From 23f087c460bb3b8c31e831391494f6007b331de8 Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Thu, 14 May 2020 01:41:03 -0700 Subject: [PATCH] More OAuth work. --- meshcentral.js | 1 + public/images/login/intel32.png | Bin 0 -> 1039 bytes public/images/login/intel64.png | Bin 0 -> 2243 bytes public/images/login/reddit32.png | Bin 0 -> 1572 bytes public/images/login/reddit64.png | Bin 0 -> 4496 bytes translate/translate.json | 71 +++++++++++++++---- views/default-mobile.handlebars | 13 ++-- views/login-mobile.handlebars | 20 ++++++ views/login.handlebars | 2 + webserver.js | 117 +++++++++++++++++++++---------- 10 files changed, 166 insertions(+), 58 deletions(-) create mode 100644 public/images/login/intel32.png create mode 100644 public/images/login/intel64.png create mode 100644 public/images/login/reddit32.png create mode 100644 public/images/login/reddit64.png diff --git a/meshcentral.js b/meshcentral.js index 3dfd01d3..d7aa06c2 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -2555,6 +2555,7 @@ function mainStart() { if ((typeof config.domains[i].authstrategies.twitter == 'object') && (typeof config.domains[i].authstrategies.twitter.apikey == 'string') && (typeof config.domains[i].authstrategies.twitter.apisecret == 'string') && (passport.indexOf('passport-twitter') == -1)) { passport.push('passport-twitter'); } if ((typeof config.domains[i].authstrategies.google == 'object') && (typeof config.domains[i].authstrategies.google.clientid == 'string') && (typeof config.domains[i].authstrategies.google.clientsecret == 'string') && (passport.indexOf('passport-google-oauth20') == -1)) { passport.push('passport-google-oauth20'); } if ((typeof config.domains[i].authstrategies.github == 'object') && (typeof config.domains[i].authstrategies.github.clientid == 'string') && (typeof config.domains[i].authstrategies.github.clientsecret == 'string') && (passport.indexOf('passport-github2') == -1)) { passport.push('passport-github2'); } + if ((typeof config.domains[i].authstrategies.reddit == 'object') && (typeof config.domains[i].authstrategies.reddit.clientid == 'string') && (typeof config.domains[i].authstrategies.reddit.clientsecret == 'string') && (passport.indexOf('passport-reddit') == -1)) { passport.push('passport-reddit'); } } if ((config.domains[i].sessionrecording != null) && (config.domains[i].sessionrecording.index == true)) { recordingIndex = true; } } diff --git a/public/images/login/intel32.png b/public/images/login/intel32.png new file mode 100644 index 0000000000000000000000000000000000000000..745ed6afad4398f525268458e44f83bbd6fb84a2 GIT binary patch literal 1039 zcmV+q1n~QbP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D1EfhrK~zXf?Uidt zQ(+j#x3imb&bga5Gt%Wpg*@wzKVQXQ#*ZrrRK8H?G6m34i z(0$%m5SWqwUtn%!N_ePFy+dtq>THC~}DM3%(xR{UAKvvKE8RN+5eCdi0Khs_(FRoqEiKyT$npw>}P|F^US_vU1RFBgj+F z)!icwZ#v8q3B)j3T6{Ppc(H)3x4V(oUjQPV z_dV8)HSkyu}a3PJeIsCRiqlm!NlnFirl2T_1aWf=(%mthu2Er z**DV%gzHtCc~6Q6*#QD7(+;@+8G!^=Hf80RU?OrL&*%--UjL&y_sCCzspi!Qi zU~%{5 znjb?JVsjincT*&66P#bpDwc^ueyxX?JjrLuzk$H>oJ5~FSD?(GH6g=~$sNFE%Ug{P zKaU`L*0c=aP-Zti3?n;`Nr5$sdHIusKXldDaKH)?Dnw(--%X3(>e zg?Z_VGW^QPpDDWOfQ7hIr!7?)y7f-v3IwWbg@l_H$Ip-pb|njgj!qEMwQHT#4Sxct zlQ9?f3F0(+T_&rq0YiWI00001b5ch_0Itp) z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D2v|u(K~!i%?U)Tz zQ|B4SfqavMd=V19!bcGh6+sd0{5VA`TDz^zwK_djyUlvG*5h_o`?2G!&bDV~-P-P~ zwzhUw+imo8tgW@JU-ejKTd}BE4nh!tA|aRnfrOBReBJDSb8l&cOA;tF^_=|9J;{5Y z_a=G&@B6&Z`#g#D`Ft_AGI8|#ElX5Dq=^cMG*JPOCMqD(LGE9Z z9XXP01uxD&)8oQubyd{%?)&UUo5_jW{3OBQ^*Qr1#8fXM6BmHhKTvJ_YgHF~`o7tU zwMB`Gvc+81Bt!*|*SG(iVdt^yRwn_+JGd@qV@VR-H;Rb}APC>#3*Aqi&}A$5zy5)G z^(+~jo9>%DntL2S{D<~h&k%NX<>tIKg$lakW+oy4qd(Tz|Jc&hl5`Pmni}*L=Yqf0 zcUoKt{J8o@i#0MH-4Vb<1b7G^dz`^8B#1`v95k@ev3U@iu!GR3YOyTc-+(bbFi&}C z{WR*~K*Dv|odZ*tm~ch(Su#bb<&+RxC{es1cv9Uy7ql)fDFWgyYgjtprY2) zXZKJK2NGHU=7#Y323_8NUFyYEr?=A`L8++i*>SY}@ei)k_o2XVxV_|sHs+gLg;?4( zHkByxiea3&W}z&Bgb*;~Ce|Kq#`khru|+BIxYS|}-4_&WlINT7j+m|gX@&9L*$PBuY>6#zw@{B!V9jTz3b!v#mdAhd zo!IX89MobcZ*9!QbmH87@zWb0Humeyu1q<1!(8Q-`Kpk~kJAI!A{&ekjw#?sz3Ju8 z4ac_@B=E@?Z+8<%8~V{eYCzt)ywq(VN3Qf8z0&u^Zwomr`lsN{cudG;!JVPG?B#|A z1HFYh%+9lI*6OdUhc__9mOyYIU=yN|D&bO=K$u+!ugr0``*Z1j-l)g8(eofpbQD0GTaq z3WH&x{?#7IrA`~+PcyNpp8B{G*PqYmu^O;^sb`2S!#w+mUS}p}4DeVn{uhH5uhsi$?HuXf?Qi{B&CS?{9zD)1Q4$(F~gQ0 zFT?Islq#fr%;NB@$d^%9X@(uz`?W@!i*&mumZff(LmtMAFbJ^t z*K|aZ7tiE>K}eI5nIq1DO%>Pvaz>vb;jZ-WDAW(Xs%(ApVmFNQp08WBzX9PD_N0IV zzR%&=eNsow{oa-7&#cnW9ZWC`i|ar3I?XQXmI4d1Ci{P9#L z3g1`P-j5mNlBM-KiHDLt2{k;BxLQ` zvxjbejn?2edDV>c;epbd>YyLbkR#X1QIdZjAobOmUDzkc77JAVqs>j=sE6gwTq%lR zoX7VTDmd)83>mL5IezslIX2?vc}Zd(%SZT-8cb92?<-Qgv3^>KhK%kBeD?h%N+enf zGQ~)!)d`$~Kg*e+7W#iV7!38m>1OltR~k_pw(gvZpQo+gR~TGqL53JX!%M{c>2xP; z`VQ%5%GiRyAV9=ptt}$Y`Pa@HKWZGA@JtLjpvOi!269bqtLO^l-Mk)!Qs;5gpBLi1=@O3441 z#*4w~I#S<0_uH*7d%KhpMN z+|>VYfgof1-?o|bO&A3GR{~wTPw1XGO-6Bwcn+&PU$Q(`x-d(emn7hau_ma{k)K{M z*ijJHT({QfY-4Rxl#Y*=r6NBMnF0qAOaKL<>cj7}HT(06Ku~IC$$059o>It>3RnnS zvG}$aA9fD%1)Ixju)4b}F8zS}rvGn8fr@cmu>z%8VM^$zKbp`20A}$}P50l=-awX0 zo4z&E68Wp9OMf&|z9d^RT)|C%umn(`t~=jut*kR0Z|ZOE9t!tkUxVrl<>-8k2<`_* z&y@4V#0vnF@Y^ zN|37*OnMvx6BO|MVe+TsJ0>b1(nJMBny7$C6BQ6?q5>jKR6wM;#RbH~{2%k2lS$OT R-irVL002ovPDHLkV1ffYW2yiE literal 0 HcmV?d00001 diff --git a/public/images/login/reddit32.png b/public/images/login/reddit32.png new file mode 100644 index 0000000000000000000000000000000000000000..373c1a2a8e8b8e3fc226cfdeef3fc550427beebd GIT binary patch literal 1572 zcmV+<2HW|GP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D1-VH?K~zXfwN`s@ zj8_yt_kQ2En+Xv`Nl|YlVUP%AMnp+Rs-voO+EIOsv<%g$$(Xij2Q{N9wjMJc<1rG{ zNEwQjWVA|9(~{}~jZBkzCI~?^HoN;h?(Mnv`}XUG-Aw=So1NWr&pG#;dmi`PC4oQy z9wkU)W1~Yh2MW3$uGjE}yM!^8kVrdpg7^d=0Nl}th2|Y_e!ZF=-bH`@LAh8-Eu8@2 zz|pKlRjYG%HYAgeo(Mfs9QA03?Vz@XZuV)%_7jE{W1W*Q0!C_vmGc4VnJisDh!_qI z?$FjPQiA>{JAhcK0)$XQ$8QXh12N+h%!xU4%DbE@j#d~CIp7wo&-d;tq|W+5U@XR* zd}Zv*tg0N&{|Xgn_|v1ctO>?nXU%W6!OZzY^E#>$4>?%B$h)^7mUV=wD6sRiwWp9W z6OvPD@?hGogQyK>`l@-n<}#nZ4kF@cYU;b4&09zClr)HoQ+93Cwy)9Vy=}~%z(S(Y zMU}2rX(tcCmSy(JMnnX+u4&W9szJZAi~(cj0^Yupx^TLCj!^$}I_d>>_N3?N0oh?D@!6H4eH&=}BXjpLa~_z4{=##w-8L@*wvng!}J zZV7@jqrT2~t{2+TC-iUh`_Z_pff*u|f8sBONK?`4o zUuo5bbnlC_T3-h@s*w-^URO)?kksG|?@k2JhH?71F)d49n#)Zi%;ZMN4&%*Cy>OZE z5&`D_hhM2eLY(Z{CHxW&SVO%ikc}02`rqXajkd7XTUUB6lzWPc%yP%KFuLJ0&y`Ab z>k3wX+h!uHpx<0LLushDm*l=6!fhI!Q=Z$kwBmR7RH9`DXIMat$2&roUJjE08=PqY zH=Y^*35hlnL3CX$JL)!rJTsBGOGs=Ir>Q#xihz1wf8YA@xVpJiYu(mi66(!cX%?1x zR_#$#&1NFp9NNHV1HXg=+AfJjOej|IheJtlLe*FMm6uCaAi?p&M!j=R+c0gtRol#L+<$2WYV<3Sg+sJ_7NIMRMUtezA;k`mGftSea))!_iP={n<3=X#` zgiiHEzG<;i`mG`^gfN3YdY?gj#cnRIsq28S+G@|tv1%YZy(RE0Mvp!)avT{r9J=<_ zT0MqkV>szGm?5A_2lnioB~nk!OhlG{aOCUn^qj ziuflG1-LUf`5m5<=Sm}E=QR6Oef%48=tcoPgPLh+c$;Ed4-Fj+Z_SOAHc2k-BQxd& z$4_;hk|;nU(c?p|J}irWyc(4Mt{x&XMJ_lm-tO6uugb^ve}FKmgkG5eQ|ClJ_co$B zkhpPKDe$Q$4iavOH#6G7?Qo2N!&%Np(7Qica|98H?LdG)%>_8LTRnA{UaG?XDPaQ~ zTgB?w%}UQ;VMWA^H4#e)jeTJ=h@200001b5ch_0Itp) z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D5hY1PK~!i%)mjO3 zRn@uP!#Q_I0GUAwilAW-85E(Zip3Eex@xP|0hd*LTCJ_MPUw3)t%yonc`BA7&J_f0 zeNvF;i2A@*u?|c!h!7AVK|&;ijE`!(A)kPn_n-J0a!GRlQI1@$~eB_$j5f)vU|Mm^z%xJoYIe0w;I5ZY8+z9O| zp=21CT|4ylt!!5X+gHUrPimvxxNd(K@6wI;JVNy9&0|G|NhJ+#9lQ_+E&%kXxDW=+ zhicmw?8Bwbs-=44dS`F7AR{OUg=y9{FbrO}5?r}Os_)V4xD(8YW8~oPYd6VRz?d{l zaHcbq+k^uZfSktg>fP$Czsn_m>GyXDhL`f((2SK=4 z8_^~KKplIK^NMeGhJSn7d2MdIuGY}jw7*qhK^z#&G%n*BR#7bOj~XK`y`GmGkMOWE z;3||<8w9ZN$C&T&m*=p*&4}0R72?q30C=0yN&ob-G;<4#@-_(|^`_6v zLz81$R!ReBDM&+wz!;-J&Is?YPI}_M%QG&3Vn|s9pdbMdVM2$&>+@r??~9@ES<(fw zZ!;2&6}!L}{obJO*Xa(D7Ws%sxe7!hg#tqTC1N$TZ@)h&W z`bl!qV~T4Db(2Xb@QqjNZ`*9vu95?XIRl2mETD|&HY!X_`Gwr@rGD^9*0YbRb%1DV zL6Fu2AaY@-|8Q&3dkYQK9rDxYUcmrEaG>;*ClaTe>uuX)R(~o74RL$-g|}$NAx$Rp z5bS&^+DrxOR_KNNn4hWEL z*FHAy6V|?6de+qB{23vas(ojD%&}tNabmy-F|1T}=!^|A2^9KAZ0PD;!G$B^fvP*E z#GUqH*sd6!*zE4j=Rr6w7O>anCl)-90Hzkl`oaOhh+#i4#qGEX`9GI1E?vVCd#j2* zS(cbHliz){_w1iCTBl7Y-03AO-zu~RXNzxM>pya*6T$;R%@Bi4(YyeZ9JZ|Dv!_Y{ zzQbtrz+jwk%y=$TxM{uIwlP-=R_8)2nIBYav3&>bQCEe{)%;nGLeipsB>w*5V9|4m zIf9ywrf4bvXkZT>`fU1SH&qKCB~u&(f_OY}!dR_E_>Z?81a34;fUX_Gi>j;Cq$|=Z zKQuw8v{Jh(yoYX2{O=nQ#hnRP@ndw6OlT%afP$!=Wmi1Sg*w*zB!_Gk^X&g_&#I;H6+@9RJ zKIw&$b7`RZ1_x6E zKmX_6&#n=tj6?kI+qBknJ;E#Qq&WPDM9lRjNT214@}2$CXm{I?JM4vrd5BnVggh78 zSIw?EEml*N&C7($8c+dk+qj1u8nTI&_R`XiIeO6Xy!0$Nyi^|5PsEDJAec^6u$rnC zeF%bZ=l1Z6HEh)fa``g$O__@5ouYezIPx~|_)=lsjX;2}ad{`%GW)w%A5&seM|ebIHr7f$3IJKH!!)+n?^1x;ed z?x?=r>dk#D{`N~jEWyvYLX@8Bbm|dS?b7eR$zGqA^lCGe8q8pRARYGX`?_n7h)}%% zmR+SQwz*fG>6oD2e_(~wSr#-d90=kl&C=^v^1CLA>g_INB#Ipc8E$-loqK7txIT!<(=h3iWe#iL9)o_r zA@Sed7mK$icen0{Q-N^YqOs@5qmPxe{Ghl8z^>#nHlj3EG6;c_*##j3>%<2QRgpo+lN9wk+)(Zd^3-yK-0xf42ic2|QxIOHGYy+z# zLiRdDAhxpvbEuMR(iuD|S5HpuUbAg0N13ss4HiHG6}xsudCLOvi+Y%wu=4@G#6Jx; zrZ$pZTX@(*WNiM?G*fGoxz;I1Kss_=dxVHUC+001ZEKt>0FqY4c4_llJy6}vx;6XR zMDqaAUs>+Woa)^^!FznF{&rVBXVhsL6B-q)UhYl#m3P;b{-QYw2fh8tKw__7MdiC5 zFw2h3`7XrSt_qZs=vxL@yx=M0r?3qXibflOO2nRB!A%nqFFjhc{Jr>#kEVZniQc!T z31_5zFbEXZHMbK;dv7jGY~LUdg@U02OKx79es>{N!JO$ZHykaT z^Cvf`!%Rv7Ogjtb>B=1q^)d$-gu#LxW%~Z##KN%gLp#n922`_&`A7hWD^i{j=)W@q zgiIlfFMcj{?+x4p z|Eetf^@T}z3t2C>w=>-LF#$W^OC$j81zv1H&x~XMJK-cB-?^OK1Y#kc|b~++Qcf$(I#Qryg8H_ zGYr+o05kCfxXou0Bc@$3_-tk$+`_t(PWQ%Nq>yz(?hEc+^l$E{F%GuKSwSwuS^U~t zQhf(d9@5M!?#OR_P#1S-*03aUQL&OxU{ipoi8=MFqE-Ux;_okUr(P>F*|jm!$BlL$ zeYw8M*0?!sK|Sc!;YZfH zXHE=s=oobA8GUICM|ptG6bAqUfchD79=!0`eae$A7$GWN!A1 zfJ2|?dyGBe5OPJ7eBkg#xuYI}>&5e!3aD3XR>3Gpd#n7}Q@y2&GznrS(o}k(R>Sg5 zS6y}L`Tq)Do2Thm7p=~PoyCGpYvrot=wqVMEHDrhwG+MjTL;QXDxEN^vVxBh!yVo%D?^U_||n$3Hpn$TTfGRJnwU)Ocd!oyV>S-=8MnW zx*CCsVOaY7%ZqNFN)JAoA!X8U&UL2U=H@91ItL?lH%yV|Ul9$}3jp9YYKOY%C-E;= z<=YM*`wu@kIrV8()LtS8>7i2u%!cN4UA6b}Q{v@koIRD4aBNbeyQEdT^AOh&CF06o z#eeuCE?nyZ4ItO!My>u-Pr5W-SDRnpphwSf`7`et%0dwu1OPS2pcl+Z%$jTu6Zz}8 z;>sI6F8LqRS#c*ECZii!Ks{97Q`O<8AFz*?nzD7O`dbr*GEpo#cVz>Hv(Z0v2MlFy z%pQgEbZ>%S)hFyfC%V<&V)v%Ei9V}2ajbjalesq=1jvBbRI#ha#`e`T zeFwWIj$w@-+T~dQ3fWV^u01zd^DW9qPCHW%t1uh%Vaf60=QqVho~9iV%yJcNZQn9{ z5;A0LEMyFkfe!aph5tR5zw(5;w-UQq*0XDJK=}vl^5n;y((&}$PR^Ws0eApCy*M-Z z%!z8BT-iZ7Ni`dWoXa|MUx5xbRP&E zTy>kd_!o|muJk2a`K>)asG4j02z4I11Iz9Vm72l!&Eo7lQplbQAypVWq zikl7%nYTr!JRneYun!AW$fZB#Jbu&tB2ir5^tXaS1t4&3)~(_XPl}aoL7HmCf%xPB zSO5(g^<}tZCiGMoY+A!VdQYzWr{26VURwi3INChw!5rK|E5A#S28b+%Apep-o7L2*oF7%>wND> zUED4Z(oqt<5qaOi;m`;GKEMdWxMK literal 0 HcmV?d00001 diff --git a/translate/translate.json b/translate/translate.json index 5eceabcb..51700810 100644 --- a/translate/translate.json +++ b/translate/translate.json @@ -1891,7 +1891,7 @@ "ru": "Действия учетной записи", "zh-chs": "帳戶動作", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->5->0" + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->3->0" ] }, { @@ -1948,7 +1948,7 @@ "default-mobile.handlebars->9->154", "default-mobile.handlebars->9->62", "default-mobile.handlebars->9->64", - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->1->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->p2AccountSecurity->1->0", "default.handlebars->25->1115", "default.handlebars->25->1117", "default.handlebars->25->461", @@ -5066,7 +5066,7 @@ "ru": "Смена email", "zh-chs": "更改電子郵件地址", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->7->5->changeEmailId->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->5->5->changeEmailId->0", "default.handlebars->container->column_l->p2->p2info->p2AccountActions->3->p2AccountPassActions->accountChangeEmailAddressSpan->0" ] }, @@ -5084,7 +5084,7 @@ "ru": "Смена пароля", "zh-chs": "更改密碼", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->7->7->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->5->7->0", "default.handlebars->container->column_l->p2->p2info->p2AccountActions->3->p2AccountPassActions->3" ] }, @@ -7630,7 +7630,7 @@ "ru": "Удалить учетную запись", "zh-chs": "刪除帳戶", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->7->9->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->5->9->0", "default.handlebars->25->1442", "default.handlebars->container->column_l->p2->p2info->p2AccountActions->3->p2AccountPassActions->7" ] @@ -15495,6 +15495,13 @@ "login.handlebars->container->column_l->centralTable->1->0->logincell->loginpanel->1->7->1->4->3" ] }, + { + "en": "Log in using an existing account", + "xloc": [ + "login-mobile.handlebars->container->page_content->column_l->1->1->0->1->loginpanel->1->authStrategies->3", + "login.handlebars->container->column_l->centralTable->1->0->logincell->loginpanel->1->authStrategies->3" + ] + }, { "cs": "Log-X", "de": "Logarithmische Skala", @@ -16157,7 +16164,7 @@ "ru": "Управление приложением для проверки подлинности", "zh-chs": "管理身份驗證器應用", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->3->manageAuthApp->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->p2AccountSecurity->3->manageAuthApp->0", "default.handlebars->container->column_l->p2->p2info->p2AccountSecurity->3->manageAuthApp->1->0" ] }, @@ -16175,7 +16182,7 @@ "ru": "Управление резервными кодами", "zh-chs": "管理備用碼", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->3->manageOtp->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->p2AccountSecurity->3->manageOtp->0", "default.handlebars->container->column_l->p2->p2info->p2AccountSecurity->3->manageOtp->1->0" ] }, @@ -16193,7 +16200,7 @@ "ru": "Управление аутентификацией электронной почты", "zh-chs": "管理電子郵件身份驗證", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->3->manageEmail2FA->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->p2AccountSecurity->3->manageEmail2FA->0", "default.handlebars->container->column_l->p2->p2info->p2AccountSecurity->3->manageEmail2FA->1->0" ] }, @@ -16207,8 +16214,8 @@ "nl": "Beheer telefoonnummer", "zh-chs": "管理电话号码", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->3->managePhoneNumber1->0", - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->7->1->managePhoneNumber2->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->5->1->managePhoneNumber2->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->p2AccountSecurity->3->managePhoneNumber1->0", "default.handlebars->container->column_l->p2->p2info->p2AccountActions->3->managePhoneNumber2->0", "default.handlebars->container->column_l->p2->p2info->p2AccountSecurity->3->managePhoneNumber1->1->0" ] @@ -23900,6 +23907,40 @@ "default.handlebars->container->column_l->p6->p6info->p2ServerActions->3->p2ServerActionsErrors->0" ] }, + { + "en": "Sign-in using GitHub", + "xloc": [ + "login-mobile.handlebars->container->page_content->column_l->1->1->0->1->loginpanel->1->authStrategies->auth-github", + "login.handlebars->container->column_l->centralTable->1->0->logincell->loginpanel->1->authStrategies->auth-github" + ] + }, + { + "en": "Sign-in using Google", + "xloc": [ + "login-mobile.handlebars->container->page_content->column_l->1->1->0->1->loginpanel->1->authStrategies->auth-google", + "login.handlebars->container->column_l->centralTable->1->0->logincell->loginpanel->1->authStrategies->auth-google" + ] + }, + { + "en": "Sign-in using Intel", + "xloc": [ + "login-mobile.handlebars->container->page_content->column_l->1->1->0->1->loginpanel->1->authStrategies->auth-intel" + ] + }, + { + "en": "Sign-in using Reddit", + "xloc": [ + "login-mobile.handlebars->container->page_content->column_l->1->1->0->1->loginpanel->1->authStrategies->auth-reddit", + "login.handlebars->container->column_l->centralTable->1->0->logincell->loginpanel->1->authStrategies->auth-reddit" + ] + }, + { + "en": "Sign-in using Twitter", + "xloc": [ + "login-mobile.handlebars->container->page_content->column_l->1->1->0->1->loginpanel->1->authStrategies->auth-twitter", + "login.handlebars->container->column_l->centralTable->1->0->logincell->loginpanel->1->authStrategies->auth-twitter" + ] + }, { "cs": "Jednoduchý režim řízený správcem (ACM)", "de": "Einfacher Admin Control Mode (ACM)", @@ -27958,7 +27999,7 @@ "ru": "Подтвердить email", "zh-chs": "驗證郵件", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->7->3->verifyEmailId->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->5->3->verifyEmailId->0", "default.handlebars->container->column_l->p2->p2info->p2AccountActions->3->verifyEmailId->0" ] }, @@ -30992,10 +31033,10 @@ "ru": "✓", "ko": "✓", "xloc": [ - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->3->manageAuthApp->authAppSetupCheck->0", - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->3->manageEmail2FA->authEmailSetupCheck->0", - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->3->manageOtp->authCodesSetupCheck->0", - "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->3->managePhoneNumber1->authPhoneNumberCheck->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->p2AccountSecurity->3->manageAuthApp->authAppSetupCheck->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->p2AccountSecurity->3->manageEmail2FA->authEmailSetupCheck->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->p2AccountSecurity->3->manageOtp->authCodesSetupCheck->0", + "default-mobile.handlebars->container->page_content->column_l->p3->p3info->1->p3AccountActions->p2AccountSecurity->3->managePhoneNumber1->authPhoneNumberCheck->0", "default.handlebars->container->column_l->p13->p13filetable->p13bigok->0", "default.handlebars->container->column_l->p2->p2info->p2AccountSecurity->3->manageAuthApp->0->authAppSetupCheck->0", "default.handlebars->container->column_l->p2->p2info->p2AccountSecurity->3->manageEmail2FA->0->authEmailSetupCheck->0", diff --git a/views/default-mobile.handlebars b/views/default-mobile.handlebars index e150f8e2..e99a809b 100644 --- a/views/default-mobile.handlebars +++ b/views/default-mobile.handlebars @@ -295,12 +295,14 @@
+
@@ -382,6 +383,7 @@ if (authStrategies.indexOf('twitter') >= 0) { QV('auth-twitter', true); } if (authStrategies.indexOf('google') >= 0) { QV('auth-google', true); } if (authStrategies.indexOf('github') >= 0) { QV('auth-github', true); } + if (authStrategies.indexOf('reddit') >= 0) { QV('auth-reddit', true); } } // Display the welcome text diff --git a/webserver.js b/webserver.js index ede4b3b6..11311345 100644 --- a/webserver.js +++ b/webserver.js @@ -1678,6 +1678,44 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { }); } + // Called when a strategy login occured + // This is called after a succesful Oauth to Twitter, Google, GitHub... + function handleStrategyLogin(req, res) { + const domain = checkUserIpAddress(req, res); + if (domain == null) { return; } + parent.debug('web', 'handleStrategyLogin: ' + JSON.stringify(req.user)); + if ((req.user != null) && (req.user.id != null) && (domain.id == req.user.id.split('/')[1])) { + const userid = req.user.id; + var user = obj.users[userid]; + if (user == null) { + // Create the user + parent.debug('web', 'handleStrategyLogin: creating new user: ' + userid); + user = { type: 'user', _id: userid, name: req.user.name, email: req.user.email, domain: domain.id }; + if (req.user.email != null) { user.email = req.user.email; user.emailVerified = true; } + obj.users[userid] = user; + obj.db.SetUser(user); + // TODO: Event user creation + req.session.userid = req.user.id; + req.session.domainid = domain.id; + } else { + // Login success + var userChange = false; + if ((req.user.name != null) && (req.user.name != user.name)) { user.name = req.user.name; userChange = true; } + if ((req.user.email != null) && (req.user.email != user.email)) { user.email = req.user.email; user.emailVerified = true; userChange = true; } + if (userChange) { + obj.db.SetUser(user); + // TODO: Event user change + } + parent.debug('web', 'handleStrategyLogin: succesful login: ' + userid); + req.session.userid = req.user.id; + req.session.domainid = domain.id; + } + } + //res.redirect(domain.url); // This does not handle cookie correctly. + res.set('Content-Type', 'text/html'); + res.end(''); + } + // Indicates that any request to "/" should render "default" or "login" depending on login state function handleRootRequest(req, res, direct) { const domain = checkUserIpAddress(req, res); @@ -1865,7 +1903,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { if (obj.args.allowhighqualitydesktop !== false) { features += 0x00000200; } // Enable AllowHighQualityDesktop (Default true) if (obj.args.lanonly == true || obj.args.mpsport == 0) { features += 0x00000400; } // No CIRA if ((obj.parent.serverSelfWriteAllowed == true) && (user != null) && (user.siteadmin == 0xFFFFFFFF)) { features += 0x00000800; } // Server can self-write (Allows self-update) - if ((parent.config.settings.no2factorauth !== true) && (domain.auth != 'sspi') && (obj.parent.certificates.CommonName.indexOf('.') != -1) && (obj.args.nousers !== true)) { features += 0x00001000; } // 2-step login supported + if ((parent.config.settings.no2factorauth !== true) && (domain.auth != 'sspi') && (obj.parent.certificates.CommonName.indexOf('.') != -1) && (obj.args.nousers !== true) && (user._id.split('/')[2][0] != '~')) { features += 0x00001000; } // 2FA login supported if (domain.agentnoproxy === true) { features += 0x00002000; } // Indicates that agents should be installed without using a HTTP proxy if ((parent.config.settings.no2factorauth !== true) && domain.yubikey && domain.yubikey.id && domain.yubikey.secret) { features += 0x00004000; } // Indicates Yubikey support if (domain.geolocation == true) { features += 0x00008000; } // Enable geo-location features @@ -1997,6 +2035,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { if ((typeof domain.authstrategies.twitter == 'object') && (typeof domain.authstrategies.twitter.apikey == 'string') && (typeof domain.authstrategies.twitter.apisecret == 'string')) { authStrategies.push('twitter'); } if ((typeof domain.authstrategies.google == 'object') && (typeof domain.authstrategies.google.clientid == 'string') && (typeof domain.authstrategies.google.clientsecret == 'string')) { authStrategies.push('google'); } if ((typeof domain.authstrategies.github == 'object') && (typeof domain.authstrategies.github.clientid == 'string') && (typeof domain.authstrategies.github.clientsecret == 'string')) { authStrategies.push('github'); } + if ((typeof domain.authstrategies.reddit == 'object') && (typeof domain.authstrategies.reddit.clientid == 'string') && (typeof domain.authstrategies.reddit.clientsecret == 'string')) { authStrategies.push('reddit'); } + if ((typeof domain.authstrategies.intel == 'object') && (typeof domain.authstrategies.intel.clientid == 'string') && (typeof domain.authstrategies.intel.clientsecret == 'string')) { authStrategies.push('intel'); } } // Render the login page @@ -3997,19 +4037,17 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { obj.app.get(url + 'pluginHandler.js', obj.handlePluginJS); } - // Setup passport if needed + // Setup auth strategies using passport if needed if (typeof domain.authstrategies == 'object') { const passport = domain.passport = require('passport'); passport.serializeUser(function (user, done) { done(null, user.id); }); passport.deserializeUser(function (id, done) { done(null, { id: id }); }); obj.app.use(passport.initialize()); + + // Twitter if ((typeof domain.authstrategies.twitter == 'object') && (typeof domain.authstrategies.twitter.apikey == 'string') && (typeof domain.authstrategies.twitter.apisecret == 'string')) { const TwitterStrategy = require('passport-twitter'); - passport.use(new TwitterStrategy({ - consumerKey: domain.authstrategies.twitter.apikey, - consumerSecret: domain.authstrategies.twitter.apisecret, - callbackURL: url + 'auth-twitter-callback' - }, + passport.use(new TwitterStrategy({ consumerKey: domain.authstrategies.twitter.apikey, consumerSecret: domain.authstrategies.twitter.apisecret, callbackURL: url + 'auth-twitter-callback' }, function (token, tokenSecret, profile, cb) { var user = { id: 'user/' + domain.id + '/~twitter:' + profile.id, name: profile.displayName }; if ((typeof profile.emails == 'object') && (profile.emails[0] != null) && (typeof profile.emails[0].value == 'string')) { user.email = profile.emails[0].value; } @@ -4017,21 +4055,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { } )); obj.app.get(url + 'auth-twitter', domain.passport.authenticate('twitter')); - obj.app.get(url + 'auth-twitter-callback', - domain.passport.authenticate('twitter', { failureRedirect: '/' }), - function (req, res) { - // Successful authentication, redirect home. - console.log('Twitter', req.session, req.user); - res.redirect('/'); - }); + obj.app.get(url + 'auth-twitter-callback', domain.passport.authenticate('twitter', { failureRedirect: '/' }), handleStrategyLogin); } + + // Google if ((typeof domain.authstrategies.google == 'object') && (typeof domain.authstrategies.google.clientid == 'string') && (typeof domain.authstrategies.google.clientsecret == 'string')) { const GoogleStrategy = require('passport-google-oauth20'); - passport.use(new GoogleStrategy({ - clientID: domain.authstrategies.google.clientid, - clientSecret: domain.authstrategies.google.clientsecret, - callbackURL: url + 'auth-google-callback' - }, + passport.use(new GoogleStrategy({ clientID: domain.authstrategies.google.clientid, clientSecret: domain.authstrategies.google.clientsecret, callbackURL: url + 'auth-google-callback' }, function (token, tokenSecret, profile, cb) { var user = { id: 'user/' + domain.id + '/~google:' + profile.id, name: profile.displayName }; if ((typeof profile.emails == 'object') && (profile.emails[0] != null) && (typeof profile.emails[0].value == 'string') && (profile.emails[0].verified == true)) { user.email = profile.emails[0].value; } @@ -4039,21 +4069,13 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { } )); obj.app.get(url + 'auth-google', domain.passport.authenticate('google', { scope: ['profile', 'email'] })); - obj.app.get(url + 'auth-google-callback', - domain.passport.authenticate('google', { failureRedirect: '/' }), - function (req, res) { - // Successful authentication, redirect home. - console.log('Google', req.session, req.user); - res.redirect('/'); - }); + obj.app.get(url + 'auth-google-callback', domain.passport.authenticate('google', { failureRedirect: '/' }), handleStrategyLogin); } + + // Github if ((typeof domain.authstrategies.github == 'object') && (typeof domain.authstrategies.github.clientid == 'string') && (typeof domain.authstrategies.github.clientsecret == 'string')) { const GitHubStrategy = require('passport-github2'); - passport.use(new GitHubStrategy({ - clientID: domain.authstrategies.github.clientid, - clientSecret: domain.authstrategies.github.clientsecret, - callbackURL: url + 'auth-github-callback' - }, + passport.use(new GitHubStrategy({ clientID: domain.authstrategies.github.clientid, clientSecret: domain.authstrategies.github.clientsecret, callbackURL: url + 'auth-github-callback' }, function (token, tokenSecret, profile, cb) { var user = { id: 'user/' + domain.id + '/~github:' + profile.id, name: profile.displayName }; if ((typeof profile.emails == 'object') && (profile.emails[0] != null) && (typeof profile.emails[0].value == 'string')) { user.email = profile.emails[0].value; } @@ -4061,13 +4083,32 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { } )); obj.app.get(url + 'auth-github', domain.passport.authenticate('github', { scope: ['user:email'] })); - obj.app.get(url + 'auth-github-callback', - domain.passport.authenticate('github', { failureRedirect: '/' }), - function (req, res) { - // Successful authentication, redirect home. - console.log('GitHub', req.session, req.user); - res.redirect('/'); - }); + obj.app.get(url + 'auth-github-callback', domain.passport.authenticate('github', { failureRedirect: '/' }), handleStrategyLogin); + } + + // Reddit + if ((typeof domain.authstrategies.reddit == 'object') && (typeof domain.authstrategies.reddit.clientid == 'string') && (typeof domain.authstrategies.reddit.clientsecret == 'string')) { + const RedditStrategy = require('passport-reddit'); + passport.use(new RedditStrategy.Strategy({ clientID: domain.authstrategies.reddit.clientid, clientSecret: domain.authstrategies.reddit.clientsecret, callbackURL: url + 'auth-reddit-callback' }, + function (token, tokenSecret, profile, cb) { + var user = { id: 'user/' + domain.id + '/~reddit:' + profile.id, name: profile.name }; + if ((typeof profile.emails == 'object') && (profile.emails[0] != null) && (typeof profile.emails[0].value == 'string')) { user.email = profile.emails[0].value; } + return cb(null, user); + } + )); + obj.app.get(url + 'auth-reddit', function(req, res, next) { + domain.passport.authenticate('reddit', { state: 'rcookie', duration: 'permanent' })(req, res, next); // TODO: Replace 'rcookie' with a time-limited cookie + }); + obj.app.get(url + 'auth-reddit-callback', + function(req, res, next) { + if (req.query.state == 'rcookie') { + delete req.session.rstate; + domain.passport.authenticate('reddit', { failureRedirect: '/' })(req, res, next); + } else { + delete req.session.rstate; + next(new Error(403)); + } + }, handleStrategyLogin); } }