Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
import jwt from 'jsonwebtoken';
import PassportLocalStrategy from 'passport-local';
import { User } from 'common/databases/admin';
import { auth } from 'common/config';
/**
* Return the Passport Local Strategy object.
*/
const LoginStrategy = new PassportLocalStrategy({
usernameField: 'username',
passwordField: 'password',
session: false,
passReqToCallback: true,
}, (req, username, password, done) => {
const userData = {
username: username.trim(),
password: password.trim(),
};
// find a user by email address
return User.findOne({ username: userData.username, isConfirmed: true, isActive: true }, (err, user) => {
if (err) {
return done(err);
}
// we use single refreshtoken so other will be reject when we login again
import passport from 'passport'
// can be facebook, google...
import LocalStrategy from 'passport-local'
import models from 'models'
import {comparePassword} from 'passport/password-crypto'
// extend strategy
passport.use(new LocalStrategy(async (email, password, done) => {
const row = await models.authors.findOne({
where:{
email,
},
attributes: ['id', 'name', 'email', 'image', 'introduction', 'description', 'encrypted_password']
})
if(row){
// row is just instance, because we await for it, but dataValues are ready as pure json
const {encrypted_password, image, ...user} = row.dataValues
const checkPassword = await comparePassword(password, encrypted_password)
if(checkPassword) {
// update full image for user
user.avatar = `/uploads/author/image/${user.id}/${image}`
import passport from 'passport';
import LocalStrategy from 'passport-local';
import { Strategy as JWTStrategy, ExtractJwt } from 'passport-jwt';
import User from '../modules/users/user.model';
import constants from '../config/constants';
// Local strategy
const localOpts = {
usernameField: 'email',
};
const localStrategy = new LocalStrategy(
localOpts,
async (email, password, done) => {
try {
const user = await User.findOne({ email });
if (!user) {
return done(null, false);
} else if (!user.authenticateUser(password)) {
return done(null, false);
}
return done(null, user);
} catch (e) {
return done(e, false);
}
},
);
import { User } from '../../models/User';
interface IRequest extends express.Request {
user?: {
dataValues: object;
};
session: {
[key: string]: object;
destroy(): void;
};
}
// tslint:disable-next-line export-name
export const auth = express();
const strategy = new LocalStrategy(
{ usernameField: 'email' },
(username: string, password: string, done: (a, b, c?) => void) => {
User.findOne({
where: {
email: username,
},
}).then(user => {
if (user && user.isPasswordMatch(password)) {
return done(null, user);
} else {
return done(null, false, { message: 'Wrong email or password' });
}
});
}
);
return done(null, newUser);
});
}
});
});
}));
// # Local Login
// We are using named strategies since we have one for login and one
// for signup
// By default, if there is no name, it would just be called 'local'
passport.use('local-login', new LocalStrategy({
// By default, local strategy uses username and password
usernameField : 'email',
passwordField : 'password',
// Allow the entire request to be passed back to the callback
passReqToCallback : true
},
(req, username, password, done) => {
// ## Data Checks
// If the length of the username string is too long/short,
// invoke verify callback.
models.User.sync().then( () => {
return models.User.create({
name: profile.name.givenName,
surname: profile.name.familyName,
id_gmail: profile.id,
email: profile.emails[0].value
})
}).then((user) => {
return done(null, user);
});
}
});
}
));
passport.use(new LocalStrategy({
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true,
session: false
},
(req, email, password, done) => {
models.User.findOne({
where: {"email" : email, "password": password}
}).then((user) => {
if(user === null){
return done(null, null, {message :"Wrong username or password."});
}
return done(null, user , {message:"User authenticated."});
})
}
));
import passport from 'passport';
import User from '../models/user';
import { dbConfig } from '../config';
import LocalStrategy from 'passport-local';
import { Strategy as JwtStrategy, ExtractJwt } from 'passport-jwt';
const localOptions = { usernameField: 'email' };
const localLogin = new LocalStrategy(localOptions, (email, password, done) => {
User.findOne({ email }, (err, user) => {
if (err) { return done(err); }
if (!user) { return done(null, false); }
user.comparePassword(password, (err, isMatch) => {
if (err) { return done(err); }
if (!isMatch) { return done(null, false); }
if (user.role < 1) { return done(null, false); }
return done(null, user);
});
});
});
/** @format */
import passport from 'passport';
import LocalStrategy from 'passport-local';
import users from 'api/users/users';
const getDomain = req => `${req.protocol}://${req.get('host')}`;
passport.use(
'local',
new LocalStrategy(
{
passReqToCallback: true,
},
(req, username, password, done) => {
const token = req.body ? req.body.token : undefined;
users
.login({ username, password, token }, getDomain(req))
.then(user => done(null, user))
.catch(e => done(e));
}
)
);
passport.serializeUser((user, done) => {
done(null, user._id);
});
authentication() {
this.app.use(passport.initialize({}))
const authModel = new AuthConfig.authModel()
passport.use("local", new LocalStrategy({
usernameField: AuthConfig.request.usernameField,
passwordField: AuthConfig.request.passwordField,
}, authModel.authenticate))
passport.use("jwt", new JWTStrategy({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: AuthConfig.jwtSecret,
}, authModel.authenticateJwt))
}
}
import Cookies from 'cookies'
import moment from 'moment'
import Strategy from 'passport-local'
import passport from 'passport'
import jwt from 'jwt-simple'
import {config, Manager, User} from '../../../../cli'
/**
* Strategy
*/
passport.use(
new Strategy(function(username, password, done) {
User.utils.findByUsername(username, function(err, user) {
if (err) {
return done(err)
}
if (!user) {
return done(null, false, {message: 'Incorrect username or password.'})
}
if (!User.utils.isValid(user, password)) {
return done(null, false, {message: 'Incorrect username or password.'})
}
return done(null, user)
})
})
)
passport.serializeUser(function(user, done) {