt = require('bcryptjs-then')
/* global WIKI */
2017-07-29 21:33:08 +00:00
// ------------------------------------
// Local Account
// ------------------------------------
const LocalStrategy = require('passport-local').Strategy
module.exports = {
init (passport, conf) {
passport.use('local',
new LocalStrategy({
usernameField: 'email',
passwordField: 'password'
2019-02-22 22:05:18 +00:00
}, async (uEmail, uPassword, done) => {
try {
const user = await WIKI.models.users.query().findOne({
email: uEmail.toLowerCase(),
2019-02-22 22:05:18 +00:00
providerKey: 'local'
})
if (user) {
2019-02-22 22:05:18 +00:00
await user.verifyPassword(uPassword)
if (!user.isActive) {
done(new WIKI.Error.AuthAccountBanned(), null)
} else if (!user.isVerified) {
done(new WIKI.Error.AuthAccountNotVerified(), null)
} else {
done(null, user)
}
} else {
// Fake verify password to mask timing differences
await bcrypt.compare((Math.random() + 1).toString(36), '$2a$12$irXbAcQSY59pcQQfNQpY8uyhfSw48nzDikAmr60drI501nR.PuBx2')
2018-05-20 22:50:51 +00:00
done(new WIKI.Error.AuthLoginFailed(), null)
}
2019-02-22 22:05:18 +00:00
} catch (err) {
done(err, null)
2019-02-22 22:05:18 +00:00
}
})
)
}
2017-07-29 21:33:08 +00:00
}