diff --git a/lib/controllers/embed.js b/lib/controllers/embed.js index b8c573a..679f9a0 100755 --- a/lib/controllers/embed.js +++ b/lib/controllers/embed.js @@ -1,6 +1,6 @@ 'use strict'; -const meta = require.main.require('./src/meta').async; +const { async: meta } = require.main.require('./src/meta'); const authentication = require('@utils/authentication'); const constants = require('@lib/constants'); @@ -57,18 +57,18 @@ embedControllers.embedView = async (req, res, next) => { * res : Response object * callback : Callback function */ - const settings = await meta.settings.get(constants.PLUGIN_NAME); - - const cookieName = settings.jwtCookieName; - if (!req.cookies[cookieName]) { - return next(new Error('[[error:not-logged-in]]')); - } - try { + const settings = await meta.settings.get(constants.PLUGIN_NAME); + + const cookieName = settings.jwtCookieName; + if (!req.cookies[cookieName]) { + return next(new Error('[[error:not-logged-in]]')); + } await authentication.loginByJwtToken(req, settings); + + res.cookie('embed', true); + return handleRedirect(req, res, next); } catch (err) { return next(err); } - res.cookie('embed', true); - return handleRedirect(req, res, next); }; diff --git a/library.js b/library.js index c194c6f..07b4a64 100755 --- a/library.js +++ b/library.js @@ -2,7 +2,7 @@ require('module-alias/register'); -const meta = require.main.require('./src/meta').async; +const { async: meta } = require.main.require('./src/meta'); const constants = require('@lib/constants'); const controllers = require('@lib/controllers'); @@ -55,7 +55,7 @@ plugin.addAdminNavigation = (header, callback) => { callback(null, header); }; -plugin.addHeaderVariables = (params, callback) => { +plugin.addHeaderVariables = async (params, callback) => { /** * Add plugin variables NodeBB header ... before rendering it. * @@ -66,16 +66,16 @@ plugin.addHeaderVariables = (params, callback) => { if (params.req.cookies.embed && params.req.cookies.embed.isEmbedView) { params.templateValues.isEmbedView = true; } - - meta.settings.get(constants.PLUGIN_NAME) - .then(settings => { - params.templateValues.isEmbedView = params.req.cookies.embed; - params.templateValues.loginURL = settings.loginURL; - params.templateValues.registrationURL = settings.registrationURL; - params.templateValues.logoutURL = settings.logoutURL; - return callback(null, params); - }) - .catch(err => callback(err)); + try { + const settings = await meta.settings.get(constants.PLUGIN_NAME); + params.templateValues.isEmbedView = params.req.cookies.embed; + params.templateValues.loginURL = settings.loginURL; + params.templateValues.registrationURL = settings.registrationURL; + params.templateValues.logoutURL = settings.logoutURL; + return callback(null, params); + } catch (err) { + callback(err); + } }; plugin.authenticateSession = async (req, res, callback) => { @@ -91,34 +91,34 @@ plugin.authenticateSession = async (req, res, callback) => { * callback : Callback function. */ const originalUid = req.uid; + try { + const settings = await meta.settings.get(constants.PLUGIN_NAME); + if (req.path === '/login' && settings.loginURL && req.session.returnTo !== '/admin') { + return res.redirect(settings.loginURL); + } else if (req.path === '/register' && settings.registrationURL) { + return res.redirect(settings.registrationURL); + } - const settings = await meta.settings.get(constants.PLUGIN_NAME); - if (req.path === '/login' && settings.loginURL && req.session.returnTo !== '/admin') { - return res.redirect(settings.loginURL); - } else if (req.path === '/register' && settings.registrationURL) { - return res.redirect(settings.registrationURL); - } - - const cookieName = settings.jwtCookieName; - if (req.cookies[cookieName]) { - try { + const cookieName = settings.jwtCookieName; + if (req.cookies[cookieName]) { await authentication.loginByJwtToken(req, settings); - } catch (err) { - return callback(err); - } - if (req.uid === originalUid) { - return callback(); + if (req.uid === originalUid) { + return callback(); + } + + return res.redirect(req.originalUrl); + } else if (req.user && req.user.uid !== 1) { + req.logout(); + return res.redirect('/login'); } - return res.redirect(req.originalUrl); - } else if (req.user && req.user.uid !== 1) { - req.logout(); - return res.redirect('/login'); + return callback(); + } catch (err) { + return callback(err); } - return callback(); }; -plugin.cleanSession = (params, callback) => { +plugin.cleanSession = async (params, callback) => { /** * Delete jwt "token" cookie when user logs out from nodebb. * @@ -126,14 +126,15 @@ plugin.cleanSession = (params, callback) => { * params : params passed by NodeBB. * callback : callback function. */ - meta.settings.get(constants.PLUGIN_NAME) - .then(settings => { - if (settings.jwtCookieName) { - params.res.clearCookie(settings.jwtCookieName); - } - callback(); - }) - .catch(err => callback(err)); + try { + const settings = await meta.settings.get(constants.PLUGIN_NAME); + if (settings.jwtCookieName) { + params.res.clearCookie(settings.jwtCookieName); + } + callback(); + } catch (err) { + callback(err); + } }; diff --git a/utils/authentication.js b/utils/authentication.js index 98629bf..d7f5f02 100644 --- a/utils/authentication.js +++ b/utils/authentication.js @@ -5,7 +5,7 @@ const { promisify } = require('util'); const jwt = require('jsonwebtoken'); -const User = require.main.require('./src/user').async; +const { async: User } = require.main.require('./src/user'); const helpers = require('@utils/helpers'); @@ -24,23 +24,10 @@ const loginByJwtToken = async (req, settings, next) => { try { helpers.verifySettings(settings); - } catch (err) { - // Required settings are not present - return next(err); - } - - const cookieName = settings.jwtCookieName; - const secret = settings.secret; - const cookie = req.cookies[cookieName]; - let user; - try { - user = jwt.verify(cookie, secret); - } catch (err) { - // Invalid secret - return next(err); - } - - try { + const cookieName = settings.jwtCookieName; + const secret = settings.secret; + const cookie = req.cookies[cookieName]; + const user = jwt.verify(cookie, secret); const uid = await User.getUidByUsername(user.username); await helpers.nbbUserLogin(req, uid); req.session.loginLock = true;