budibase/packages/worker/src/api/controllers/auth.js

const authPkg = require("@budibase/auth")
const { clearCookie } = authPkg.utils
const { Cookies } = authPkg.constants
const { passport } = authPkg.auth

exports.authenticate = async (ctx, next) => {
  return passport.authenticate("local", async (err, user) => {
    if (err) {
      return ctx.throw(403, "Unauthorized")
    }

    const expires = new Date()
    expires.setDate(expires.getDate() + 1)

    if (!user) {
      return ctx.throw(403, "Unauthorized")
    }

    ctx.cookies.set(Cookies.Auth, user.token, {
      expires,
      path: "/",
      httpOnly: false,
      overwrite: true,
    })

    delete user.token

    ctx.body = { user }
  })(ctx, next)
}

exports.logout = async ctx => {
  clearCookie(ctx, Cookies.Auth)
  ctx.body = { message: "User logged out" }
}

// exports.googleAuth = async (ctx, next) =>
//   passport.authenticate(
//     "google",
//     { successRedirect: "/", failureRedirect: "/" },
//     (ctx
//     setToken(ctx, next)
//   )

exports.googleAuth = async (ctx, next) => {
  return passport.authenticate(
    "google",
    { successRedirect: "/", failureRedirect: "/" },
    async (err, user) => {
      if (err) {
        return ctx.throw(403, "Unauthorized")
      }

      const expires = new Date()
      expires.setDate(expires.getDate() + 1)

      if (!user) {
        return ctx.throw(403, "Unauthorized")
      }

      ctx.cookies.set(Cookies.Auth, user.token, {
        expires,
        path: "/",
        httpOnly: false,
        overwrite: true,
      })

      ctx.redirect("/")
    }
  )(ctx, next)
}
Some re-work of the auth package, making it a bit easier to use/less likely to make a mistake. 2021-04-22 03:42:44 +12:00			`const authPkg = require("@budibase/auth")`
			`const { clearCookie } = authPkg.utils`
			`const { Cookies } = authPkg.constants`
			`const { passport } = authPkg.auth`
basic couchDB authentication using passport 2021-04-02 08:34:43 +13:00
			`exports.authenticate = async (ctx, next) => {`
JWT auth on admin endpoints 2021-04-08 02:15:05 +12:00			`return passport.authenticate("local", async (err, user) => {`
groundwork for budibase auth lib 2021-04-07 22:33:16 +12:00			`if (err) {`
Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`return ctx.throw(403, "Unauthorized")`
groundwork for budibase auth lib 2021-04-07 22:33:16 +12:00			`}`

JWT auth on admin endpoints 2021-04-08 02:15:05 +12:00			`const expires = new Date()`
			`expires.setDate(expires.getDate() + 1)`

builder login 2021-04-12 21:47:48 +12:00			`if (!user) {`
Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`return ctx.throw(403, "Unauthorized")`
builder login 2021-04-12 21:47:48 +12:00			`}`

login page 2021-04-11 22:35:55 +12:00			`ctx.cookies.set(Cookies.Auth, user.token, {`
JWT auth on admin endpoints 2021-04-08 02:15:05 +12:00			`expires,`
			`path: "/",`
			`httpOnly: false,`
			`overwrite: true,`
			`})`

builder login 2021-04-12 21:47:48 +12:00			`delete user.token`

Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`ctx.body = { user }`
basic couchDB authentication using passport 2021-04-02 08:34:43 +13:00			`})(ctx, next)`
			`}`
login page 2021-04-11 22:35:55 +12:00
logout button 2021-04-14 00:56:28 +12:00			`exports.logout = async ctx => {`
ensuring public users can log in after being assigned a roleId 2021-04-14 03:56:45 +12:00			`clearCookie(ctx, Cookies.Auth)`
merge 2021-04-16 03:49:35 +12:00			`ctx.body = { message: "User logged out" }`
logout button 2021-04-14 00:56:28 +12:00			`}`

custom google middleware 2021-04-22 05:40:32 +12:00			`// exports.googleAuth = async (ctx, next) =>`
			`// passport.authenticate(`
			`// "google",`
			`// { successRedirect: "/", failureRedirect: "/" },`
			`// (ctx`
			`// setToken(ctx, next)`
			`// )`

google auth E2E 2021-04-21 23:12:22 +12:00			`exports.googleAuth = async (ctx, next) => {`
			`return passport.authenticate(`
			`"google",`
			`{ successRedirect: "/", failureRedirect: "/" },`
			`async (err, user) => {`
			`if (err) {`
			`return ctx.throw(403, "Unauthorized")`
			`}`

			`const expires = new Date()`
			`expires.setDate(expires.getDate() + 1)`
logout button 2021-04-14 00:56:28 +12:00
google auth E2E 2021-04-21 23:12:22 +12:00			`if (!user) {`
			`return ctx.throw(403, "Unauthorized")`
			`}`

			`ctx.cookies.set(Cookies.Auth, user.token, {`
			`expires,`
			`path: "/",`
			`httpOnly: false,`
			`overwrite: true,`
			`})`

			`ctx.redirect("/")`
			`}`
			`)(ctx, next)`
login page 2021-04-11 22:35:55 +12:00			`}`