Replace passport usage with simpler custom middleware

Johannes Zellner
Commit 34adfa85 authored Aug 06, 2019 by Johannes Zellner
Showing with 29 additions and 89 deletions
frontend/js/app.js
package-lock.json
package.json
server.js
src/auth.js
--- a/frontend/js/app.js
+++ b/frontend/js/app.js
@@ -23,14 +23,14 @@ function asyncForEach(items, handler, callback) {
    })();
 }

-function getProfile(accessToken, callback) {
+function initWithToken(accessToken) {
    superagent.get('/api/profile').query({ access_token: accessToken }).end(function (error, result) {
        app.ready = true;

-        if (error && !error.response) return callback(error);
+        if (error && !error.response) return console.error(error);
        if (result.statusCode !== 200) {
            delete localStorage.accessToken;
-            return callback('Invalid access token');
+            return;
        }

        localStorage.accessToken = accessToken;
@@ -42,7 +42,7 @@ function getProfile(accessToken, callback) {

            app.folderListingEnabled = !!result.body.folderListingEnabled;

-            callback();
+            loadDirectory(decode(window.location.hash.slice(1)));
        });
    });
 }
@@ -292,11 +292,7 @@ var app = new Vue({
                if (error && !result) return that.$message.error(error.message);
                if (result.statusCode === 401) return that.$message.error('Wrong username or password');

-                getProfile(result.body.accessToken, function (error) {
-                    if (error) return console.error(error);
-
-                    loadDirectory(decode(window.location.hash.slice(1)));
-                });
+                initWithToken(result.body.accessToken);
            });
        },
        onOptionsMenu: function (command) {
@@ -452,11 +448,7 @@ var app = new Vue({
    }
 });

-getProfile(localStorage.accessToken, function (error) {
-    if (error) return console.error(error);
-
-    loadDirectory(decode(window.location.hash.slice(1)));
-});
+initWithToken(localStorage.accessToken);

 $(window).on('hashchange', function () {
    loadDirectory(decode(window.location.hash.slice(1)));

--- a/package-lock.json
+++ b/package-lock.json
@@ -1164,28 +1164,6 @@
      "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.2.tgz",
      "integrity": "sha1-/CidTtiZMRlGDBViUyYs3I3mW/M="
    },
-    "passport": {
-      "version": "0.2.2",
-      "resolved": "https://registry.npmjs.org/passport/-/passport-0.2.2.tgz",
-      "integrity": "sha1-nDjxe+uSnz2Br3uIOOhDDbhwPys=",
-      "requires": {
-        "passport-strategy": "1.x.x",
-        "pause": "0.0.1"
-      }
-    },
-    "passport-http-bearer": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/passport-http-bearer/-/passport-http-bearer-1.0.1.tgz",
-      "integrity": "sha1-FHRp6jZp4qhMYWfvmdu3fh8AmKg=",
-      "requires": {
-        "passport-strategy": "1.x.x"
-      }
-    },
-    "passport-strategy": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",
-      "integrity": "sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ="
-    },
    "path-is-absolute": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
@@ -1201,11 +1179,6 @@
      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
      "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w="
    },
-    "pause": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz",
-      "integrity": "sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10="
-    },
    "pend": {
      "version": "1.2.0",
      "resolved": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz",

--- a/package.json
+++ b/package.json
@@ -37,8 +37,6 @@
    "mkdirp": "^0.5.1",
    "morgan": "^1.9.0",
    "multiparty": "^4.1.2",
-    "passport": "^0.2.2",
-    "passport-http-bearer": "^1.0.1",
    "readline-sync": "^1.4.9",
    "request": "^2.83.0",
    "safetydance": "^0.1.1",

--- a/server.js
+++ b/server.js
@@ -4,7 +4,6 @@

 var express = require('express'),
    morgan = require('morgan'),
-    passport = require('passport'),
    path = require('path'),
    fs = require('fs'),
    compression = require('compression'),
@@ -91,8 +90,6 @@ app.use('/api', bodyParser.json());
 app.use('/api', bodyParser.urlencoded({ extended: false, limit: '100mb' }));
 app.use('/api', cookieParser());
 app.use('/api', session({ secret: 'surfin surfin', resave: false, saveUninitialized: false }));
-app.use('/api', passport.initialize());
-app.use('/api', passport.session());
 app.use(router);
 app.use(webdav.extensions.express('/_webdav', webdavServer));
 app.use('/_admin', express.static(__dirname + '/frontend'));

--- a/src/auth.js
+++ b/src/auth.js
 'use strict';

-var passport = require('passport'),
-    path = require('path'),
+var path = require('path'),
    safe = require('safetydance'),
    fs = require('fs'),
    bcrypt = require('bcryptjs'),
    uuid = require('uuid/v4'),
-    BearerStrategy = require('passport-http-bearer').Strategy,
    ldapjs = require('ldapjs'),
    HttpError = require('connect-lastmile').HttpError,
    HttpSuccess = require('connect-lastmile').HttpSuccess,
@@ -56,27 +54,6 @@ try {
    // start with empty token store
 }

-function issueAccessToken() {
-    return function (req, res, next) {
-        var accessToken = uuid();
-
-        tokenStore.set(accessToken, req.user, function (error) {
-            if (error) return next(new HttpError(500, error));
-            next(new HttpSuccess(201, { accessToken: accessToken, user: req.user }));
-        });
-    };
-}
-
-passport.serializeUser(function (user, done) {
-    console.log('serializeUser', user);
-    done(null, user.uid);
-});
-
-passport.deserializeUser(function (id, done) {
-    console.log('deserializeUser', id);
-    done(null, { uid: id });
-});
-
 function verifyUser(username, password, callback) {
    if (AUTH_METHOD === 'ldap') {
        var ldapClient = ldapjs.createClient({ url: process.env.CLOUDRON_LDAP_URL });
@@ -121,34 +98,37 @@ function verifyUser(username, password, callback) {
    }
 }

-exports.login = [
-    function (req, res, next) {
-        verifyUser(req.body.username, req.body.password, function (error, user) {
-            if (error) return next(new HttpError(401, 'Invalid credentials'));
+exports.login = function (req, res, next) {
+    verifyUser(req.body.username, req.body.password, function (error, user) {
+        if (error) return next(new HttpError(401, 'Invalid credentials'));
+
+        var accessToken = uuid();

-            req.user = user;
+        tokenStore.set(accessToken, user, function (error) {
+            if (error) return next(new HttpError(500, error));

-            next();
+            next(new HttpSuccess(201, { accessToken: accessToken, user: user }));
        });
-    },
-    issueAccessToken()
-];
+    });
+};

-exports.verify = passport.authenticate('bearer', { session: false });
+exports.verify = function (req, res, next) {
+    var accessToken = req.query.access_token || req.body.accessToken;

-passport.use(new BearerStrategy(function (token, done) {
-    tokenStore.get(token, function (error, result) {
-        if (error) {
-            console.error(error);
-            return done(null, false);
-        }
+    tokenStore.get(accessToken, function (error, user) {
+        if (error) return next(new HttpError(401, 'Invalid Access Token'));
+
+        req.user = user;

-        done(null, result, { accessToken: token });
+        next();
    });
-}));
+
+};

 exports.logout = function (req, res, next) {
-    tokenStore.del(req.authInfo.accessToken, function (error) {
+    var accessToken = req.query.access_token || req.body.accessToken;
+
+    tokenStore.del(accessToken, function (error) {
        if (error) console.error(error);

        next(new HttpSuccess(200, {}));