liz/wikijs-fork
liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: modular auth + logging changes

Browse Source
This commit is contained in:
NGPixel 2017-07-30 00:04:57 -04:00
parent f32429325c
commit 2020e457cf
15 changed files with 174 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
server/authentication/azure.js
View File

@ -8,26 +8,24 @@
const AzureAdOAuth2Strategy = require('passport-azure-ad-oauth2').Strategy const AzureAdOAuth2Strategy = require('passport-azure-ad-oauth2').Strategy
module.exports = (passport) => { module.exports = (passport, conf) => {
if (wiki.config.auth.azure && wiki.config.auth.azure.enabled) { const jwt = require('jsonwebtoken')
const jwt = require('jsonwebtoken') passport.use('azure_ad_oauth2',
passport.use('azure_ad_oauth2', new AzureAdOAuth2Strategy({
new AzureAdOAuth2Strategy({ clientID: conf.clientId,
clientID: wiki.config.auth.azure.clientId, clientSecret: conf.clientSecret,
clientSecret: wiki.config.auth.azure.clientSecret, callbackURL: conf.callbackURL,
callbackURL: wiki.config.host + '/login/azure/callback', resource: conf.resource,
resource: wiki.config.auth.azure.resource, tenant: conf.tenant
tenant: wiki.config.auth.azure.tenant }, (accessToken, refreshToken, params, profile, cb) => {
}, (accessToken, refreshToken, params, profile, cb) => { let waadProfile = jwt.decode(params.id_token)
let waadProfile = jwt.decode(params.id_token) waadProfile.id = waadProfile.oid
waadProfile.id = waadProfile.oid waadProfile.provider = 'azure'
waadProfile.provider = 'azure' wiki.db.User.processProfile(waadProfile).then((user) => {
wiki.db.User.processProfile(waadProfile).then((user) => { return cb(null, user) || true
return cb(null, user) || true }).catch((err) => {
}).catch((err) => { return cb(err, null) || true
return cb(err, null) || true })
}) }
} ))
))
}
} }

32
server/authentication/facebook.js
View File

@ -8,21 +8,19 @@
const FacebookStrategy = require('passport-facebook').Strategy const FacebookStrategy = require('passport-facebook').Strategy
module.exports = (passport) => { module.exports = (passport, conf) => {
if (wiki.config.auth.facebook && wiki.config.auth.facebook.enabled) { passport.use('facebook',
passport.use('facebook', new FacebookStrategy({
new FacebookStrategy({ clientID: conf.clientId,
clientID: wiki.config.auth.facebook.clientId, clientSecret: conf.clientSecret,
clientSecret: wiki.config.auth.facebook.clientSecret, callbackURL: conf.callbackURL,
callbackURL: wiki.config.host + '/login/facebook/callback', profileFields: ['id', 'displayName', 'email']
profileFields: ['id', 'displayName', 'email'] }, function (accessToken, refreshToken, profile, cb) {
}, function (accessToken, refreshToken, profile, cb) { wiki.db.User.processProfile(profile).then((user) => {
wiki.db.User.processProfile(profile).then((user) => { return cb(null, user) || true
return cb(null, user) || true }).catch((err) => {
}).catch((err) => { return cb(err, null) || true
return cb(err, null) || true })
}) }
} ))
))
}
} }

32
server/authentication/github.js
View File

@ -8,21 +8,19 @@
const GitHubStrategy = require('passport-github2').Strategy const GitHubStrategy = require('passport-github2').Strategy
module.exports = (passport) => { module.exports = (passport, conf) => {
if (wiki.config.auth.github && wiki.config.auth.github.enabled) { passport.use('github',
passport.use('github', new GitHubStrategy({
new GitHubStrategy({ clientID: conf.clientId,
clientID: wiki.config.auth.github.clientId, clientSecret: conf.clientSecret,
clientSecret: wiki.config.auth.github.clientSecret, callbackURL: conf.callbackURL,
callbackURL: wiki.config.host + '/login/github/callback', scope: ['user:email']
scope: ['user:email'] }, (accessToken, refreshToken, profile, cb) => {
}, (accessToken, refreshToken, profile, cb) => { wiki.db.User.processProfile(profile).then((user) => {
wiki.db.User.processProfile(profile).then((user) => { return cb(null, user) || true
return cb(null, user) || true }).catch((err) => {
}).catch((err) => { return cb(err, null) || true
return cb(err, null) || true })
}) }
} ))
))
}
} }

30
server/authentication/google.js
View File

@ -8,20 +8,18 @@
const GoogleStrategy = require('passport-google-oauth20').Strategy const GoogleStrategy = require('passport-google-oauth20').Strategy
module.exports = (passport) => { module.exports = (passport, conf) => {
if (wiki.config.auth.google && wiki.config.auth.google.enabled) { passport.use('google',
passport.use('google', new GoogleStrategy({
new GoogleStrategy({ clientID: conf.clientId,
clientID: wiki.config.auth.google.clientId, clientSecret: conf.clientSecret,
clientSecret: wiki.config.auth.google.clientSecret, callbackURL: conf.callbackURL
callbackURL: wiki.config.host + '/login/google/callback' }, (accessToken, refreshToken, profile, cb) => {
}, (accessToken, refreshToken, profile, cb) => { wiki.db.User.processProfile(profile).then((user) => {
wiki.db.User.processProfile(profile).then((user) => { return cb(null, user) || true
return cb(null, user) || true }).catch((err) => {
}).catch((err) => { return cb(err, null) || true
return cb(err, null) || true })
}) }
} ))
))
}
} }

59
server/authentication/ldap.js
View File

@ -7,35 +7,34 @@
// ------------------------------------ // ------------------------------------
const LdapStrategy = require('passport-ldapauth').Strategy const LdapStrategy = require('passport-ldapauth').Strategy
const fs = require('fs')
module.exports = (passport) => { module.exports = (passport, conf) => {
if (wiki.config.auth.ldap && wiki.config.auth.ldap.enabled) { passport.use('ldapauth',
passport.use('ldapauth', new LdapStrategy({
new LdapStrategy({ server: {
server: { url: conf.url,
url: wiki.config.auth.ldap.url, bindDn: conf.bindDn,
bindDn: wiki.config.auth.ldap.bindDn, bindCredentials: conf.bindCredentials,
bindCredentials: wiki.config.auth.ldap.bindCredentials, searchBase: conf.searchBase,
searchBase: wiki.config.auth.ldap.searchBase, searchFilter: conf.searchFilter,
searchFilter: wiki.config.auth.ldap.searchFilter, searchAttributes: ['displayName', 'name', 'cn', 'mail'],
searchAttributes: ['displayName', 'name', 'cn', 'mail'], tlsOptions: (conf.tlsEnabled) ? {
tlsOptions: (wiki.config.auth.ldap.tlsEnabled) ? { ca: [
ca: [ fs.readFileSync(conf.tlsCertPath)
fs.readFileSync(wiki.config.auth.ldap.tlsCertPath) ]
] } : {}
} : {} },
}, usernameField: 'email',
usernameField: 'email', passReqToCallback: false
passReqToCallback: false }, (profile, cb) => {
}, (profile, cb) => { profile.provider = 'ldap'
profile.provider = 'ldap' profile.id = profile.dn
profile.id = profile.dn wiki.db.User.processProfile(profile).then((user) => {
wiki.db.User.processProfile(profile).then((user) => { return cb(null, user) || true
return cb(null, user) || true }).catch((err) => {
}).catch((err) => { return cb(err, null) || true
return cb(err, null) || true })
}) }
} ))
))
}
} }

44
server/authentication/local.js
View File

@ -8,27 +8,25 @@
const LocalStrategy = require('passport-local').Strategy const LocalStrategy = require('passport-local').Strategy
module.exports = (passport) => { module.exports = (passport, conf) => {
if (wiki.config.auth.local && wiki.config.auth.local.enabled) { passport.use('local',
passport.use('local', new LocalStrategy({
new LocalStrategy({ usernameField: 'email',
usernameField: 'email', passwordField: 'password'
passwordField: 'password' }, (uEmail, uPassword, done) => {
}, (uEmail, uPassword, done) => { wiki.db.User.findOne({ email: uEmail, provider: 'local' }).then((user) => {
wiki.db.User.findOne({ email: uEmail, provider: 'local' }).then((user) => { if (user) {
if (user) { return user.validatePassword(uPassword).then(() => {
return user.validatePassword(uPassword).then(() => { return done(null, user) || true
return done(null, user) || true }).catch((err) => {
}).catch((err) => { return done(err, null)
return done(err, null) })
}) } else {
} else { return done(new Error('INVALID_LOGIN'), null)
return done(new Error('INVALID_LOGIN'), null) }
} }).catch((err) => {
}).catch((err) => { done(err, null)
done(err, null) })
}) }
} ))
))
}
} }

30
server/authentication/microsoft.js
View File

@ -8,20 +8,18 @@
const WindowsLiveStrategy = require('passport-windowslive').Strategy const WindowsLiveStrategy = require('passport-windowslive').Strategy
module.exports = (passport) => { module.exports = (passport, conf) => {
if (wiki.config.auth.microsoft && wiki.config.auth.microsoft.enabled) { passport.use('windowslive',
passport.use('windowslive', new WindowsLiveStrategy({
new WindowsLiveStrategy({ clientID: conf.clientId,
clientID: wiki.config.auth.microsoft.clientId, clientSecret: conf.clientSecret,
clientSecret: wiki.config.auth.microsoft.clientSecret, callbackURL: conf.callbackURL
callbackURL: wiki.config.host + '/login/ms/callback' }, function (accessToken, refreshToken, profile, cb) {
}, function (accessToken, refreshToken, profile, cb) { wiki.db.User.processProfile(profile).then((user) => {
wiki.db.User.processProfile(profile).then((user) => { return cb(null, user) || true
return cb(null, user) || true }).catch((err) => {
}).catch((err) => { return cb(err, null) || true
return cb(err, null) || true })
}) }
} ))
))
}
} }

30
server/authentication/slack.js
View File

@ -8,20 +8,18 @@
const SlackStrategy = require('passport-slack').Strategy const SlackStrategy = require('passport-slack').Strategy
module.exports = (passport) => { module.exports = (passport, conf) => {
if (wiki.config.auth.slack && wiki.config.auth.slack.enabled) { passport.use('slack',
passport.use('slack', new SlackStrategy({
new SlackStrategy({ clientID: conf.clientId,
clientID: wiki.config.auth.slack.clientId, clientSecret: conf.clientSecret,
clientSecret: wiki.config.auth.slack.clientSecret, callbackURL: conf.callbackURL
callbackURL: wiki.config.host + '/login/slack/callback' }, (accessToken, refreshToken, profile, cb) => {
}, (accessToken, refreshToken, profile, cb) => { wiki.db.User.processProfile(profile).then((user) => {
wiki.db.User.processProfile(profile).then((user) => { return cb(null, user) || true
return cb(null, user) || true }).catch((err) => {
}).catch((err) => { return cb(err, null) || true
return cb(err, null) || true })
}) }
} ))
))
}
} }

3
server/controllers/uploads.js
View File

@ -2,6 +2,9 @@
/* global wiki */ /* global wiki */
module.exports = false
return
const express = require('express') const express = require('express')
const router = express.Router() const router = express.Router()

6
server/master.js
View File

@ -147,7 +147,7 @@ module.exports = Promise.join(
app.use('/graphql', graphqlApollo.graphqlExpress({ schema: graphqlSchema })) app.use('/graphql', graphqlApollo.graphqlExpress({ schema: graphqlSchema }))
app.use('/graphiql', graphqlApollo.graphiqlExpress({ endpointURL: '/graphql' })) app.use('/graphiql', graphqlApollo.graphiqlExpress({ endpointURL: '/graphql' }))
app.use('/uploads', mw.auth, ctrl.uploads) // app.use('/uploads', mw.auth, ctrl.uploads)
app.use('/admin', mw.auth, ctrl.admin) app.use('/admin', mw.auth, ctrl.admin)
app.use('/', mw.auth, ctrl.pages) app.use('/', mw.auth, ctrl.pages)
@ -173,7 +173,7 @@ module.exports = Promise.join(
// Start HTTP server // Start HTTP server
// ---------------------------------------- // ----------------------------------------
wiki.logger.info('Starting HTTP/WS server on port ' + wiki.config.port + '...') wiki.logger.info(`HTTP/WS Server on port: ${wiki.config.port}`)
app.set('port', wiki.config.port) app.set('port', wiki.config.port)
var server = http.createServer(app) var server = http.createServer(app)
@ -199,7 +199,7 @@ module.exports = Promise.join(
}) })
server.on('listening', () => { server.on('listening', () => {
wiki.logger.info('HTTP/WS server started successfully! [RUNNING]') wiki.logger.info('HTTP/WS Server: RUNNING')
}) })
// ---------------------------------------- // ----------------------------------------

28
server/modules/auth.js
View File

@ -2,9 +2,9 @@
/* global wiki */ /* global wiki */
const fs = require('fs') const _ = require('lodash')
module.exports = function (passport) { module.exports = (passport) => {
// Serialization user methods // Serialization user methods
passport.serializeUser(function (user, done) { passport.serializeUser(function (user, done) {
@ -24,12 +24,28 @@ module.exports = function (passport) {
}) })
}) })
// Create users for first-time // Load authentication strategies
return wiki.db.User.findOne({ provider: 'local', email: 'guest@example.com' }).then((c) => { wiki.config.authStrategies = {
list: _.pickBy(wiki.config.auth, strategy => strategy.enabled),
socialEnabled: (_.chain(wiki.config.auth).omit('local').filter(['enabled', true]).value().length > 0)
}
_.forOwn(wiki.config.authStrategies.list, (strategyConfig, strategyName) => {
strategyConfig.callbackURL = `${wiki.config.site.host}/login/${strategyName}/callback`
require(`../authentication/${strategyName}`)(passport, strategyConfig)
wiki.logger.info(`Authentication Provider ${_.upperFirst(strategyName)}: OK`)
})
// Create Guest account for first-time
return wiki.db.User.findOne({
where: {
provider: 'local',
email: 'guest@example.com'
}
}).then((c) => {
if (c < 1) { if (c < 1) {
// Create guest account
return wiki.db.User.create({ return wiki.db.User.create({
provider: 'local', provider: 'local',
email: 'guest@example.com', email: 'guest@example.com',

11
server/modules/config.js
View File

@ -57,17 +57,6 @@ module.exports = {
// List authentication strategies // List authentication strategies
wiki.config = appconfig wiki.config = appconfig
wiki.data = appdata wiki.data = appdata
// List authentication strategies
// appconfig.authStrategies = {
// list: _.filter(appconfig.auth, ['enabled', true]),
// socialEnabled: (_.chain(appconfig.auth).omit('local').filter(['enabled', true]).value().length > 0)
// }
// if (appconfig.authStrategies.list.length < 1) {
// console.error(new Error('You must enable at least 1 authentication strategy!'))
// process.exit(1)
// }
}, },
/** /**

2
server/modules/db.js
View File

@ -41,7 +41,7 @@ module.exports = {
// Attempt to connect and authenticate to DB // Attempt to connect and authenticate to DB
self.inst.authenticate().then(() => { self.inst.authenticate().then(() => {
wiki.logger.info('Connected to PostgreSQL database.') wiki.logger.info('Database (PostgreSQL) connection: OK')
}).catch(err => { }).catch(err => {
wiki.logger.error('Failed to connect to MongoDB instance.') wiki.logger.error('Failed to connect to MongoDB instance.')
return err return err

4
server/modules/disk.js
View File

@ -94,8 +94,6 @@ module.exports = {
* Creates a base directories (Synchronous). * Creates a base directories (Synchronous).
*/ */
createBaseDirectories () { createBaseDirectories () {
wiki.logger.info('Checking data directories...')
try { try {
fs.ensureDirSync(path.resolve(wiki.ROOTPATH, wiki.config.paths.data)) fs.ensureDirSync(path.resolve(wiki.ROOTPATH, wiki.config.paths.data))
fs.emptyDirSync(path.resolve(wiki.ROOTPATH, wiki.config.paths.data)) fs.emptyDirSync(path.resolve(wiki.ROOTPATH, wiki.config.paths.data))
@ -117,7 +115,7 @@ module.exports = {
wiki.logger.error(err) wiki.logger.error(err)
} }
wiki.logger.info('Data and Repository directories are OK.') wiki.logger.info('Disk Data Paths: OK')
}, },
/** /**

6
server/modules/git.js
View File

@ -71,8 +71,6 @@ module.exports = {
_initRepo() { _initRepo() {
let self = this let self = this
wiki.logger.info('Checking Git repository...')
// -> Check if path is accessible // -> Check if path is accessible
return fs.mkdirAsync(self._repo.path).catch((err) => { return fs.mkdirAsync(self._repo.path).catch((err) => {
@ -92,7 +90,7 @@ module.exports = {
}) })
}).then(() => { }).then(() => {
if (wiki.config.git === false) { if (wiki.config.git === false) {
wiki.logger.info('Remote Git syncing is disabled. Not recommended!') wiki.logger.warn('Remote Git syncing is disabled. Not recommended!')
return Promise.resolve(true) return Promise.resolve(true)
} }
@ -132,7 +130,7 @@ module.exports = {
wiki.logger.error('Git remote error!') wiki.logger.error('Git remote error!')
throw err throw err
}).then(() => { }).then(() => {
wiki.logger.info('Git repository is OK.') wiki.logger.info('Git Repository: OK')
return true return true
}) })
}, },