Basic passport integration

services/web/app/coffee/Features/Authentication/AuthenticationController.coffee

@@ -16,6 +16,54 @@ module.exports = AuthenticationController =
 	login: (req, res, next = (error) ->) ->
 		AuthenticationController.doLogin req.body, req, res, next
 
+	serializeUser: (user, callback) ->
+		console.log ">> serialize", user._id
+		lightUser =
+			_id: user._id
+			first_name: user.first_name
+			last_name: user.last_name
+			isAdmin: user.isAdmin
+			email: user.email
+			referal_id: user.referal_id
+			session_created: (new Date()).toISOString()
+			ip_address: user._login_req_ip
+		callback(null, lightUser)
+
+	deserializeUser: (user, cb) ->
+		console.log ">> de-serialize", user._id
+		cb(null, user)
+
+	doPassportLogin: (req, username, password, done) ->
+		email = username.toLowerCase()
+		redir = Url.parse(req?.body?.redir or "/project").path
+		console.log ">> doing passport login", username, password, redir
+		LoginRateLimiter.processLoginRequest email, (err, isAllowed)->
+			return done(err) if err?
+			if !isAllowed
+				logger.log email:email, "too many login requests"
+				return done(null, null, {message: req.i18n.translate("to_many_login_requests_2_mins"), type: 'error'})
+			AuthenticationManager.authenticate email: email, password, (error, user) ->
+				return done(error) if error?
+				if user?
+					# async actions
+					UserHandler.setupLoginData(user, ()->)
+					LoginRateLimiter.recordSuccessfulLogin(email)
+					AuthenticationController._recordSuccessfulLogin(user._id)
+					Analytics.recordEvent(user._id, "user-logged-in")
+					UserSessionsManager.trackSession(user, req.sessionID, () ->)
+					req.session.justLoggedIn = true
+					logger.log email: email, user_id: user._id.toString(), "successful log in"
+					# capture the request ip for use when creating the session
+					user._login_req_ip = req.ip
+					req._redir = redir
+					console.log ">> done, returning user"
+					return done(null, user)
+				else
+					AuthenticationController._recordFailedLogin()
+					logger.log email: email, "failed log in"
+					return done(null, false, {message: req.i18n.translate("email_or_password_wrong_try_again"), type: 'error'})
+
+
 	doLogin: (options, req, res, next) ->
 		email = options.email?.toLowerCase()
 		password = options.password

services/web/app/coffee/Features/User/UserController.coffee

@@ -84,6 +84,7 @@ module.exports = UserController =
 		logger.log user: req?.session?.user, "logging out"
 		sessionId = req.sessionID
 		user = req?.session?.user
+		req.logout?()  # passport logout
 		req.session.destroy (err)->
 			if err
 				logger.err err: err, 'error destorying session'

services/web/app/coffee/infrastructure/Server.coffee

@@ -21,6 +21,9 @@ cookieParser = require('cookie-parser')
 
 sessionStore = new RedisStore(client:rclient)
 
+passport = require('passport')
+LocalStrategy = require('passport-local').Strategy
+
 Mongoose = require("./Mongoose")
 
 oneDayInMilliseconds = 86400000
@@ -32,6 +35,7 @@ Modules = require "./Modules"
 
 ErrorController = require "../Features/Errors/ErrorController"
 UserSessionsManager = require "../Features/User/UserSessionsManager"
+AuthenticationController = require "../Features/Authentication/AuthenticationController"
 
 metrics.mongodb.monitor(Path.resolve(__dirname + "/../../../node_modules/mongojs/node_modules/mongodb"), logger)
 metrics.mongodb.monitor(Path.resolve(__dirname + "/../../../node_modules/mongoose/node_modules/mongodb"), logger)
@@ -87,6 +91,22 @@ webRouter.use csrfProtection
 webRouter.use translations.expressMiddlewear
 webRouter.use translations.setLangBasedOnDomainMiddlewear
 
+# passport
+webRouter.use passport.initialize()
+webRouter.use passport.session()
+
+passport.use(new LocalStrategy(
+	{
+		passReqToCallback: true,
+		usernameField: 'email',
+		passwordField: 'password'
+	},
+	AuthenticationController.doPassportLogin
+))
+passport.serializeUser(AuthenticationController.serializeUser)
+passport.deserializeUser(AuthenticationController.deserializeUser)
+
+
 # Measure expiry from last request, not last login
 webRouter.use (req, res, next) ->
 	req.session.touch()

services/web/app/coffee/router.coffee

@@ -43,6 +43,7 @@ AnalyticsRouter = require('./Features/Analytics/AnalyticsRouter')
 
 logger = require("logger-sharelatex")
 _ = require("underscore")
+passport = require('passport')
 
 module.exports = class Router
 	constructor: (webRouter, apiRouter)->
@@ -53,7 +54,10 @@ module.exports = class Router
 		webRouter.get  '/login', UserPagesController.loginPage
 		AuthenticationController.addEndpointToLoginWhitelist '/login'
 
-		webRouter.post '/login', AuthenticationController.login
+		# webRouter.post '/login', AuthenticationController.login
+		webRouter.post '/login', passport.authenticate('local'), AuthenticationController.login, (req, res) ->
+			console.log ">> login done", req._redir
+			res.json {redir: req._redir}
 		webRouter.get  '/logout', UserController.logout
 		webRouter.get  '/restricted', AuthorizationMiddlewear.restricted
 

services/web/package.json

@@ -46,6 +46,8 @@
     "nodemailer-sendgrid-transport": "^0.2.0",
     "nodemailer-ses-transport": "^1.3.0",
     "optimist": "0.6.1",
+    "passport": "^0.3.2",
+    "passport-local": "^1.0.0",
     "pg": "^6.0.3",
     "pg-hstore": "^2.3.2",
     "redback": "0.4.0",