wikijs-fork/controllers/auth.js

70 lines
1.6 KiB
JavaScript
Raw Normal View History

2016-08-17 03:56:08 +00:00
var express = require('express');
var router = express.Router();
var passport = require('passport');
var ExpressBrute = require('express-brute');
var ExpressBruteMongooseStore = require('express-brute-mongoose');
2016-08-17 03:56:08 +00:00
var moment = require('moment');
/**
* Setup Express-Brute
*/
var EBstore = new ExpressBruteMongooseStore(db.Bruteforce);
2016-08-17 03:56:08 +00:00
var bruteforce = new ExpressBrute(EBstore, {
freeRetries: 5,
minWait: 60 * 1000,
maxWait: 5 * 60 * 1000,
refreshTimeoutOnRequest: false,
failCallback(req, res, next, nextValidRequestDate) {
req.flash('alert', {
class: 'error',
title: 'Too many attempts!',
message: "You've made too many failed attempts in a short period of time, please try again " + moment(nextValidRequestDate).fromNow() + '.',
iconClass: 'fa-times'
});
res.redirect('/login');
}
});
2016-08-17 03:56:08 +00:00
/**
* Login form
*/
router.get('/login', function(req, res, next) {
res.render('auth/login', {
usr: res.locals.usr
});
});
router.post('/login', bruteforce.prevent, function(req, res, next) {
2016-08-17 03:56:08 +00:00
passport.authenticate('local', function(err, user, info) {
if (err) { return next(err); }
if (!user) {
req.flash('alert', {
class: 'error',
title: 'Invalid login',
message: "The email or password is invalid.",
iconClass: 'fa-times'
});
return res.redirect('/login');
}
req.logIn(user, function(err) {
if (err) { return next(err); }
req.brute.reset(function () {
return res.redirect('/');
});
2016-08-17 03:56:08 +00:00
});
})(req, res, next);
});
/**
* Logout
*/
router.get('/logout', function(req, res) {
req.logout();
res.redirect('/');
});
module.exports = router;