const mongoose = require("mongoose");
const User = mongoose.model("User");
passport.use(new LocalStrategy({
usernameField: "email",
session: false
}, (email, password, done) => {
User.findOne({ email }, (err, user) => {
if (err) {
return done(err);
}
if (!user) {
return done(null, false, { message: "No matching user" });
}
user.checkPassword(password, (checkErr, isValid) => {
if (checkErr) {
return done(err);
}
if (!isValid) {
return done(null, false, { message: "Invalid password" });
}
done(null, user);
});
});
}));
exports.configure = function(){
passport.use(new LocalStrategy({passReqToCallback: true},
function(req, username, password, done) {
config.user.findOne(username, function(err, data) {
if (err) { return done(err); }
if (!data) {
return done(null, false, { message: 'Incorrect username.' });
}
if (!config.user.validPassword(username, password)) {
return done(null, false, { message: 'Incorrect password.' });
}
var user = {
'username': username,
'password': data.password,
'isAdmin' : data.isAdmin,
'created_at': data.created_at
}
// success ! the usert that did the request is registered in the database.
// check if the user can take the control of the tool.
if(userToKickout && userToKickout.username === username){ // the freshly kicked out user is doing a request.
//no boy. you can't do that anymore.
req.logout(); // remove his session information.
userToKickout=undefined;
//console.log("current user have been kicked out");
return done(null, false, { message: 'you have been kicked by user '+currentUser.username+'.'});
}
if(currentUser && currentUser.username !== username){ // a user is already connected
if(req.params.kickout!==true){ // there is no request to kick the current user out.
//console.log("there is already a user using the tool");
return done(null, false, { message: 'The user '+currentUser.username+' is already controlling the tool', userAlreadyLogedIn:true});
}
/****************************** Check the kickoutability of the user already connected ****************/
if(!user.isAdmin){ // the user that wants to connect is not admin
if(currentUser.isAdmin){ //you can't kick out an admin if your a simple user
return done(null, false, { message: 'The user '+currentUser.username+' is an admin.'});
}
if(!isCurrentUserKickeable){ //you can't kick out a user that is actively using the tool.
//console.log("current user is active");
return done(null, false, { message: 'The user '+currentUser.username+' is still active.'});
}
if(machine.machine.status.state === 'running') { //you can't kick a user that is running a file.
//console.log("current user is running a file");
return done(null, false, { message: 'The user '+currentUser.username+' is running a file.'});
}
}
userToKickout = currentUser;
eventEmitter.emit("user_kickout",currentUser);
currentUser = user;
isCurrentUserKickeable = false;
startUserTimer();
return done(null, user);
/*****************************r*************************************************************************/
}
if(!currentUser){ // first authentication
//We can login the user !
currentUser = user;
isCurrentUserKickeable = false;
startUserTimer();
}
return done(null, user);
});
}
));
};