trilium/src/routes/login.js

"use strict";

const utils = require('../services/utils');
const optionService = require('../services/options');
const myScryptService = require('../services/my_scrypt');

function loginPage(req, res) {
    res.render('login', { failedAuth: false });
}

function login(req, res) {
    const userName = optionService.getOption('username');

    const guessedPassword = req.body.password;

    if (req.body.username === userName && verifyPassword(guessedPassword)) {
        const rememberMe = req.body.remember_me;

        req.session.regenerate(() => {
            if (rememberMe) {
                req.session.cookie.maxAge = 21 * 24 * 3600000;  // 3 weeks
            } else {
                req.session.cookie.expires = false;
            }

            req.session.loggedIn = true;
            res.redirect('.');
        });
    }
    else {
        res.render('login', {'failedAuth': true});
    }
}

function verifyPassword(guessedPassword) {
    const hashed_password = utils.fromBase64(optionService.getOption('passwordVerificationHash'));

    const guess_hashed = myScryptService.getVerificationHash(guessedPassword);

    return guess_hashed.equals(hashed_password);
}

function logout(req, res) {
    req.session.regenerate(() => {
        req.session.loggedIn = false;

        res.redirect('login');
    });

}

module.exports = {
    loginPage,
    login,
    logout
};
use strict in all JS files 2017-10-22 09:10:33 +08:00			`"use strict";`

reorganization of source code 2017-10-16 07:47:05 +08:00			`const utils = require('../services/utils');`
refactored backend to use new naming convention for modules 2018-04-02 09:27:46 +08:00			`const optionService = require('../services/options');`
			`const myScryptService = require('../services/my_scrypt');`
node authentication 2017-10-16 04:32:49 +08:00
converted of web (non-api) routes, basic conversion completed 2018-03-31 07:31:22 +08:00			`function loginPage(req, res) {`
			`res.render('login', { failedAuth: false });`
			`}`
node authentication 2017-10-16 04:32:49 +08:00
syncification 2020-06-20 18:31:38 +08:00			`function login(req, res) {`
			`const userName = optionService.getOption('username');`
node authentication 2017-10-16 04:32:49 +08:00
			`const guessedPassword = req.body.password;`

syncification 2020-06-20 18:31:38 +08:00			`if (req.body.username === userName && verifyPassword(guessedPassword)) {`
remember me reimplemented 2017-10-17 07:14:15 +08:00			`const rememberMe = req.body.remember_me;`
node authentication 2017-10-16 04:32:49 +08:00
regenerate session after login/logout 2017-10-16 08:16:30 +08:00			`req.session.regenerate(() => {`
remember me reimplemented 2017-10-17 07:14:15 +08:00			`if (rememberMe) {`
			`req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks`
			`} else {`
			`req.session.cookie.expires = false;`
			`}`

regenerate session after login/logout 2017-10-16 08:16:30 +08:00			`req.session.loggedIn = true;`
fix redirect after login 2019-05-23 03:25:13 +08:00			`res.redirect('.');`
regenerate session after login/logout 2017-10-16 08:16:30 +08:00			`});`
node authentication 2017-10-16 04:32:49 +08:00			`}`
			`else {`
			`res.render('login', {'failedAuth': true});`
			`}`
converted of web (non-api) routes, basic conversion completed 2018-03-31 07:31:22 +08:00			`}`
node authentication 2017-10-16 04:32:49 +08:00
syncification 2020-06-20 18:31:38 +08:00			`function verifyPassword(guessedPassword) {`
			`const hashed_password = utils.fromBase64(optionService.getOption('passwordVerificationHash'));`
node authentication 2017-10-16 04:32:49 +08:00
syncification 2020-06-20 18:31:38 +08:00			`const guess_hashed = myScryptService.getVerificationHash(guessedPassword);`
node authentication 2017-10-16 04:32:49 +08:00
			`return guess_hashed.equals(hashed_password);`
			`}`

converted of web (non-api) routes, basic conversion completed 2018-03-31 07:31:22 +08:00			`function logout(req, res) {`
			`req.session.regenerate(() => {`
			`req.session.loggedIn = false;`

fix login/logout redirects when not in the document root 2019-04-12 04:04:36 +08:00			`res.redirect('login');`
converted of web (non-api) routes, basic conversion completed 2018-03-31 07:31:22 +08:00			`});`

			`}`

			`module.exports = {`
			`loginPage,`
			`login,`
			`logout`
			`};`