mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
58 lines
1.6 KiB
JavaScript
58 lines
1.6 KiB
JavaScript
|
|
module.exports = {
|
|
'authenticate': authenticate,
|
|
'verify_authentication': verify_authentication
|
|
}
|
|
|
|
var objectPath = require('object-path');
|
|
var Jwt = require('./jwt');
|
|
var ldap_checker = require('./ldap_checker');
|
|
var totp_checker = require('./totp_checker');
|
|
var replies = require('./replies');
|
|
var Q = require('q');
|
|
var utils = require('./utils');
|
|
|
|
|
|
function authenticate(req, res, args) {
|
|
var defer = Q.defer();
|
|
var username = req.body.username;
|
|
var password = req.body.password;
|
|
var token = req.body.token;
|
|
console.log('Start authentication');
|
|
|
|
if(!username || !password || !token) {
|
|
replies.authentication_failed(res);
|
|
return;
|
|
}
|
|
|
|
var totp_promise = totp_checker.validate(args.totp_interface, token, args.totp_secret);
|
|
var credentials_promise = ldap_checker.validate(args.ldap_interface, username, password, args.users_dn);
|
|
|
|
Q.all([totp_promise, credentials_promise])
|
|
.then(function() {
|
|
var token = args.jwt.sign({ user: username }, args.jwt_expiration_time);
|
|
res.cookie('access_token', token);
|
|
res.redirect('/');
|
|
console.log('Authentication succeeded');
|
|
defer.resolve();
|
|
})
|
|
.fail(function(err1, err2) {
|
|
res.render('login');
|
|
console.log('Authentication failed', err1, err2);
|
|
defer.reject();
|
|
});
|
|
return defer.promise;
|
|
}
|
|
|
|
function verify_authentication(req, res, args) {
|
|
console.log('Verify authentication');
|
|
|
|
if(!objectPath.has(req, 'cookies.access_token')) {
|
|
return utils.reject('No access token provided');
|
|
}
|
|
|
|
var jsonWebToken = req.cookies['access_token'];
|
|
return args.jwt.verify(jsonWebToken);
|
|
}
|
|
|