authelia/app/lib/authentication.js

58 lines
1.6 KiB
JavaScript
Raw Normal View History

2016-12-10 07:47:58 +07:00
module.exports = {
'authenticate': authenticate,
'verify_authentication': verify_authentication
}
var objectPath = require('object-path');
var Jwt = require('./jwt');
var ldap_checker = require('./ldap_checker');
var totp_checker = require('./totp_checker');
var replies = require('./replies');
var Q = require('q');
var utils = require('./utils');
function authenticate(req, res, args) {
var defer = Q.defer();
var username = req.body.username;
var password = req.body.password;
var token = req.body.token;
console.log('Start authentication');
if(!username || !password || !token) {
replies.authentication_failed(res);
return;
}
var totp_promise = totp_checker.validate(args.totp_interface, token, args.totp_secret);
var credentials_promise = ldap_checker.validate(args.ldap_interface, username, password, args.users_dn);
Q.all([totp_promise, credentials_promise])
.then(function() {
var token = args.jwt.sign({ user: username }, args.jwt_expiration_time);
res.cookie('access_token', token);
res.redirect('/');
console.log('Authentication succeeded');
defer.resolve();
})
.fail(function(err1, err2) {
res.render('login');
console.log('Authentication failed', err1, err2);
defer.reject();
});
return defer.promise;
}
function verify_authentication(req, res, args) {
console.log('Verify authentication');
if(!objectPath.has(req, 'cookies.access_token')) {
return utils.reject('No access token provided');
}
var jsonWebToken = req.cookies['access_token'];
return args.jwt.verify(jsonWebToken);
}