huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
84cb74e8b3dab22528d5046f2cc6751897e14df8
speckle-server/packages/server/modules/auth/strategies/github.js
T
Iain Sproat 84cb74e8b3 feat(structured logging): implements structured logging for backend (#1217) 
* each log line is a json object
* structured logging allows logs to be ingested by machines and the logs to be indexed and queried addresses #1105
* structured logging allows arbitrary properties to be appended to each log line, and ingestion of logs to remain robust
* Structured logging provided by `pino` library
* Add `express-pino-logger` dependency
* Remove `debug`, `morgan`, and `morgan-debug` and replace with structured logging
* `console.log` & `console.error` replaced with structured logging in backend
* Remove `DEBUG` environment variable and replace with `LOG_LEVEL`
- Note that there is a test which reads from a logged line on `stdout`. This is not robust, it would be better to use the childProcess.pid to look up the port number.
* Log errors at points we explicitly send error to Sentry
* Amend indentation of a couple of log messages to align indentation with others
2022-11-25 16:05:05 +00:00

107 lines
3.5 KiB
JavaScript
Raw Blame History

/* istanbul ignore file */
'use strict'
const passport = require('passport')
const GithubStrategy = require('passport-github2')
const URL = require('url').URL
const { findOrCreateUser, getUserByEmail } = require('@/modules/core/services/users')
const { getServerInfo } = require('@/modules/core/services/generic')
const {
validateServerInvite,
finalizeInvitedServerRegistration,
resolveAuthRedirectPath
} = require('@/modules/serverinvites/services/inviteProcessingService')
const { passportAuthenticate } = require('@/modules/auth/services/passportService')
const { logger } = require('@/logging/logging')
module.exports = async (app, session, sessionStorage, finalizeAuth) => {
const strategy = {
id: 'github',
name: 'Github',
icon: 'mdi-github',
color: 'grey darken-3',
url: '/auth/gh',
callbackUrl: '/auth/gh/callback'
}
const myStrategy = new GithubStrategy(
{
clientID: process.env.GITHUB_CLIENT_ID,
clientSecret: process.env.GITHUB_CLIENT_SECRET,
callbackURL: new URL(strategy.callbackUrl, process.env.CANONICAL_URL).toString(),
scope: ['profile', 'user:email'],
passReqToCallback: true
},
async (req, accessToken, refreshToken, profile, done) => {
const serverInfo = await getServerInfo()
try {
const email = profile.emails[0].value
const name = profile.displayName || profile.username
const bio = profile._json.bio
const user = { email, name, bio }
const existingUser = await getUserByEmail({ email: user.email })
if (existingUser && !existingUser.verified) {
throw new Error(
'Email already in use by a user with unverified email. Verify the email on the existing user to be able to log in with Github'
)
}
// if there is an existing user, go ahead and log them in (regardless of
// whether the server is invite only or not).
if (existingUser) {
const myUser = await findOrCreateUser({ user, rawProfile: profile._raw })
return done(null, myUser)
}
// if the server is not invite only, go ahead and log the user in.
if (!serverInfo.inviteOnly) {
const myUser = await findOrCreateUser({ user, rawProfile: profile._raw })
// process invites
if (myUser.isNewUser) {
await finalizeInvitedServerRegistration(user.email, myUser.id)
}
return done(null, myUser)
}
// if the server is invite only and we have no invite id, throw.
if (serverInfo.inviteOnly && !req.session.token) {
throw new Error(
'This server is invite only. Please authenticate yourself through a valid invite link.'
)
}
// validate the invite
const validInvite = await validateServerInvite(user.email, req.session.token)
// create the user
const myUser = await findOrCreateUser({ user, rawProfile: profile._raw })
// use the invite
await finalizeInvitedServerRegistration(user.email, myUser.id)
// Resolve redirect path
req.authRedirectPath = resolveAuthRedirectPath(validInvite)
// return to the auth flow
return done(null, myUser)
} catch (err) {
logger.error(err)
return done(null, false, { message: err.message })
}
}
)
passport.use(myStrategy)
app.get(strategy.url, session, sessionStorage, passportAuthenticate('github'))
app.get(strategy.callbackUrl, session, passportAuthenticate('github'), finalizeAuth)
return strategy
}
Reference in New Issue View Git Blame Copy Permalink