const passport = require('passport'), LocalStrategy = require('passport-loc

1. const passport = require('passport'),
2. LocalStrategy = require('passport-local').Strategy;
3. const bodyParser = require('body-parser');
4. const jwt = require('jsonwebtoken');
5. const FacebookStrategy = require('passport-facebook');
6. const GoogleStrategy = require('passport-google-oauth2');
7. var config = require('./oauthCredentials.js');
8. var Account = require('./models/account');
9. var express = require('express');
10. var auth = require('passport-local-authenticate');
11. var testRoutes = express.Router();
12.  
13. // TODO: add password change route
14. // TODO: make sure users don't register with empty password
15. // TODO: token verieferen en routes uitbreiden (Brian)
16.  
17. module.exports = function(app) {
18. //checks (with request parameter) if user is logged in
19. function isAuthenticated(req, res, next) {
20. if (req.user) {
21. return next();
22. }
23.  
24. res.render('login', {
25. info: "Please login"
26. })
27. }
28.  
29. //renders the homepage
30. app.get('/', function(req, res) {
31. console.log('user: ' + req.user);
32. res.render('index', {
33. user: req.user
34. });
35. });
36.  
37. //renders register
38. app.get('/register', function(req, res) {
39. res.render('register', {});
40. });
41. //ADD PASSWORD CHANGE ROUTE
42. app.post('/addpassword', function(req, res) {
43. if(Account.password != "" || Account.password != null){
44. Account.password = res;
45. } else{
46. //Give error 'Geef een passwoord in"
47. }
48.  
49.  
50. });
51. //handles post on register
52. app.post('/register', function(req, res) {
53. Account.register(new Account({
54. username: req.body.username,
55. authenticationMethod: 'Local'
56. }),
57. req.body.password,
58. function(err, account) {
59. if (err) {
60. console.log("error: " + err);
61. return res.render('register', {
62. info: "Sorry. That username is already taken"
63. })
64. }
65.  
66. passport.authenticate('local')(req, res, function() {
67. res.redirect('/');
68. });
69. });
70. });
71.  
72. //renders login page
73. app.get('/login', function(req, res) {
74. res.render('login', {
75. user: req.user
76. });
77. });
78.  
79. // --> https://github.com/jaredhanson/passport-local && https://github.com/passport/express-4.x-local-example
80.  
81. passport.use(new LocalStrategy(
82. function(username, password, done) {
83. console.log(username + " + " + password);
84. Account.findOne({ username: username }, function (err, user) {
85. if (err) { return done(err); }
86. if (!user) { return done(null, false); }
87. if (!user.validPassword(password)) { return done(null, false); }
88. return done(null, user);
89. });
90. }
91. ));
92.  
93. app.post('/login', passport.authenticate('local', { successRedirect: '/', failureRedirect: '/login', failureFlash: true }),
94. function(req, res) {
95. res.redirect('/');
96. }
97. );
98.  
99.  
100. //renders logout page
101. app.get('/logout', function(req, res) {
102. if (req.user.authenticationMethod === "Facebook") {
103. console.log('https://www.facebook.com/logout.php?next=127.0.0.1:1337/logout&access_token=' + req.user.facebokToken);
104. }
105. req.logout();
106. res.redirect('/');
107. });
108.  
109. //simple test page to check if user is logged in
110. app.get('/ping', isAuthenticated, function(req, res) {
111. res.send("pong!", 200);
112. });
113.  
114. //route to generate token for logged in users
115. // TODO: Edit token saving to delete old value
116. app.get('/authenticate', isAuthenticated, function(req, res) {
117. var user = new Account(req.user);
118. var token = jwt.sign(user, 'ilovechocolate', {
119. expiresIn: 1440
120. });
121. user.token = "";
122. user.token = token;
123.  
124. res.json({
125. user: req.user.username,
126. success: true,
127. message: 'Enjoy your token',
128. token: token,
129. tokenCreationDate: Date.now(),
130. tokenExpireDate: tokenCreationDate + 30
131. });
132. user.tokenCreationDate = Date.now();
133. user.tokenExpireDate = tokenCreationDate + 30;
134. user.save();
135. });
136.  
137. // Passport Strategies
138. passport.use(new FacebookStrategy({
139. clientID: config.facebook.clientID,
140. clientSecret: config.facebook.clientSecret,
141. callbackURL: config.facebook.callbackURL
142. },
143. function(accessToken, refreshToken, profile, done) {
144. Account.findOne({
145. socialLoginId: profile.id
146. }, function(err, user) {
147. if (err) {
148. console.log(err);
149. }
150. if (!err && user !== null) {
151. done(null, user);
152. } else {
153. account = new Account({
154. username: "" + profile.id,
155. socialUsername: profile.displayName,
156. socialLoginId: profile.id,
157. created: Date.now(),
158. authenticationMethod: "Facebook",
159. facebokToken: accessToken
160. });
161. account.save(function(err) {
162. if (err) {
163. console.log(err);
164. } else {
165. console.log("saving user");
166. done(null, user);
167. }
168. })
169. }
170. })
171. }
172. ));
173.  
174. passport.use(new GoogleStrategy({
175. clientID: config.google.clientID,
176. clientSecret: config.google.clientSecret,
177. callbackURL: config.google.callbackURL,
178. passReqToCallback: true
179. },
180. function(request, accessToken, refreshToken, profile, done) {
181. Account.findOne({
182. socialLoginId: profile.id
183. }, function(err, user) {
184. if (err) {
185. console.log(err);
186. }
187. if (!err && user !== null) {
188. done(null, user);
189. } else {
190. account = new Account({
191. username: "" + profile.id,
192. socialUsername: profile.displayName,
193. socialLoginId: profile.id,
194. created: Date.now(),
195. authenticationMethod: "Google"
196. });
197. account.save(function(err) {
198. if (err) {
199. console.log(err);
200. } else {
201. console.log("saving user");
202. done(null, user);
203. }
204. })
205. }
206. })
207. }
208. ));
209.  
210. app.get('/auth/facebook',
211. passport.authenticate('facebook'),
212. function(req, res) {});
213.  
214. app.get('/auth/facebook/callback',
215. passport.authenticate('facebook', {
216. failureRedirect: '/'
217. }),
218. function(req, res) {
219. res.redirect('/');
220. });
221.  
222. app.get('/auth/google',
223. passport.authenticate('google', {
224. scope: [
225. 'https://www.googleapis.com/auth/plus.login'
226. ]
227. })
228. );
229.  
230. app.get('/auth/google/callback',
231. passport.authenticate('google', {
232. failureRedirect: '/'
233. }),
234. function(req, res) {
235. res.redirect('/');
236. });
237.  
238.  
239. testRoutes.use(function(req, res, next) {
240. var token = req.body.token || req.query.token || req.headers['x-access-token'];
241.  
242. if (token) {
243. jwt.verify(token, 'ilovechocolate', function(err, decoded) {
244. if (err) {
245. return res.json({
246. success: false,
247. message: 'Failed to authenticate token'
248. });
249. } else {
250. req.decoded = decoded;
251. next();
252. }
253. });
254. } else {
255. return res.status(403).send({
256. success: 'false',
257. message: 'No token provided'
258. });
259. }
260. });
261.  
262. testRoutes.get('/tokenTest', function(req, res) {
263. console.log('user: ' + req.user);
264. res.render('token', { });
265. });
266.  
267. app.use('/api', testRoutes);
268.  
269. app.use(function (req, res, next) {
270. res.status(404);
271. res.render('error', {});
272. })
273. };