wikijs-fork/controllers/auth.js
2016-08-16 23:56:08 -04:00

73 lines
1.6 KiB
JavaScript

var express = require('express');
var router = express.Router();
var passport = require('passport');
var ExpressBrute = require('express-brute');
var ExpressBruteRedisStore = require('express-brute-redis');
var moment = require('moment');
/**
* Setup Express-Brute
*/
var EBstore = new ExpressBruteRedisStore({
prefix: 'bf:',
client: red
});
var bruteforce = new ExpressBrute(EBstore, {
freeRetries: 5,
minWait: 60 * 1000,
maxWait: 5 * 60 * 1000,
refreshTimeoutOnRequest: false,
failCallback(req, res, next, nextValidRequestDate) {
req.flash('alert', {
class: 'error',
title: 'Too many attempts!',
message: "You've made too many failed attempts in a short period of time, please try again " + moment(nextValidRequestDate).fromNow() + '.',
iconClass: 'fa-times'
});
res.redirect('/login');
}
});
/**
* Login form
*/
router.get('/login', function(req, res, next) {
res.render('auth/login', {
usr: res.locals.usr
});
});
router.post('/login', bruteforce.prevent, function(req, res, next) {
passport.authenticate('local', function(err, user, info) {
if (err) { return next(err); }
if (!user) {
req.flash('alert', {
class: 'error',
title: 'Invalid login',
message: "The email or password is invalid.",
iconClass: 'fa-times'
});
return res.redirect('/login');
}
req.logIn(user, function(err) {
if (err) { return next(err); }
req.brute.reset(function () {
return res.redirect('/');
});
});
})(req, res, next);
});
/**
* Logout
*/
router.get('/logout', function(req, res) {
req.logout();
res.redirect('/');
});
module.exports = router;