From 8934e632ad6f58dc057ec34d766f4017563d0e43 Mon Sep 17 00:00:00 2001
From: Guillaume WANG <guillaume.wang@polytechnique.edu>
Date: Wed, 2 May 2018 04:48:32 +0200
Subject: [PATCH] changed some more stuff
---
README.md | 2 +-
src/auth.js | 11 +++---
src/server.js | 96 +++++++++++++++++++++++++++++++++++----------------
3 files changed, 75 insertions(+), 34 deletions(-)
diff --git a/README.md b/README.md
index 9c1df86..fc00cb7 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ Pour obtenir une copie de ce dépôt, clonez-le avec
ou `git clone https://gitlab.binets.fr/br/sigma-backend.git`, puis installez les dépendences JavaScript avec `npm install`.
-A terme, ce projet doit tourné sur un serveur de l'école polytechnique et fournir à un serveur front *au code séparé et documenté séparément* toute les données nécessaires à son bon fonctionnement (authentification, appartenance à un groupe, droits de visibilité...).
+A terme, ce projet doit tourner sur un serveur de l'Ecole polytechnique et fournir à un serveur frontend *au code séparé et documenté séparément* toute les données nécessaires à son bon fonctionnement (authentification, appartenance à un groupe, droits de visibilité...). Le dépôt pour le serveur front se trouve ici : https://gitlab.binets.fr/br/sigma-frontend (on l'appellera indifferemment serveur front, front ou frontend...)
Ce document détaille les différentes dépendances du projet, sa structure générale, détaille un peu plus des éléments sur la base de données et la documentation ; le code est également commenté en détail.
diff --git a/src/auth.js b/src/auth.js
index 5e7d43e..424bca8 100644
--- a/src/auth.js
+++ b/src/auth.js
@@ -35,10 +35,12 @@ passport.use(new LdapStrategy({
},
//usernameField: 'username', // Field name where the username is found, defaults to username
- //passwordField: 'password', // Field name where the pas sword is found, defaults to password
+ //passwordField: 'password', // Field name where the password is found, defaults to password
- // LdapStrategy has a default verify callback ! j'ai perdu plein de temps pour rien :'(
- // cf. https://github.com/vesse/passport-ldapauth/blob/master/lib/passport-ldapauth/strategy.js, line 195 (` var verify = function() { ... } `)
+ // given how LdapStrategy is coded, it is not necessary to do a verify callback
+ // https://github.com/vesse/passport-ldapauth/blob/master/lib/passport-ldapauth/strategy.js#L230
+ // (note that LdapStrategy has no default verify callback, the "verify" function (L105) is actually the "done" function that is called by the verify callback if we choose to make one)
+ // we leave this commented out as a template for future use
/*
function (user, done) {
// "verify callback", called after each passport.authenticate(...),
@@ -61,12 +63,13 @@ passport.use(new LdapStrategy({
//toujours bon a savoir pour faire des tests:
//The result of the serializeUser method is attached to the session as req.session.passport.user
passport.serializeUser(function (user, done) {
- console.log(`serializing user ${user.uid}`); // DEBUG
+ console.log(`passport.serializeUser(): serializing user ${user.uid}`); // DEBUG
done(null, user.uid);
});
//The first argument of deserializeUser corresponds to the key of the user object that was given to the done function in serializeUser
//The fetched object is attached to the request object as req.user (available in all subsequent middleware)
passport.deserializeUser(function (userUid, done) {
+ console.log(`passport.deserializeUser(): deserializing user ${userUid}`); // DEBUG
done(null, { uid: userUid });
});
\ No newline at end of file
diff --git a/src/server.js b/src/server.js
index efc9658..eb7cad5 100644
--- a/src/server.js
+++ b/src/server.js
@@ -37,8 +37,6 @@ app.use(cookieParser());
const configPath = path.resolve('./', 'ldap_config.json');
const config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
-/* CONFIGURATION DE L'AUTHENTIFICATION*/
-
// Config de passport : le "import './auth';" plus haut execute la configuration de l'objet passport. cf, donc, auth.js
// Définit les paramètres de stockage des sessions.
@@ -51,32 +49,6 @@ app.use(passport.initialize());
app.use(passport.session());
-app.post('/login', (req, res, next) => {
- passport.authenticate('ldapauth', (err, user, info) => {
- if (err) return next(err); // handle error
- else if (!user) {
- return res.json(403, { message: "Not authenticated." });
- }
-
- req.login(user, (err) => {
- if (err) {
- console.log(err);
- return err;
- }
-
- // if request asks for a json, reply with a token
- // else redirect to admin panel
- (req.header('accept') == 'application/json')
- ? res.json({
- message: 'Authentication succeeded.'
- })
- : res.redirect('/admin');
-
- });
- })(req, res, next);
-});
-/* FIN DE CONFIG DE L'AUTH. */
-
// cache le fait que l'application tourne sous Express dans le header HTTP.
app.disable('x-powered-by');
@@ -126,6 +98,71 @@ const addUser = async (req, res, next) => {
app.use(addUser);
*/
+
+
+
+//endpoint for frontend's authentication requests
+
+//with custom callback:
+//http://www.passportjs.org/docs/authenticate/#custom-callback
+// http://toon.io/understanding-passportjs-authentication-flow/
+
+app.post('/login', (req, res, next) => {
+ passport.authenticate('ldapauth', (err, user, info) => {
+ // If an exception occurred
+ if (err) {
+ console.log(err);
+ return res.status(err.status).json({
+ message: "Exception raised in backend process during authentication: " + err,
+ authSucceeded: false
+ });
+ // return next(err); // handle error? or drop request and answer with res.json()?
+ }
+ // If authentication failed, user will be set to false
+ if (!user) {
+ return res.status(401).json({
+ message: "Authentication failed: " + info.message,
+ authSucceeded: false
+ });
+ }
+
+ req.login(user, (err) => {
+ // If an exception occurred at login
+ if (err) {
+ console.log(err);
+ return res.status(err.status).json({
+ message: "Exception raised in backend process during login: " + err,
+ authSucceeded: false
+ });
+ // return next(err); // handle error? or drop request and answer with res.json()?
+ }
+ // If all went well
+ res.json({
+ message: 'Authentication succeeded',
+ authSucceeded: true
+ });
+ });
+ })(req, res, next);
+});
+
+//without custom callback:
+/*
+// http://toon.io/understanding-passportjs-authentication-flow/
+app.post('/login',
+ passport.authenticate('ldapauth'),
+ function (req, res) {
+ // If this function gets called, authentication was successful.
+ // `req.user` contains the authenticated user.
+ console.log("Frontend authentication succeeded");
+ res.json({
+ message: 'Authentication succeeded',
+ authSucceeded: true
+ });
+ }
+);
+*/
+
+
app.use('/graphql',
bodyParser.json(), // parse incoming HTTP request (req) as a JSON
graphqlHTTP(async (req, res, params) => {
@@ -133,8 +170,9 @@ app.use('/graphql',
let uid;
let password;
+ console.log("Responding to graphql request...");
console.log(`User ${req.user ? req.user.uid : "none"}`);
- console.log("User authenticated:",req.isAuthenticated());
+ console.log("User is authenticated:",req.isAuthenticated());
if(req.isAuthenticated()) {
try {
--
GitLab