-
Notifications
You must be signed in to change notification settings - Fork 56
Expand file tree
/
Copy pathpassportConfig.js
More file actions
116 lines (101 loc) · 3.75 KB
/
passportConfig.js
File metadata and controls
116 lines (101 loc) · 3.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
const passport = require("passport");
const GoogleStrategy = require("passport-google-oauth20").Strategy;
const LocalStrategy = require("passport-local").Strategy;
const isIITBhilaiEmail = require("../utils/isIITBhilaiEmail");
const User = require("../models/userSchema");
const { loginValidate } = require("../utils/authValidate");
const bcrypt = require("bcrypt");
// Google OAuth Strategy
passport.use(
new GoogleStrategy(
{
clientID: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
callbackURL: `${process.env.BACKEND_URL}/auth/google/verify`, // Update with your callback URL
},
async (accessToken, refreshToken, profile, done) => {
// Check if the user already exists in your database
const email = profile.emails?.[0]?.value;
if (!email) {
//console.log("No email found in Google profile");
return done(null, false, { message: "Email not available from Google." });
}
if (!isIITBhilaiEmail(profile.emails[0].value)) {
console.log("Google OAuth blocked for: ", profile.emails[0].value);
return done(null, false, {
message: "Only @iitbhilai.ac.in emails are allowed.",
});
}
try {
const user = await User.findOne({ username: email });
//console.log("Looking for existing user with email:", email, "Found:", !!user);
if (user) {
// If user exists, return the user
//console.log("Returning existing user:", user.username);
return done(null, user);
}
// If user doesn't exist, create a new user in your database
const newUser = await User.create({
username: email,
role: "STUDENT",
strategy: "google",
personal_info: {
name: profile.displayName || "No Name",
email: email,
profilePic:
profile.photos && profile.photos.length > 0
? profile.photos[0].value
: "https://www.gravatar.com/avatar/?d=mp",
},
onboardingComplete: false,
});
//console.log("User is",newUser);
return done(null, newUser);
} catch (error) {
console.error("Error in Google strategy:", error);
return done(error);
}
},
),
);
//Local Strategy
passport.use(new LocalStrategy(async (username, password, done) => {
const result = loginValidate.safeParse({ username, password });
if (!result.success) {
let errors = result.error.issues.map((issue) => issue.message);
return done(null, false, {message: errors});
}
try{
const user = await User.findOne({ username });
if (!user) {
return done(null, false, {message: "Invalid user credentials"});
}
if (user.strategy !== "local" || !user.password) {
return done(null, false, { message: "Invalid login method" });
}
const isValid = await bcrypt.compare(password, user.password);
if (!isValid) {
return done(null, false, { message: "Invalid user credentials" });
}
return done(null, user);
}catch(err){
return done(err);
}
}));
//When login succeeds this will run
// serialize basically converts user obj into a format that can be transmitted(like a string, etc...)
// here take user obj and done callback and store only userId in session
passport.serializeUser((user, done) => {
done(null, user._id.toString());
});
//When a request comes in, take the stored id, fetch full user from DB, and attach it to req.user.
passport.deserializeUser(async (id, done) => {
try {
let user = await User.findById(id);
if(!user) return done(null, false);
done(null, user);
} catch (err) {
done(err, null);
}
});
module.exports = passport;