Authentication #170

Merged
bones7242 merged 43 commits from authentication into master 2017-09-29 02:29:22 +02:00
9 changed files with 25 additions and 23 deletions
Showing only changes of commit 84c525dcc0 - Show all commits

View file

@ -122,7 +122,7 @@ module.exports = {
}); });
}); });
}, },
createChannel (name, claimAddress) { createChannel (name) {
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
axios axios
.post('http://localhost:5279/lbryapi', { .post('http://localhost:5279/lbryapi', {

View file

@ -17,7 +17,7 @@ module.exports = (sequelize, { STRING }) => {
); );
User.associate = db => { User.associate = db => {
User.hasOne(db.Certificate); User.hasOne(db.Channel);
}; };
User.prototype.validPassword = (givenpassword, thispassword) => { User.prototype.validPassword = (givenpassword, thispassword) => {

View file

@ -24,8 +24,6 @@ module.exports = new PassportLocalStrategy(
} }
logger.debug('user found:', user.dataValues); logger.debug('user found:', user.dataValues);
return user.getChannel().then(channel => { return user.getChannel().then(channel => {
user['channelName'] = channel.channelClaimId;
user['channelClaimId'] = channel.channelClaimId;
return done(null, user); return done(null, user);
}); });
}) })

View file

@ -2,7 +2,6 @@ const db = require('../models');
const PassportLocalStrategy = require('passport-local').Strategy; const PassportLocalStrategy = require('passport-local').Strategy;
const lbryApi = require('../helpers/lbryApi.js'); const lbryApi = require('../helpers/lbryApi.js');
const logger = require('winston'); const logger = require('winston');
const config = require('config');
module.exports = new PassportLocalStrategy( module.exports = new PassportLocalStrategy(
{ {
@ -12,13 +11,12 @@ module.exports = new PassportLocalStrategy(
passReqToCallback: true, // we want to be able to read the post body message parameters in the callback passReqToCallback: true, // we want to be able to read the post body message parameters in the callback
}, },
(req, username, password, done) => { (req, username, password, done) => {
logger.debug('new channel signup request'); logger.debug(`new channel signup request: ${username} ${password}`);
const address = config.get('WalletConfig.LbryClaimAddress');
let user; let user;
// server-side validaton of inputs (username, password) // server-side validaton of inputs (username, password)
// create the channel and retrieve the metadata // create the channel and retrieve the metadata
return lbryApi.createChannel(username, address) return lbryApi.createChannel(`@${username}`)
.then(tx => { .then(tx => {
// create user record // create user record
const userData = { const userData = {
@ -35,7 +33,7 @@ module.exports = new PassportLocalStrategy(
// create certificate record // create certificate record
const certificateData = { const certificateData = {
claimId: tx.claim_id, claimId: tx.claim_id,
name : username, name : `@${username}`,
// address, // address,
}; };
logger.debug('certificateData >', certificateData); logger.debug('certificateData >', certificateData);
@ -43,9 +41,7 @@ module.exports = new PassportLocalStrategy(
return Promise.all([db.User.create(userData), db.Channel.create(channelData), db.Certificate.create(certificateData)]); return Promise.all([db.User.create(userData), db.Channel.create(channelData), db.Certificate.create(certificateData)]);
}) })
.then(([newUser, newChannel, newCertificate]) => { .then(([newUser, newChannel, newCertificate]) => {
user = newUser; // save outside scope of this function user = newUser;
user['channelName'] = newChannel.channelClaimId;
user['channelClaimId'] = newChannel.channelClaimId;
logger.debug('user and certificate successfully created'); logger.debug('user and certificate successfully created');
logger.debug('user result >', newUser.dataValues); logger.debug('user result >', newUser.dataValues);
logger.debug('user result >', newChannel.dataValues); logger.debug('user result >', newChannel.dataValues);
@ -54,11 +50,10 @@ module.exports = new PassportLocalStrategy(
return Promise.all([newCertificate.setChannel(newChannel), newChannel.setUser(newUser)]); return Promise.all([newCertificate.setChannel(newChannel), newChannel.setUser(newUser)]);
}).then(() => { }).then(() => {
logger.debug('user and certificate successfully associated'); logger.debug('user and certificate successfully associated');
logger.debug('user ===', user.dataValues);
return done(null, user); return done(null, user);
}) })
.catch(error => { .catch(error => {
logger.debug(error); logger.error('signup error', error);
return done(error); return done(error);
}); });
} }

View file

@ -45,10 +45,18 @@ app.use(passport.session());
passport.serializeUser((user, done) => { passport.serializeUser((user, done) => {
done(null, user.id); done(null, user.id);
}); });
passport.deserializeUser((id, done) => { passport.deserializeUser((id, done) => { // this populates req.user
db.User.findOne({ where: { id } }) db.User.findOne({ where: { id } })
.then(user => { .then(user => {
done(null, user); user.getChannel().then(channel => {
let userInfo = {};
userInfo['id'] = user.id;
userInfo['userName'] = user.userName;
userInfo['channelName'] = channel.channelName;
userInfo['channelClaimId'] = channel.channelClaimId;
done(null, userInfo);
});
// done(null, user);
return null; return null;
}) })
.then() .then()
@ -74,6 +82,7 @@ app.set('view engine', 'handlebars');
// middleware to pass user info back to client (for handlebars access), if user is logged in // middleware to pass user info back to client (for handlebars access), if user is logged in
app.use((req, res, next) => { app.use((req, res, next) => {
if (req.user) { if (req.user) {
logger.verbose(req.user);
res.locals.user = { res.locals.user = {
id : req.user.id, id : req.user.id,
userName : req.user.userName, userName : req.user.userName,

View file

@ -19,7 +19,7 @@
kauffj commented 2017-09-22 15:56:10 +02:00 (Migrated from github.com)
Review

Updating HTML via JS can quickly become a maintainability nightmare.

IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.

Updating HTML via JS can quickly become a maintainability nightmare. IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.
kauffj commented 2017-09-22 15:56:10 +02:00 (Migrated from github.com)
Review

Updating HTML via JS can quickly become a maintainability nightmare.

IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.

Updating HTML via JS can quickly become a maintainability nightmare. IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.
<script type="text/javascript"> <script type="text/javascript">
function publishNewChannel (event) { function publishNewChannel (event) {
const channelName = `@${document.getElementById('new-channel-name').value}`; const channelName = document.getElementById('new-channel-name').value;
kauffj commented 2017-09-22 15:56:10 +02:00 (Migrated from github.com)
Review

Updating HTML via JS can quickly become a maintainability nightmare.

IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.

Updating HTML via JS can quickly become a maintainability nightmare. IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.
kauffj commented 2017-09-22 15:56:10 +02:00 (Migrated from github.com)
Review

Updating HTML via JS can quickly become a maintainability nightmare.

IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.

Updating HTML via JS can quickly become a maintainability nightmare. IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.
const password = document.getElementById('new-channel-password').value; const password = document.getElementById('new-channel-password').value;
const channelNameErrorDisplayElement = document.getElementById('input-error-channel-name'); const channelNameErrorDisplayElement = document.getElementById('input-error-channel-name');
const passwordErrorDisplayElement = document.getElementById('input-error-channel-password'); const passwordErrorDisplayElement = document.getElementById('input-error-channel-password');

kauffj commented 2017-09-22 15:56:10 +02:00 (Migrated from github.com)
Review

Updating HTML via JS can quickly become a maintainability nightmare.

IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.

Updating HTML via JS can quickly become a maintainability nightmare. IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.
kauffj commented 2017-09-22 15:56:10 +02:00 (Migrated from github.com)
Review

Updating HTML via JS can quickly become a maintainability nightmare.

IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.

Updating HTML via JS can quickly become a maintainability nightmare. IMO a better design is to render all the elements and use JS to toggle hiding/showing, either by acting directly on the elements or changing the class name of the parent and using CSS to dictate what is shown.

View file

@ -16,7 +16,7 @@
<script type="text/javascript"> <script type="text/javascript">
function loginToChannel (event) { function loginToChannel (event) {
const channelName = `@${document.getElementById('login-channel-name').value}`; const channelName = document.getElementById('login-channel-name').value;
const password = document.getElementById('login-channel-password').value; const password = document.getElementById('login-channel-password').value;
const loginErrorDisplayElement = document.getElementById('login-error-display-element'); const loginErrorDisplayElement = document.getElementById('login-error-display-element');
// prevent default // prevent default

View file

@ -4,7 +4,7 @@
<label for="channel-name-select">Channel:</label> <label for="channel-name-select">Channel:</label>
<select type="text" id="channel-name-select" class="select select--primary" value="channel" onclick="toggleChannel(event)"> <select type="text" id="channel-name-select" class="select select--primary" value="channel" onclick="toggleChannel(event)">
{{#if user}} {{#if user}}
<option value="{{user.channelName}}" >{{user.channelName}}</option> <option value="@{{user.userName}}" >@{{user.userName}}</option>
{{/if}} {{/if}}
<option value="none" >None</option> <option value="none" >None</option>
<option value="login">Login</option> <option value="login">Login</option>

View file

@ -6,7 +6,7 @@
<a href="/about" class="top-bar-right">help</a> <a href="/about" class="top-bar-right">help</a>
{{#if user}} {{#if user}}
<a href="/{{user.channelName}}:{{user.channelClaimId}}" class="top-bar-right">{{user.channelName}}</a> <a href="/{{user.channelName}}:{{user.channelClaimId}}" class="top-bar-right">@{{user.userName}}</a>
<a href="/logout" class="top-bar-right">logout</a> <a href="/logout" class="top-bar-right">logout</a>
{{else}} {{else}}
<a href="/login" class="top-bar-right">login</a> <a href="/login" class="top-bar-right">login</a>