codecombat/server/commons/auth.coffee

42 lines
1.5 KiB
CoffeeScript
Raw Normal View History

authentication = require 'passport'
LocalStrategy = require('passport-local').Strategy
User = require '../models/User'
config = require '../../server_config'
errors = require '../commons/errors'
module.exports.setup = ->
authentication.serializeUser((user, done) -> done(null, user._id))
authentication.deserializeUser((id, done) ->
User.findById(id, (err, user) -> done(err, user)))
if config.picoCTF
pico = require('../lib/picoctf');
authentication.use new pico.PicoStrategy()
return
authentication.use(new LocalStrategy(
(username, password, done) ->
# TODO: Add special iPad login endpoint. There was some logic here for the old, hacky method,
# but was removed for username login
q = { $or: [
{ emailLower: username.toLowerCase() }
{ slug: _.str.slugify(username) }
]}
User.findOne(q).exec((err, user) ->
return done(err) if err
if not user
return done(new errors.Unauthorized('not found', { errorID: 'not-found' }))
passwordReset = (user.get('passwordReset') or '').toLowerCase()
if passwordReset and password.toLowerCase() is passwordReset
User.update {_id: user.get('_id')}, {$unset: {passwordReset: ''}}, {}, ->
return done(null, user)
hash = User.hashPassword(password)
unless user.get('passwordHash') is hash
return done(new errors.Unauthorized('is wrong', { errorID: 'wrong-password' }))
return done(null, user)
)
))