From ab8781d115a711348b7d5428d1c100c4b7ffaec7 Mon Sep 17 00:00:00 2001 From: Gabor Javorszky Date: Tue, 21 May 2013 02:03:35 +0100 Subject: [PATCH] Added user authentication and registration --- app.js | 2 + config.js | 3 +- core/admin/controllers/index.js | 43 +++++++++++++++++--- core/admin/views/register.hbs | 11 +++++ core/shared/api.js | 9 +++- core/shared/data/fixtures/001.js | 1 - core/shared/data/migration/001.js | 1 + core/shared/models/dataProvider.bookshelf.js | 43 ++++++++++++++++++++ core/shared/models/models.js | 4 -- package.json | 3 +- 10 files changed, 107 insertions(+), 13 deletions(-) create mode 100644 core/admin/views/register.hbs diff --git a/app.js b/app.js index 16e1826771..4c148b908d 100644 --- a/app.js +++ b/app.js @@ -74,7 +74,9 @@ ghost.app().get(/^\/logout\/?$/, admin.logout); ghost.app().get('/ghost/login/', admin.login); + ghost.app().get('/ghost/register/', admin.register); ghost.app().post('/ghost/login/', admin.auth); + ghost.app().post('/ghost/register', admin.doRegister); ghost.app().get('/ghost/editor/:id', auth, admin.editor); ghost.app().get('/ghost/editor', auth, admin.editor); ghost.app().get('/ghost/blog', auth, admin.blog); diff --git a/config.js b/config.js index 1362072b76..d6f263fdb6 100644 --- a/config.js +++ b/config.js @@ -60,7 +60,8 @@ client: 'sqlite3', connection: { filename: './core/shared/data/testdb.db' - } + }, + debug: true }, staging: {}, diff --git a/core/admin/controllers/index.js b/core/admin/controllers/index.js index 857485a341..9f8aec81b9 100644 --- a/core/admin/controllers/index.js +++ b/core/admin/controllers/index.js @@ -61,11 +61,34 @@ }); }, 'auth': function (req, res) { - if (req.body.email === 'ghostadmin' && req.body.password === 'Wh0YouGonnaCall?') { - req.session.user = "ghostadmin"; - res.redirect(req.query.redirect || '/ghost/'); - } else { - res.redirect('/ghost/login/'); + console.log(req.body); + api.users.find({email: req.body.email, pw: req.body.password}).then(function (user) { + if (user) { + console.log('user found: ', user); + req.session.user = "ghostadmin"; + res.redirect(req.query.redirect || '/ghost/'); + } else { + res.redirect('/ghost/login/'); + } + + }); + }, + 'register': function (req, res) { + res.render('register', { + bodyClass: 'ghost-login', + hideNavbar: true, + adminNav: setSelected(adminNavbar, 'login') + }); + }, + 'doRegister': function (req, res) { + // console.log(req.body); + if (req.body.email !== '' && req.body.password.length > 5) { + // console.log('okay, this is happening'); + api.users.add({email: req.body.email, password: req.body.password}).then(function (user) { + console.log('user added', user); + res.redirect('/ghost/login/'); + + }); } }, 'logout': function (req, res) { @@ -139,6 +162,16 @@ } res.redirect('/ghost/debug'); }); + }, + 'newUser': function (req, res) { + ghost.dataProvider().addNewUser(req, function (error) { + if (error) { + req.flash('error', error); + } else { + req.flash('success', 'User Added'); + } + + }); } } }; diff --git a/core/admin/views/register.hbs b/core/admin/views/register.hbs new file mode 100644 index 0000000000..80d8885370 --- /dev/null +++ b/core/admin/views/register.hbs @@ -0,0 +1,11 @@ +{{!< default}} + +
+ +
+ +
+ +
\ No newline at end of file diff --git a/core/shared/api.js b/core/shared/api.js index 1a5073c757..6c15dfe9ef 100644 --- a/core/shared/api.js +++ b/core/shared/api.js @@ -48,7 +48,14 @@ }; // # Users - users = {}; + users = { + add: function (postData) { + return when.call(ghost.dataProvider().users.add, postData); + }, + find: function (postData) { + return when.call(ghost.dataProvider().users.check, postData); + } + }; // settings: {}, // categories: {}, // post_categories: {} diff --git a/core/shared/data/fixtures/001.js b/core/shared/data/fixtures/001.js index e8aae20bf9..f2ecbd92d5 100644 --- a/core/shared/data/fixtures/001.js +++ b/core/shared/data/fixtures/001.js @@ -63,5 +63,4 @@ module.exports = { "updated_by": 1 } ] - }; diff --git a/core/shared/data/migration/001.js b/core/shared/data/migration/001.js index 1d295adb16..37768aa398 100644 --- a/core/shared/data/migration/001.js +++ b/core/shared/data/migration/001.js @@ -35,6 +35,7 @@ t.string('username'); t.string('first_name'); t.string('last_name'); + t.string('password'); t.string('email_address'); t.string('profile_picture'); t.string('cover_picture'); diff --git a/core/shared/models/dataProvider.bookshelf.js b/core/shared/models/dataProvider.bookshelf.js index 53726ab41f..a42a145e2e 100644 --- a/core/shared/models/dataProvider.bookshelf.js +++ b/core/shared/models/dataProvider.bookshelf.js @@ -8,6 +8,7 @@ var knex = require('./knex_init'), models = require('./models'), + bcrypt = require('bcrypt'), DataProvider, instance; @@ -26,6 +27,7 @@ }; DataProvider.prototype.posts = function () { }; + DataProvider.prototype.users = function () { }; /** * Naive find all @@ -55,6 +57,7 @@ * @param callback */ DataProvider.prototype.posts.add = function (_post, callback) { + console.log(_post); models.Post.forge(_post).save().then(function (post) { callback(null, post); }, callback); @@ -80,5 +83,45 @@ }); }; + /** + * Naive user add + * @param _user + * @param callback + * + * Could probably do with some refactoring, but it works right now. + */ + DataProvider.prototype.users.add = function (_user, callback) { + console.log('outside of forge', _user); + bcrypt.genSalt(10, function (err, salt) { + bcrypt.hash(_user.password, salt, function (err, hash) { + var test = { + "password": hash, + "email_address": _user.email + }; + new models.User(test).save().then(function (user) { + console.log('within the forge for the user bit', user); + callback(null, user); + }, callback); + }); + }); + }; + + DataProvider.prototype.users.check = function (_userdata, callback) { + var test = { + email_address: _userdata.email + }; + models.User.forge(test).fetch().then(function (user) { + var _user; + bcrypt.compare(_userdata.pw, user.attributes.password, function (err, res) { + if (res) { + _user = user; + } else { + _user = false; + } + callback(null, _user); + }); + }); + }; + module.exports = DataProvider; }()); \ No newline at end of file diff --git a/core/shared/models/models.js b/core/shared/models/models.js index 0dd61a7f1a..6592ce54c8 100644 --- a/core/shared/models/models.js +++ b/core/shared/models/models.js @@ -60,15 +60,11 @@ }); User = Bookshelf.Model.extend({ - tableName: 'users', - hasTimestamps: true, - posts: function () { return this.hasMany(Posts, 'created_by'); } - }); Setting = Bookshelf.Model.extend({ diff --git a/package.json b/package.json index 2db837f939..a3ce219411 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,8 @@ "sqlite3": "2.1.x", "bookshelf": "0.1.x", "knex": "0.1.x", - "when": "2.1.x" + "when": "2.1.x", + "bcrypt": "~0.7.5" }, "devDependencies": { "grunt": "0.4.x",