Advertisement
Guest User

Untitled

a guest
Jul 19th, 2018
187
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. // config/passport.js
  2.  
  3. // load all the things we need
  4. var LocalStrategy   = require('passport-local').Strategy;
  5. var GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;
  6.  
  7. // load up the user model
  8. var mysql = require('mysql');
  9. var bcrypt = require('bcrypt-nodejs');
  10. var dbconfig = require('./database');
  11. var connection = mysql.createConnection(dbconfig.connection);
  12. connection.on('error', function(err){
  13.     console.error("MySQL Error: ", err);
  14. })
  15.  
  16. connection.query('USE ' + dbconfig.database);
  17. // expose this function to our app using module.exports
  18. module.exports = function(passport) {
  19.  
  20.     // =========================================================================
  21.     // passport session setup ==================================================
  22.     // =========================================================================
  23.     // required for persistent login sessions
  24.     // passport needs ability to serialize and unserialize users out of session
  25.  
  26.     // used to serialize the user for the session
  27.     passport.serializeUser(function(user, done) {
  28.         done(null, user.id);
  29.     });
  30.  
  31.     // used to deserialize the user
  32.     passport.deserializeUser(function(id, done) {
  33.         connection.query("SELECT * FROM users WHERE id = ? ",[id], function(err, rows){
  34.             if(err) console.error("Deserialization Error: ", err);
  35.             done(err, rows[0]);
  36.         });
  37.     });
  38.  
  39.     // =========================================================================
  40.     // LOCAL REGISTRATION ======================================================
  41.     // =========================================================================
  42.     // we are using named strategies since we have one for login and one for signup
  43.     // by default, if there was no name, it would just be called 'local'
  44.  
  45.     passport.use(
  46.         'local-signup',
  47.         new LocalStrategy({
  48.             // by default, local strategy uses username and password, we will override with email
  49.             usernameField : 'username',
  50.             passwordField : 'password',
  51.             passReqToCallback : true // allows us to pass back the entire request to the callback
  52.         },
  53.         function(req, username, password, done) {
  54.             // find a user whose email is the same as the forms email
  55.             // we are checking to see if the user trying to login already exists
  56.             connection.query("SELECT * FROM users WHERE username = ?",[username], function(err, rows) {
  57.                 if (err)
  58.                     return done(err);
  59.                 if (rows.length) {
  60.                     return done(null, false, req.flash('signupMessage', 'That username is already taken.'));
  61.                 } else {
  62.                     // if there is no user with that username
  63.                     // create the user
  64.                     var newUserMysql = {
  65.                         username: username,
  66.                         password: bcrypt.hashSync(password, null, null),  // use the generateHash function in our user model
  67.                         email: req.body.email,
  68.                         first_name: req.body.first_name,
  69.                         last_name: req.body.last_name,
  70.                         company: req.body.company,
  71.                         cryptos_experience: req.body.cryptos_experience
  72.                     };
  73.  
  74.                     console.log(newUserMysql);
  75.  
  76.                     var insertQuery = "INSERT INTO users ( username, password, email, first_name, last_name, company, cryptos_experience ) values (?, ?, ?, ?, ?, ?, ?)";
  77.  
  78.                     connection.query(insertQuery,[newUserMysql.username, newUserMysql.password, newUserMysql.email, newUserMysql.first_name, newUserMysql.last_name, newUserMysql.company, newUserMysql.cryptos_experience],
  79.                             function(err, rows) {
  80.                         newUserMysql.id = rows.insertId;
  81.                         req.session.passport.user = newUserMysql.id;
  82.                         return done(null, newUserMysql);
  83.                     });
  84.                 }
  85.             });
  86.         })
  87.     );
  88.  
  89.     // =========================================================================
  90.     // LOCAL LOGIN =============================================================
  91.     // =========================================================================
  92.     // we are using named strategies since we have one for login and one for signup
  93.     // by default, if there was no name, it would just be called 'local'
  94.  
  95.     passport.use(
  96.         'local-login',
  97.         new LocalStrategy({
  98.             // by default, local strategy uses username and password, we will override with email
  99.             usernameField : 'username',
  100.             passwordField : 'password',
  101.             passReqToCallback : true // allows us to pass back the entire request to the callback
  102.         },
  103.         function(req, username, password, done) { // callback with email and password from our form
  104.  
  105.             if(!password || password.length === 0)
  106.                 return done(null, false, req.flash('loginMessage', 'Password cannot be blank.'));
  107.  
  108.             connection.query("SELECT * FROM users WHERE username = ?",[username], function(err, rows){
  109.                 if (err)
  110.                     return done(err);
  111.                 if (!rows.length) {
  112.                     return done(null, false, req.flash('loginMessage', 'No user found.')); // req.flash is the way to set flashdata using connect-flash
  113.                 }
  114.  
  115.                 // if the user is found but the password is wrong
  116.                 if (!bcrypt.compareSync(password, rows[0].password))
  117.                     return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.')); // create the loginMessage and save it to session as flashdata
  118.                 if (rows[0].verified == '0') {
  119.                     req.not_verified = true;
  120.                         return done(null, false, req.flash('notVerified', rows[0])); // create the loginMessage and save it to session as flashdata
  121.                 }
  122.                 // all is well, return successful user
  123.                 return done(null, rows[0]);
  124.             });
  125.         })
  126.     );
  127.  
  128.  
  129.     // =========================================================================
  130.     // GOOGLE LOGIN ============================================================
  131.     // =========================================================================
  132.  
  133.     // Use the GoogleStrategy within Passport.
  134.     //   Strategies in Passport require a `verify` function, which accept
  135.     //   credentials (in this case, an accessToken, refreshToken, and Google
  136.     //   profile), and invoke a callback with a user object.
  137.     passport.use(new GoogleStrategy({
  138.             clientID: process.env.GOOGLE_CLIENT_ID || '---somekey---.apps.googleusercontent.com',
  139.             clientSecret: process.env.GOOGLE_CLIENT_SECRET || '---sme-other-shit----',
  140.             callbackURL: "/auth/google/callback",
  141.             passReqToCallback : true // allows us to pass back the entire request to the callback
  142.         },
  143.         function(req, accessToken, refreshToken, profile, done) {
  144.             connection.query("SELECT * FROM users WHERE google_id = ?", [profile.id], function(err, rows){
  145.                 if(err) {
  146.                     console.error("SQL Error: ", err);
  147.                     return done(err);
  148.                 }
  149.  
  150.                 if (rows.length && rows.length > 0){
  151.                     //Return user if found
  152.                     req.session.passport.user=rows[0].id;
  153.                     return done(null, rows[0]);
  154.  
  155.                 } else {
  156.                     var newUserMysql = {
  157.                         username: 'G-' + profile.id,
  158.                         google_id: profile.id,
  159.                         email: profile.emails[0].value,
  160.                         first_name: profile.name.givenName,
  161.                         last_name: profile.name.familyName
  162.                     };
  163.  
  164.                     console.log(newUserMysql);
  165.  
  166.                     var insertQuery = "INSERT INTO users ( username, google_id, email, first_name, last_name, verified) values (?, ?, ?, ?, ?, ?)";
  167.  
  168.                     connection.query(insertQuery,[newUserMysql.username, newUserMysql.google_id, newUserMysql.email, newUserMysql.first_name, newUserMysql.last_name, true],
  169.                          function(err, rows) {
  170.                              newUserMysql.id = rows.insertId;
  171.                              req.session.passport.user = newUserMysql.id;
  172.                              return done(null, newUserMysql);
  173.  
  174.                          }
  175.                     );
  176.                 }
  177.             })
  178.         }
  179.     ));
  180. };
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement