Implement user token persistency
This commit is contained in:
Pavel Djundik
parent
2bf6a2595b
commit
9384cd9ca6
@ -67,7 +67,7 @@
|
|||||||
</div>
|
</div>
|
||||||
<div class="col-xs-12">
|
<div class="col-xs-12">
|
||||||
<label class="remember">
|
<label class="remember">
|
||||||
<input type="checkbox" name="remember" checked>
|
<input type="checkbox" name="remember" id="sign-in-remember" checked>
|
||||||
Stay signed in
|
Stay signed in
|
||||||
</label>
|
</label>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@ -129,6 +129,11 @@ $(function() {
|
|||||||
feedback.hide();
|
feedback.hide();
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (data.token && window.localStorage.getItem("token") !== null) {
|
||||||
|
window.localStorage.setItem("token", data.token);
|
||||||
|
}
|
||||||
|
|
||||||
passwordForm
|
passwordForm
|
||||||
.find("input")
|
.find("input")
|
||||||
.val("")
|
.val("")
|
||||||
@ -163,8 +168,10 @@ $(function() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (data.token) {
|
if (data.token && $("#sign-in-remember").is(":checked")) {
|
||||||
window.localStorage.setItem("token", data.token);
|
window.localStorage.setItem("token", data.token);
|
||||||
|
} else {
|
||||||
|
window.localStorage.removeItem("token");
|
||||||
}
|
}
|
||||||
|
|
||||||
$("body").removeClass("signed-out");
|
$("body").removeClass("signed-out");
|
||||||
|
|||||||
@ -64,10 +64,15 @@ function Client(manager, name, config) {
|
|||||||
sockets: manager.sockets,
|
sockets: manager.sockets,
|
||||||
manager: manager
|
manager: manager
|
||||||
});
|
});
|
||||||
|
|
||||||
var client = this;
|
var client = this;
|
||||||
crypto.randomBytes(48, function(err, buf) {
|
|
||||||
client.token = buf.toString("hex");
|
if (!client.config.token) {
|
||||||
|
client.updateToken(function() {
|
||||||
|
client.manager.updateUser(client.name, {token: client.config.token});
|
||||||
});
|
});
|
||||||
|
}
|
||||||
|
|
||||||
if (config) {
|
if (config) {
|
||||||
var delay = 0;
|
var delay = 0;
|
||||||
(config.networks || []).forEach(function(n) {
|
(config.networks || []).forEach(function(n) {
|
||||||
@ -255,9 +260,24 @@ Client.prototype.connect = function(args) {
|
|||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
Client.prototype.setPassword = function(hash) {
|
Client.prototype.updateToken = function(callback) {
|
||||||
var client = this;
|
var client = this;
|
||||||
client.manager.updateUser(client.name, {password: hash});
|
|
||||||
|
crypto.randomBytes(48, function(err, buf) {
|
||||||
|
client.config.token = buf.toString("hex");
|
||||||
|
callback();
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
Client.prototype.setPassword = function(hash, callback) {
|
||||||
|
var client = this;
|
||||||
|
|
||||||
|
client.updateToken(function() {
|
||||||
|
client.manager.updateUser(client.name, {
|
||||||
|
token: client.config.token,
|
||||||
|
password: hash
|
||||||
|
});
|
||||||
|
|
||||||
// re-read the hash off disk to ensure we use whatever is saved. this will
|
// re-read the hash off disk to ensure we use whatever is saved. this will
|
||||||
// prevent situations where the password failed to save properly and so
|
// prevent situations where the password failed to save properly and so
|
||||||
// a restart of the server would forget the change and use the old
|
// a restart of the server would forget the change and use the old
|
||||||
@ -265,9 +285,11 @@ Client.prototype.setPassword = function(hash) {
|
|||||||
var user = client.manager.readUserConfig(client.name);
|
var user = client.manager.readUserConfig(client.name);
|
||||||
if (user.password === hash) {
|
if (user.password === hash) {
|
||||||
client.config.password = hash;
|
client.config.password = hash;
|
||||||
return true;
|
callback(true);
|
||||||
|
} else {
|
||||||
|
callback(false);
|
||||||
}
|
}
|
||||||
return false;
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
Client.prototype.input = function(data) {
|
Client.prototype.input = function(data) {
|
||||||
|
|||||||
@ -23,6 +23,7 @@ program
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
user.password = bcrypt.hashSync(password, bcrypt.genSaltSync(8));
|
user.password = bcrypt.hashSync(password, bcrypt.genSaltSync(8));
|
||||||
|
user.token = null; // Will be regenerated when the user is loaded
|
||||||
fs.writeFileSync(
|
fs.writeFileSync(
|
||||||
file,
|
file,
|
||||||
JSON.stringify(user, null, " ")
|
JSON.stringify(user, null, " ")
|
||||||
|
|||||||
@ -109,7 +109,7 @@ function index(req, res, next) {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function init(socket, client, token) {
|
function init(socket, client) {
|
||||||
if (!client) {
|
if (!client) {
|
||||||
socket.emit("auth");
|
socket.emit("auth");
|
||||||
socket.on("auth", auth);
|
socket.on("auth", auth);
|
||||||
@ -160,16 +160,21 @@ function init(socket, client, token) {
|
|||||||
});
|
});
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
var salt = bcrypt.genSaltSync(8);
|
var salt = bcrypt.genSaltSync(8);
|
||||||
var hash = bcrypt.hashSync(p1, salt);
|
var hash = bcrypt.hashSync(p1, salt);
|
||||||
if (client.setPassword(hash)) {
|
|
||||||
socket.emit("change-password", {
|
client.setPassword(hash, function(success) {
|
||||||
success: "Successfully updated your password"
|
var obj = {};
|
||||||
});
|
|
||||||
return;
|
if (success) {
|
||||||
|
obj.success = "Successfully updated your password, all your other sessions were logged out";
|
||||||
|
obj.token = client.config.token;
|
||||||
|
} else {
|
||||||
|
obj.error = "Failed to update your password";
|
||||||
}
|
}
|
||||||
socket.emit("change-password", {
|
|
||||||
error: "Failed to update your password"
|
socket.emit("change-password", obj);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
@ -196,12 +201,12 @@ function init(socket, client, token) {
|
|||||||
socket.emit("init", {
|
socket.emit("init", {
|
||||||
active: client.activeChannel,
|
active: client.activeChannel,
|
||||||
networks: client.networks,
|
networks: client.networks,
|
||||||
token: token || ""
|
token: client.config.token
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function reverseDnsLookup(socket, client, token) {
|
function reverseDnsLookup(socket, client) {
|
||||||
client.ip = getClientIp(socket.request);
|
client.ip = getClientIp(socket.request);
|
||||||
|
|
||||||
dns.reverse(client.ip, function(err, host) {
|
dns.reverse(client.ip, function(err, host) {
|
||||||
@ -211,7 +216,7 @@ function reverseDnsLookup(socket, client, token) {
|
|||||||
client.hostname = client.ip;
|
client.hostname = client.ip;
|
||||||
}
|
}
|
||||||
|
|
||||||
init(socket, client, token);
|
init(socket, client);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -233,7 +238,7 @@ function auth(data) {
|
|||||||
var success = false;
|
var success = false;
|
||||||
_.each(manager.clients, function(client) {
|
_.each(manager.clients, function(client) {
|
||||||
if (data.token) {
|
if (data.token) {
|
||||||
if (data.token === client.token) {
|
if (data.token === client.config.token) {
|
||||||
success = true;
|
success = true;
|
||||||
}
|
}
|
||||||
} else if (client.config.user === data.user) {
|
} else if (client.config.user === data.user) {
|
||||||
@ -242,14 +247,10 @@ function auth(data) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (success) {
|
if (success) {
|
||||||
var token;
|
|
||||||
if (data.remember || data.token) {
|
|
||||||
token = client.token;
|
|
||||||
}
|
|
||||||
if (config.webirc !== null && !client.config["ip"]) {
|
if (config.webirc !== null && !client.config["ip"]) {
|
||||||
reverseDnsLookup(socket, client, token);
|
reverseDnsLookup(socket, client);
|
||||||
} else {
|
} else {
|
||||||
init(socket, client, token);
|
init(socket, client);
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user