Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Some missed "hungarian apps" notation for function parm prefixing #273

Merged
merged 2 commits into from
Jul 24, 2014
Merged

Some missed "hungarian apps" notation for function parm prefixing #273

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d2aecac
Some missed "hungarian apps" notation.
Jul 24, 2014
dffd532
Merge branch 'master' into missedArefs
Jul 24, 2014
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
102 changes: 51 additions & 51 deletions controllers/auth.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,153 +12,153 @@ var cleanFilename = require('../libs/helpers').cleanFilename;
var addSession = require('../libs/modifySessions').add;

// Unused but removing it breaks passport
passport.serializeUser(function (user, done) {
done(null, user._id);
passport.serializeUser(function (aUser, aDone) {
aDone(null, aUser._id);
});

// Setup all our auth strategies
var openIdStrategies = {};
Strategy.find({}, function (err, strategies) {
Strategy.find({}, function (aErr, aStrategies) {

// Get OpenId strategies
for (var name in allStrategies) {
if (!allStrategies[name].oauth) {
openIdStrategies[name] = true;
strategies.push({ 'name': name, 'openid': true });
aStrategies.push({ 'name': name, 'openid': true });
}
}

// Load the passport module for each strategy
strategies.forEach(function (strategy) {
loadPassport(strategy);
aStrategies.forEach(function (aStrategy) {
loadPassport(aStrategy);
});
});

exports.auth = function (req, res, next) {
var user = req.session.user;
var strategy = req.body.auth || req.route.params.strategy;
var username = req.body.username || req.session.username;
exports.auth = function (aReq, aRes, aNext) {
var user = aReq.session.user;
var strategy = aReq.body.auth || aReq.route.params.strategy;
var username = aReq.body.username || aReq.session.username;

function auth() {
var authenticate = passport.authenticate(strategy);

// Just in case some dumbass tries a bad /auth/* url
if (!strategyInstances[strategy]) { return next(); }
if (!strategyInstances[strategy]) { return aNext(); }

authenticate(req, res);
authenticate(aReq, aRes);
}

// Allow a logged in user to add a new strategy
if (strategy && user) {
req.session.username = user.name;
aReq.session.username = user.name;
return auth();
} else if (user) {
return next();
return aNext();
}

if (!username) { return res.redirect('/register?noname'); }
if (!username) { return aRes.redirect('/register?noname'); }
// Clean the username of leading and trailing whitespace,
// and other stuff that is unsafe in a url
username = cleanFilename(username.replace(/^\s+|\s+$/g, ''));

// The username could be empty after the replacements
if (!username) { return res.redirect('/register?noname'); }
if (!username) { return aRes.redirect('/register?noname'); }

// Store the username in the session so we still have it when they
// get back from authentication
if (!req.session.username) {
req.session.username = username;
if (!aReq.session.username) {
aReq.session.username = username;
}

User.findOne({ name: { $regex: new RegExp('^' + username + '$', 'i') } },
function (err, user) {
function (aErr, aUser) {
var strategies = null;
var strat = null;

if (user) {
strategies = user.strategies;
if (aUser) {
strategies = aUser.strategies;
strat = strategies.pop();

if (req.session.newstrategy) { // authenticate with a new strategy
delete req.session.newstrategy;
if (aReq.session.newstrategy) { // authenticate with a new strategy
delete aReq.session.newstrategy;
} else if (!strategy) { // use an existing strategy
strategy = strat;
} else if (strategies.indexOf(strategy) === -1) {
// add a new strategy but first authenticate with existing strategy
req.session.newstrategy = strategy;
aReq.session.newstrategy = strategy;
strategy = strat;
} // else use the strategy that was given in the POST
}

if (!strategy) {
return res.redirect('/register');
return aRes.redirect('/register');
} else {
return auth();
}
});
};

exports.callback = function (req, res, next) {
var strategy = req.route.params.strategy;
var username = req.session.username;
var newstrategy = req.session.newstrategy;
exports.callback = function (aReq, aRes, aNext) {
var strategy = aReq.route.params.strategy;
var username = aReq.session.username;
var newstrategy = aReq.session.newstrategy;
var strategyInstance = null;
var doneUrl = req.session.user ? '/user/edit' : '/';
var doneUrl = aReq.session.user ? '/user/edit' : '/';

// The callback was called improperly
if (!strategy || !username) { return next(); }
if (!strategy || !username) { return aNext(); }

// Get the passport strategy instance so we can alter the _verfiy method
strategyInstance = strategyInstances[strategy];

// Hijak the private verify method so we can fuck shit up freely
// We use this library for things it was never intended to do
if (openIdStrategies[strategy]) {
strategyInstance._verify = function (id, done) {
verifyPassport(id, strategy, username, req.session.user, done);
strategyInstance._verify = function (aId, aDone) {
verifyPassport(aId, strategy, username, aReq.session.user, aDone);
}
} else {
strategyInstance._verify =
function (token, refreshOrSecretToken, profile, done) {
req.session.profile = profile;
verifyPassport(profile.id, strategy, username, req.session.user, done);
function (aToken, aRefreshOrSecretToken, aProfile, aDone) {
aReq.session.profile = aProfile;
verifyPassport(aProfile.id, strategy, username, aReq.session.user, aDone);
}
}

// This callback will happen after the verify routine
var authenticate = passport.authenticate(strategy, function (err, user, info) {
if (err) { return next(err); }
if (!user) {
return res.redirect(doneUrl + (doneUrl === '/' ? 'register' : '')
var authenticate = passport.authenticate(strategy, function (aErr, aUser, aInfo) {
if (aErr) { return aNext(aErr); }
if (!aUser) {
return aRes.redirect(doneUrl + (doneUrl === '/' ? 'register' : '')
+ '?authfail');
}

req.logIn(user, function (err) {
if (err) { return next(err); }
aReq.logIn(aUser, function (aErr) {
if (aErr) { return aNext(aErr); }

// Store the user info in the session
req.session.user = user;
aReq.session.user = aUser;

// Save the session id on the user model
user.sessionId = req.sessionID;
aUser.sessionId = aReq.sessionID;

// Save GitHub username.
if (req.session.profile && req.session.profile.provider === 'github') {
user.ghUsername = req.session.profile.username;
if (aReq.session.profile && aReq.session.profile.provider === 'github') {
aUser.ghUsername = aReq.session.profile.username;
}

addSession(req, user, function () {
addSession(aReq, aUser, function () {
if (newstrategy) {
// Allow a user to link to another acount
return res.redirect('/auth/' + newstrategy);
return aRes.redirect('/auth/' + newstrategy);
} else {
// Delete the username that was temporarily stored
delete req.session.username;
return res.redirect(doneUrl);
delete aReq.session.username;
return aRes.redirect(doneUrl);
}
});
});
});

authenticate(req, res, next);
authenticate(aReq, aRes, aNext);
}