Merge pull request #370 from thelounge/xpaw/persistent-token
Implement user token persistency
This commit is contained in:
commit
cfdcd405d5
@ -67,7 +67,7 @@
|
||||
</div>
|
||||
<div class="col-xs-12">
|
||||
<label class="remember">
|
||||
<input type="checkbox" name="remember" checked>
|
||||
<input type="checkbox" name="remember" id="sign-in-remember" checked>
|
||||
Stay signed in
|
||||
</label>
|
||||
</div>
|
||||
|
@ -129,6 +129,11 @@ $(function() {
|
||||
feedback.hide();
|
||||
});
|
||||
}
|
||||
|
||||
if (data.token && window.localStorage.getItem("token") !== null) {
|
||||
window.localStorage.setItem("token", data.token);
|
||||
}
|
||||
|
||||
passwordForm
|
||||
.find("input")
|
||||
.val("")
|
||||
@ -163,8 +168,10 @@ $(function() {
|
||||
}
|
||||
}
|
||||
|
||||
if (data.token) {
|
||||
if (data.token && $("#sign-in-remember").is(":checked")) {
|
||||
window.localStorage.setItem("token", data.token);
|
||||
} else {
|
||||
window.localStorage.removeItem("token");
|
||||
}
|
||||
|
||||
$("body").removeClass("signed-out");
|
||||
|
@ -64,10 +64,15 @@ function Client(manager, name, config) {
|
||||
sockets: manager.sockets,
|
||||
manager: manager
|
||||
});
|
||||
|
||||
var client = this;
|
||||
crypto.randomBytes(48, function(err, buf) {
|
||||
client.token = buf.toString("hex");
|
||||
});
|
||||
|
||||
if (!client.config.token) {
|
||||
client.updateToken(function() {
|
||||
client.manager.updateUser(client.name, {token: client.config.token});
|
||||
});
|
||||
}
|
||||
|
||||
if (config) {
|
||||
var delay = 0;
|
||||
(config.networks || []).forEach(function(n) {
|
||||
@ -255,19 +260,36 @@ Client.prototype.connect = function(args) {
|
||||
});
|
||||
};
|
||||
|
||||
Client.prototype.setPassword = function(hash) {
|
||||
Client.prototype.updateToken = function(callback) {
|
||||
var client = this;
|
||||
client.manager.updateUser(client.name, {password: hash});
|
||||
// re-read the hash off disk to ensure we use whatever is saved. this will
|
||||
// prevent situations where the password failed to save properly and so
|
||||
// a restart of the server would forget the change and use the old
|
||||
// password again.
|
||||
var user = client.manager.readUserConfig(client.name);
|
||||
if (user.password === hash) {
|
||||
client.config.password = hash;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
|
||||
crypto.randomBytes(48, function(err, buf) {
|
||||
client.config.token = buf.toString("hex");
|
||||
callback();
|
||||
});
|
||||
};
|
||||
|
||||
Client.prototype.setPassword = function(hash, callback) {
|
||||
var client = this;
|
||||
|
||||
client.updateToken(function() {
|
||||
client.manager.updateUser(client.name, {
|
||||
token: client.config.token,
|
||||
password: hash
|
||||
});
|
||||
|
||||
// re-read the hash off disk to ensure we use whatever is saved. this will
|
||||
// prevent situations where the password failed to save properly and so
|
||||
// a restart of the server would forget the change and use the old
|
||||
// password again.
|
||||
var user = client.manager.readUserConfig(client.name);
|
||||
if (user.password === hash) {
|
||||
client.config.password = hash;
|
||||
callback(true);
|
||||
} else {
|
||||
callback(false);
|
||||
}
|
||||
});
|
||||
};
|
||||
|
||||
Client.prototype.input = function(data) {
|
||||
|
@ -23,6 +23,7 @@ program
|
||||
return;
|
||||
}
|
||||
user.password = bcrypt.hashSync(password, bcrypt.genSaltSync(8));
|
||||
user.token = null; // Will be regenerated when the user is loaded
|
||||
fs.writeFileSync(
|
||||
file,
|
||||
JSON.stringify(user, null, " ")
|
||||
|
@ -109,7 +109,7 @@ function index(req, res, next) {
|
||||
});
|
||||
}
|
||||
|
||||
function init(socket, client, token) {
|
||||
function init(socket, client) {
|
||||
if (!client) {
|
||||
socket.emit("auth");
|
||||
socket.on("auth", auth);
|
||||
@ -160,16 +160,21 @@ function init(socket, client, token) {
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
var salt = bcrypt.genSaltSync(8);
|
||||
var hash = bcrypt.hashSync(p1, salt);
|
||||
if (client.setPassword(hash)) {
|
||||
socket.emit("change-password", {
|
||||
success: "Successfully updated your password"
|
||||
});
|
||||
return;
|
||||
}
|
||||
socket.emit("change-password", {
|
||||
error: "Failed to update your password"
|
||||
|
||||
client.setPassword(hash, function(success) {
|
||||
var obj = {};
|
||||
|
||||
if (success) {
|
||||
obj.success = "Successfully updated your password, all your other sessions were logged out";
|
||||
obj.token = client.config.token;
|
||||
} else {
|
||||
obj.error = "Failed to update your password";
|
||||
}
|
||||
|
||||
socket.emit("change-password", obj);
|
||||
});
|
||||
}
|
||||
);
|
||||
@ -196,12 +201,12 @@ function init(socket, client, token) {
|
||||
socket.emit("init", {
|
||||
active: client.activeChannel,
|
||||
networks: client.networks,
|
||||
token: token || ""
|
||||
token: client.config.token
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
function reverseDnsLookup(socket, client, token) {
|
||||
function reverseDnsLookup(socket, client) {
|
||||
client.ip = getClientIp(socket.request);
|
||||
|
||||
dns.reverse(client.ip, function(err, host) {
|
||||
@ -211,7 +216,7 @@ function reverseDnsLookup(socket, client, token) {
|
||||
client.hostname = client.ip;
|
||||
}
|
||||
|
||||
init(socket, client, token);
|
||||
init(socket, client);
|
||||
});
|
||||
}
|
||||
|
||||
@ -233,7 +238,7 @@ function auth(data) {
|
||||
var success = false;
|
||||
_.each(manager.clients, function(client) {
|
||||
if (data.token) {
|
||||
if (data.token === client.token) {
|
||||
if (data.token === client.config.token) {
|
||||
success = true;
|
||||
}
|
||||
} else if (client.config.user === data.user) {
|
||||
@ -242,14 +247,10 @@ function auth(data) {
|
||||
}
|
||||
}
|
||||
if (success) {
|
||||
var token;
|
||||
if (data.remember || data.token) {
|
||||
token = client.token;
|
||||
}
|
||||
if (config.webirc !== null && !client.config["ip"]) {
|
||||
reverseDnsLookup(socket, client, token);
|
||||
reverseDnsLookup(socket, client);
|
||||
} else {
|
||||
init(socket, client, token);
|
||||
init(socket, client);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user