feat: Move to passport for authentication (#1934)

- Added `accountProvisioner` - Move authentication to use passport strategies - Make authentication more pluggable - Change language of services -> providers closes #1120
2021-03-11 10:02:22 -08:00
parent dc967be4fc
commit 5d6f68d399
33 changed files with 1104 additions and 725 deletions
--- a/server/utils/avatars.js
+++ b/server/utils/avatars.js
@@ -2,6 +2,8 @@
 import crypto from "crypto";
 import fetch from "isomorphic-fetch";

+export const DEFAULT_AVATAR_HOST = "https://tiley.herokuapp.com";
+
 export async function generateAvatarUrl({
  id,
  domain,
@@ -27,6 +29,6 @@ export async function generateAvatarUrl({
    }
  }

-  const tileyUrl = `https://tiley.herokuapp.com/avatar/${hashedId}/${name[0]}.png`;
+  const tileyUrl = `${DEFAULT_AVATAR_HOST}/avatar/${hashedId}/${name[0]}.png`;
  return cbUrl && cbResponse && cbResponse.status === 200 ? cbUrl : tileyUrl;
 }
--- a/server/utils/fs.js
+++ b/server/utils/fs.js
@@ -0,0 +1,22 @@
+// @flow
+import path from "path";
+import fs from "fs-extra";
+
+export function requireDirectory<T>(dirName: string): [T, string][] {
+  return fs
+    .readdirSync(dirName)
+    .filter(
+      (file) =>
+        file.indexOf(".") !== 0 &&
+        file.endsWith(".js") &&
+        file !== path.basename(__filename) &&
+        !file.includes(".test")
+    )
+    .map((fileName) => {
+      const filePath = path.join(dirName, fileName);
+      const name = path.basename(filePath.replace(/\.js$/, ""));
+
+      // $FlowIssue
+      return [require(filePath), name];
+    });
+}
--- a/server/utils/passport.js
+++ b/server/utils/passport.js
@@ -0,0 +1,50 @@
+// @flow
+import addMinutes from "date-fns/add_minutes";
+import subMinutes from "date-fns/sub_minutes";
+import { type Request } from "koa";
+import { OAuthStateMismatchError } from "../errors";
+import { getCookieDomain } from "./domains";
+
+export class StateStore {
+  key: string = "state";
+
+  store = (req: Request, callback: (err: ?Error, state?: string) => void) => {
+    const state = Math.random().toString(36).substring(7);
+
+    // $FlowFixMe
+    req.cookies.set(this.key, state, {
+      httpOnly: false,
+      expires: addMinutes(new Date(), 10),
+      domain: getCookieDomain(req.hostname),
+    });
+
+    callback(null, state);
+  };
+
+  verify = (
+    req: Request,
+    providedState: string,
+    callback: (err: ?Error, ?boolean) => void
+  ) => {
+    // $FlowFixMe
+    const state = req.cookies.get(this.key);
+    if (!state) {
+      return callback(
+        new OAuthStateMismatchError("State not return in OAuth flow")
+      );
+    }
+
+    // $FlowFixMe
+    req.cookies.set(this.key, "", {
+      httpOnly: false,
+      expires: subMinutes(new Date(), 1),
+      domain: getCookieDomain(req.hostname),
+    });
+
+    if (state !== providedState) {
+      return callback(new OAuthStateMismatchError());
+    }
+
+    callback(null, true);
+  };
+}