API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 27th, 2016
105
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.04 KB | None | 0 0
raw download clone embed print report
  1. // config/passport.js
  2. var LocalStrategy = require('passport-local').Strategy;
  3. var FacebookStrategy = require('passport-facebook').Strategy;
  4. var User = require('../models/user');
  5. var configAuth = require('./auth');
  6. module.exports = function(passport) {
  7.  
  8. // passport session setup ==================================================
  9. // required for persistent login sessions
  10. // passport needs ability to serialize and unserialize users out of session
  11.  
  12. // used to serialize the user for the session
  13. passport.serializeUser(function(user, done) {
  14. done(null, user.id);
  15. });
  16.  
  17. // used to deserialize the user
  18. passport.deserializeUser(function(id, done) {
  19. User.findById(id, function(err, user) {
  20. done(err, user);
  21. });
  22. });
  23.  
  24. // FACEBOOK ================================================================
  25. passport.use(new FacebookStrategy({
  26.  
  27. // pull in our app id and secret from our auth.js file
  28. clientID : configAuth.facebookAuth.clientID,
  29. clientSecret : configAuth.facebookAuth.clientSecret,
  30. callbackURL : configAuth.facebookAuth.callbackURL,
  31. passReqToCallback : true,
  32. profileFields :['id', 'name', 'emails']
  33. },
  34.  
  35. // 處理 facebook 回傳的 token & 個人資料
  36. function(req, token, refreshToken, profile, done) {
  37.  
  38. process.nextTick(function() {
  39. if(!req.user){
  40. // 在 DB 找 facebook id
  41. User.findOne({ 'facebook.id' : profile.id }, function(err, user) {
  42.  
  43. if (err)
  44. return done(err);
  45.  
  46.  
  47. if (user) {
  48.  
  49. if (!user.facebook.token) {
  50. user.facebook.token = token;
  51. user.facebook.name = profile.name.givenName + ' ' + profile.name.familyName;
  52. user.facebook.email = profile.emails[0].value;
  53.  
  54. user.save(function(err) {
  55. if (err)
  56. throw err;
  57. return done(null, user);
  58. });
  59. }
  60. return done(null, user); // user found, return that user
  61. } else {
  62. // 如果沒有該USER則新增
  63. var newUser = new User();
  64.  
  65. // set all of the facebook information in our user model
  66. newUser.facebook.id = profile.id;
  67. newUser.facebook.token = token;
  68. newUser.facebook.name = profile.name.familyName + ' ' + profile.name.givenName;
  69. newUser.facebook.email = profile.emails[0].value;
  70.  
  71. newUser.save(function(err) {
  72. if (err)
  73. throw err;
  74. return done(null, newUser);
  75. });
  76. }
  77.  
  78. });
  79. }else{
  80. // user already exists and is logged in, we have to link accounts
  81. var user = req.user; // pull the user out of the session
  82.  
  83. // update the current users facebook credentials
  84. user.facebook.id = profile.id;
  85. user.facebook.token = token;
  86. user.facebook.name = profile.name.givenName + ' ' + profile.name.familyName;
  87. user.facebook.email = profile.emails[0].value;
  88.  
  89. // save the user
  90. user.save(function(err) {
  91. if (err)
  92. throw err;
  93. return done(null, user);
  94. });
  95.  
  96.  
  97. }
  98. });
  99.  
  100. }));
  101. // LOCAL 註冊 ============================================================
  102.  
  103. passport.use('local-signup', new LocalStrategy({
  104. usernameField : 'email',
  105. passwordField : 'password',
  106. passReqToCallback : true
  107. },
  108. function(req, email, password, done) {
  109.  
  110. process.nextTick(function() {
  111.  
  112. User.findOne({'local.email' : email}, function(err, user) {
  113. if (err)
  114. return done(err);
  115.  
  116. if (user) {
  117. return done(null, false, req.flash('signupMessage', 'That email is already taken.'));
  118. } else {
  119.  
  120. var newUser = new User();
  121. newUser.local.email = email;
  122. newUser.local.password = newUser.generateHash(password);
  123. newUser.save(function(err) {
  124. if (err)
  125. throw err;
  126. return done(null, newUser);
  127. });
  128. }
  129.  
  130. });
  131.  
  132. });
  133.  
  134. }));
  135. // LOCAL 帳號綁定 ============================================================
  136. passport.use('local-connect', new LocalStrategy({
  137. usernameField : 'email',
  138. passwordField : 'password',
  139. passReqToCallback : true
  140. },
  141. function(req, email, password, done) {
  142.  
  143. process.nextTick(function() {
  144.  
  145. User.findOne({$or :[{'local.email' : email}, {'facebook.email' : email}]}, function(err, user) {
  146. if (err)
  147. return done(err);
  148.  
  149. if (user && user.local.email == email) {
  150. return done(null, false, req.flash('signupMessage', 'That email is already taken.'));
  151. } else {
  152. var connect_user;
  153. if(user.facebook.email == email){
  154. connect_user = user;
  155.  
  156. }else{
  157. connect_user = new User();
  158.  
  159. }
  160. connect_user.local.email = email;
  161. connect_user.local.password = connect_user.generateHash(password);
  162. connect_user.save(function(err) {
  163. if (err) throw err;
  164. return done(null, connect_user);
  165. });
  166. }
  167. });
  168.  
  169. });
  170.  
  171. }));
  172. // =========================================================================
  173. // LOCAL LOGIN =============================================================
  174. // =========================================================================
  175. // we are using named strategies since we have one for login and one for signup
  176. // by default, if there was no name, it would just be called 'local'
  177.  
  178. passport.use('local-login', new LocalStrategy({
  179. // by default, local strategy uses username and password, we will override with email
  180. usernameField : 'email',
  181. passwordField : 'password',
  182. passReqToCallback : true // allows us to pass back the entire request to the callback
  183. },
  184. function(req, email, password, done) { // callback with email and password from our form
  185.  
  186. // find a user whose email is the same as the forms email
  187. // we are checking to see if the user trying to login already exists
  188. User.findOne({ 'local.email' : email}, function(err, user) {
  189. // if there are any errors, return the error before anything else
  190. if (err)
  191. return done(err);
  192.  
  193. // if no user is found, return the message
  194. if (!user)
  195. return done(null, false, req.flash('loginMessage', 'No user found.')); // req.flash is the way to set flashdata using connect-flash
  196.  
  197. // if the user is found but the password is wrong
  198. if (!user.validPassword(password))
  199. return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.')); // create the loginMessage and save it to session as flashdata
  200.  
  201. // all is well, return successful user
  202. return done(null, user);
  203. });
  204.  
  205. }));
  206.  
  207.  
  208. };
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!