mirror of
https://github.com/thelounge/thelounge.git
synced 2024-06-07 16:22:18 +02:00
a0d10989ad
The caller doesn't care which plugin is being used, so this commit consolidates implementation details within auth.js The motivation for this work is to prepare for extending the auth API (to allow "advanced" LDAP to query user entry ontological state at start up), by tidying up rather than duplicating the existing mechanism.
53 lines
1.3 KiB
JavaScript
53 lines
1.3 KiB
JavaScript
"use strict";
|
|
|
|
const log = require("../../log");
|
|
const Helper = require("../../helper");
|
|
const colors = require("chalk");
|
|
|
|
function localAuth(manager, client, user, password, callback) {
|
|
// If no user is found, or if the client has not provided a password,
|
|
// fail the authentication straight away
|
|
if (!client || !password) {
|
|
return callback(false);
|
|
}
|
|
|
|
// If this user has no password set, fail the authentication
|
|
if (!client.config.password) {
|
|
log.error(
|
|
`User ${colors.bold(
|
|
user
|
|
)} with no local password set tried to sign in. (Probably a LDAP user)`
|
|
);
|
|
return callback(false);
|
|
}
|
|
|
|
Helper.password
|
|
.compare(password, client.config.password)
|
|
.then((matching) => {
|
|
if (matching && Helper.password.requiresUpdate(client.config.password)) {
|
|
const hash = Helper.password.hash(password);
|
|
|
|
client.setPassword(hash, (success) => {
|
|
if (success) {
|
|
log.info(
|
|
`User ${colors.bold(
|
|
client.name
|
|
)} logged in and their hashed password has been updated to match new security requirements`
|
|
);
|
|
}
|
|
});
|
|
}
|
|
|
|
callback(matching);
|
|
})
|
|
.catch((error) => {
|
|
log.error(`Error while checking users password. Error: ${error}`);
|
|
});
|
|
}
|
|
|
|
module.exports = {
|
|
moduleName: "local",
|
|
auth: localAuth,
|
|
isEnabled: () => true,
|
|
};
|