17th-Ranger-Battalion-ORG/milsim-site-v4
8
1
Fork 0
Code Issues 22 Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity
Files
9f9e15700fe123bebd8b606b300a8911486ce3c8
milsim-site-v4/api/routes/auth.js
ajdj100 5122e44743 Implemented logout system
2025-09-18 23:57:19 -04:00

112 lines
3.6 KiB
JavaScript
Raw Blame History

const passport = require('passport');
const OpenIDConnectStrategy = require('passport-openidconnect');
const dotenv = require('dotenv');
dotenv.config();
const express = require('express');
const { param } = require('./applications');
const router = express.Router();
const pool = require('../db')
const querystring = require('querystring');
passport.use(new OpenIDConnectStrategy({
issuer: process.env.AUTH_ISSUER,
authorizationURL: 'https://sso.iceberg-gaming.com/application/o/authorize/',
tokenURL: 'https://sso.iceberg-gaming.com/application/o/token/',
userInfoURL: 'https://sso.iceberg-gaming.com/application/o/userinfo/',
clientID: process.env.AUTH_CLIENT_ID,
clientSecret: process.env.AUTH_CLIENT_SECRET,
callbackURL: process.env.AUTH_REDIRECT_URI,
scope: ['openid', 'profile']
}, async function verify(issuer, sub, profile, jwtClaims, accessToken, refreshToken, params, cb) {
console.log('--- OIDC verify() called ---');
console.log('issuer:', issuer);
console.log('sub:', sub);
console.log('profile:', JSON.stringify(profile, null, 2));
console.log('id_token claims:', JSON.stringify(jwtClaims, null, 2));
console.log('preferred_username:', jwtClaims?.preferred_username);
const con = await pool.getConnection();
try {
await con.beginTransaction();
//lookup existing user
const existing = await con.query(`SELECT id FROM members WHERE authentik_issuer = ? AND authentik_sub = ? LIMIT 1;`, [issuer, sub]);
console.log(existing)
let memberId;
//if member exists
if (existing.length > 0) {
console.log('member exists');
memberId = existing[0].id;
} else {
console.log("creating member")
//otherwise: create account
const username = sub.username;
const result = await con.query(
`INSERT INTO members (name, authentik_sub, authentik_issuer) VALUES (?, ?, ?)`,
[username, sub, issuer]
)
memberId = result.insertId;
}
console.log("hello world" + memberId);
await con.commit();
return cb(null, { memberId });
} catch (error) {
await con.rollback();
return cb(error);
} finally {
con.release();
}
}));
router.get('/login', passport.authenticate('openidconnect'))
router.get('/callback', passport.authenticate('openidconnect', {
successRedirect: 'https://aj17thdev.nexuszone.net/',
failureRedirect: 'https://aj17thdev.nexuszone.net/'
}));
router.post('/logout', function (req, res, next) {
req.logout(function (err) {
if (err) { return next(err); }
var params = {
client_id: process.env.AUTH_CLIENT_ID,
returnTo: 'https://aj17thdev.nexuszone.net/'
};
res.redirect(process.env.AUTH_DOMAIN + '/v2/logout?' + querystring.stringify(params));
});
});
passport.serializeUser(function (user, cb) {
process.nextTick(function () {
console.log(`serialize: ${user.memberId}`);
cb(null, user);
});
});
passport.deserializeUser(function (user, cb) {
process.nextTick(async function () {
const memberID = user.memberId;
const con = await pool.getConnection();
var userData;
try {
userResults = await con.query(`SELECT id, name FROM members WHERE id = ?;`, [memberID])
console.log(userResults)
userData = userResults[0];
} catch (error) {
console.error(error)
} finally {
con.release();
}
return cb(null, userData);
});
});
module.exports = router;
Reference in New Issue View Git Blame Copy Permalink