73 lines
1.6 KiB
JavaScript
73 lines
1.6 KiB
JavaScript
var express = require('express');
|
|
var router = express.Router();
|
|
var passport = require('passport');
|
|
var ExpressBrute = require('express-brute');
|
|
var ExpressBruteRedisStore = require('express-brute-redis');
|
|
var moment = require('moment');
|
|
|
|
/**
|
|
* Setup Express-Brute
|
|
*/
|
|
var EBstore = new ExpressBruteRedisStore({
|
|
prefix: 'bf:',
|
|
client: red
|
|
});
|
|
var bruteforce = new ExpressBrute(EBstore, {
|
|
freeRetries: 5,
|
|
minWait: 60 * 1000,
|
|
maxWait: 5 * 60 * 1000,
|
|
refreshTimeoutOnRequest: false,
|
|
failCallback(req, res, next, nextValidRequestDate) {
|
|
req.flash('alert', {
|
|
class: 'error',
|
|
title: 'Too many attempts!',
|
|
message: "You've made too many failed attempts in a short period of time, please try again " + moment(nextValidRequestDate).fromNow() + '.',
|
|
iconClass: 'fa-times'
|
|
});
|
|
res.redirect('/login');
|
|
}
|
|
});
|
|
|
|
/**
|
|
* Login form
|
|
*/
|
|
router.get('/login', function(req, res, next) {
|
|
res.render('auth/login', {
|
|
usr: res.locals.usr
|
|
});
|
|
});
|
|
|
|
router.post('/login', bruteforce.prevent, function(req, res, next) {
|
|
passport.authenticate('local', function(err, user, info) {
|
|
|
|
if (err) { return next(err); }
|
|
|
|
if (!user) {
|
|
req.flash('alert', {
|
|
class: 'error',
|
|
title: 'Invalid login',
|
|
message: "The email or password is invalid.",
|
|
iconClass: 'fa-times'
|
|
});
|
|
return res.redirect('/login');
|
|
}
|
|
|
|
req.logIn(user, function(err) {
|
|
if (err) { return next(err); }
|
|
req.brute.reset(function () {
|
|
return res.redirect('/');
|
|
});
|
|
});
|
|
|
|
})(req, res, next);
|
|
});
|
|
|
|
/**
|
|
* Logout
|
|
*/
|
|
router.get('/logout', function(req, res) {
|
|
req.logout();
|
|
res.redirect('/');
|
|
});
|
|
|
|
module.exports = router; |