Revert "Added user authentication using Github OAuth."

This reverts commit 0625033.

server/README.md

@@ -18,26 +18,6 @@ $ NODE_ENV=production node server.js
 ```
 
 
-## Authentication
-
-Vanity supports two authentication methods.  Client applications that make API
-calls authenticate using a token.  End-users authentication using Github Auth.
-
-Authentication requires creating a Github application and setting up the
-following environment variables:
-
-* `GITHUB_CLIENT_ID` - The Github application's client ID
-* `GITHUB_CLIENT_SECRET` -  The Github application's client secret
-* `VANITY_COOKIE_KEYS` - One or more secrets that are used to sign and verify
-  authentication cookies
-* `VANITY_USERS` - Space-separated list of Github logins of all users allowed
-  access to the dashboard
-* `VANITY_TOKENS` - Space-separated list of API access tokens
-
-The file `server.sh` is used to run the server in development mode and uses
-Github application credentials that allow login to `localhost:3000`.
-
-
 ## Testing
 
 To run the entire test suite or individual tests and have control over how tests

server/config/server.coffee

@@ -7,8 +7,6 @@ process.env.NODE_ENV ||= "development"
 
 
 Express   = require("express")
-Keygrip   = require("keygrip")
-Cookies   = require("cookies")
 FS        = require("fs")
 logger    = require("./logger")
 Activity  = require("../models/activity")
@@ -45,40 +43,7 @@ server.configure ->
       res.end = end_fn
       end_fn.apply(res, arguments)
     next()
-
-
-# Authentication
-server.configure ->
-  # Digitally signed cookies.  If environment variable COOKIE_KEYS is set, we
-  # take the signing keys from there.  Otherwise, Keygrip uses a random value
-  # created during npm install.
-  keys = process.env.VANITY_COOKIE_KEYS.split(" ") if process.env.VANITY_COOKIE_KEYS
-  server.use Cookies.connect(new Keygrip(keys))
-
-  # Authentication uses Github OAuth, authorization implies being one of the names
-  # listed in USERS environment variable.
-  users = (process.env.VANITY_USERS || "").split(/\s+/)
-  logger.info "Access restricted to: #{users.join(", ")}"
-
-  # If signed cookie user is set, set the local variable user to that object, so
-  # you have access to login, name and gravatar_id.  Also sets the local
-  # variable authorized.
-  server.use (req, res, next)->
-    cookie = req.cookies.get("user", signed: true)
-    if cookie
-      user = JSON.parse(cookie)
-      if users.indexOf(user.login) >= 0
-        res.local "user", user
-        res.local "authorized", true
-    next()
-
-  # API access tokens.
-  tokens = (process.env.VANITY_TOKENS || "").split(/\s+/)
-  logger.info "API access restricted to: #{tokens.join(", ")}"
-  # Checks authorization token for API access.
-  server.use (req, res, next)->
-    next()
-
+
 
 # Error handling for production
 server.configure "production", ->
@@ -97,11 +62,11 @@ server.configure "development", ->
 # errors.
 server.configure "test", ->
   server.error (error, req, res, next)->
-    logger.error error.stack
+    console.error error.stack
     next error
 
   process.on "uncaughtException", (error)->
-    logger.error error
+    console.error error
     process.exit(1)
 
 

server/package.json

@@ -4,7 +4,7 @@
   "author": "Assaf Arkin <assaf@labnotes.org> (http://labnotes.org/)",
   "main": "index",
   "scripts": {
-    "start":  "./server.sh",
+    "start":  "node server.js",
     "test":   "mocha -R spec"
   },
   "engines": {
@@ -14,11 +14,9 @@
     "async":            "~0.1.18",
     "coffee-script":    "~1.3.1",
     "connect":          "~1.8.6",
-    "cookies":          "~0.2.2",
     "eco":              "~1.1.0",
     "elastical":        "~0.0.8",
     "express":          "~2.5.9",
-    "keygrip":          "~0.2.0",
     "redis":            "~0.7.1",
     "request":          "~2.9.200",
     "sugar":            "~1.2.4",

server/routes/api_split_tests.coffee

@@ -4,13 +4,6 @@ server   = require("../config/server")
 SplitTest = require("../models/split_test")
 
 
-authenticate = (req, res, next)->
-  if res.local("authorized")
-    next()
-  else
-    res.send 401
-
-
 # Returns a list of all active split test.
 server.get "/v1/split", (req, res, next)->
   SplitTest.list (error, tests)->

server/routes/dashboard.coffee

@@ -1,33 +1,24 @@
-QS          = require("querystring")
-Activity    = require("../models/activity")
-SplitTest   = require("../models/split_test")
-server      = require("../config/server")
-
-
-# Middleware that requires used to be authenticated and authorized.
-login = (req, res, next)->
-  if res.local("user") 
-    next()
-  else
-    res.cookies.set "return_to", req.url
-    res.redirect "/authenticate"
+QS        = require("querystring")
+Activity  = require("../models/activity")
+SplitTest = require("../models/split_test")
+server    = require("../config/server")
 
 
 # -- Activity stream --
 
 # View the activity stream.
-server.get "/activity", login, (req, res, next)->
+server.get "/activity", (req, res, next)->
   res.render "activity/stream"
 
 # View the activity stream.
-server.get "/activity/search", login, (req, res, next)->
+server.get "/activity/search", (req, res, next)->
   res.render "activity/search"
 
 
 # -- Split tests --
 
 # Show all active split tests
-server.get "/split", login, (req, res, next)->
+server.get "/split", (req, res, next)->
   SplitTest.list (error, splits)->
     if error
       next(error)
@@ -37,7 +28,7 @@ server.get "/split", login, (req, res, next)->
       res.render "split/index", splits: splits
 
 # View the activity stream.
-server.get "/split/:id", login, (req, res, next)->
+server.get "/split/:id", (req, res, next)->
   SplitTest.load req.params.id, (error, split)->
     if error
       next(error)

server/views/layout.eco

@@ -11,13 +11,6 @@
     <meta name="apple-mobile-web-app-capable" content="yes">
   </head>
   <body>
-    <div class="header">
-      <span class="user">
-        <img src="//secure.gravatar.com/avatar/<%= @user.gravatar_id %>?s=16">
-        <%= @user.name %>
-      </span>
-      <a href="/logout">Logout</a>
-    </div>
     <div class="main-content">
       <%- @body %>
     </div>