/
security.js
119 lines (116 loc) · 3.7 KB
/
security.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
import passport from 'passport/lib';
import validator from 'validator';
import FacebookStrategy from 'passport-facebook';
import GithubStrategy from 'passport-github';
import { OAuth2Strategy as GoogleStrategy } from 'passport-google-oauth';
import { join, head, isEmpty, anyPass, isNil } from 'ramda';
import { initAdmin, loginFromProvider } from '../domain/user';
import conf from './conf';
// Admin user initialization
const empty = anyPass([isNil, isEmpty]);
const DEFAULT_CONF_VALUE = 'ChangeMe';
const adminEmail = conf.get('app:admin:email');
const adminPassword = conf.get('app:admin:password');
const adminToken = conf.get('app:admin:token');
if (
empty(adminEmail) ||
empty(adminPassword) ||
empty(adminToken) ||
adminPassword === DEFAULT_CONF_VALUE ||
adminToken === DEFAULT_CONF_VALUE
) {
throw new Error('Admin setup > You need to configure the environment vars');
} else {
// Check fields
if (!validator.isEmail(adminEmail))
throw new Error('Admin setup > email must be a valid email address');
if (!validator.isUUID(adminToken))
throw new Error('Admin setup > Token must be a valid UUID');
// Initialize the admin account
// noinspection JSIgnoredPromiseFromCall
initAdmin(adminEmail, adminPassword, adminToken);
}
// Providers definition
const providers = [];
// Facebook
if (conf.get('providers:facebook')) {
const facebookOptions = {
clientID: conf.get('providers:facebook:client_id'),
clientSecret: conf.get('providers:facebook:client_secret'),
callbackURL: conf.get('providers:facebook:callback_uri'),
profileFields: ['id', 'emails', 'name'],
scope: 'email'
};
const facebookStrategy = new FacebookStrategy(
facebookOptions,
(accessToken, refreshToken, profile, done) => {
// eslint-disable-next-line no-underscore-dangle
const data = profile._json; // TODO CHECK THAT
const name = `${data.last_name} ${data.first_name}`;
const { email } = data;
loginFromProvider(email, name)
.then(token => {
done(null, token);
})
.catch(err => {
done(err);
});
}
);
passport.use(facebookStrategy);
providers.push('facebook');
}
// Google
if (conf.get('providers:google')) {
const googleOptions = {
clientID: conf.get('providers:google:client_id'),
clientSecret: conf.get('providers:google:client_secret'),
callbackURL: conf.get('providers:google:callback_uri'),
scope: 'email'
};
const googleStrategy = new GoogleStrategy(
googleOptions,
(token, tokenSecret, profile, done) => {
const name = profile.displayName;
const email = head(profile.emails).value;
// let picture = head(profile.photos).value;
loginFromProvider(email, name)
.then(loggedToken => {
done(null, loggedToken);
})
.catch(err => {
done(err);
});
}
);
passport.use(googleStrategy);
providers.push('google');
}
// Github
if (conf.get('providers:github')) {
const githubOptions = {
clientID: conf.get('providers:github:client_id'),
clientSecret: conf.get('providers:github:client_secret'),
callbackURL: conf.get('providers:github:callback_uri'),
scope: 'user:email'
};
const githubStrategy = new GithubStrategy(
githubOptions,
(token, tokenSecret, profile, done) => {
const { name } = profile;
const email = head(profile.emails).value;
// let picture = profile.avatar_url;
loginFromProvider(email, name)
.then(loggedToken => {
done(null, loggedToken);
})
.catch(err => {
done(err);
});
}
);
passport.use(githubStrategy);
providers.push('github');
}
export const ACCESS_PROVIDERS = join(',', providers);
export default passport;