mongoose-authã§OAuthèªè¨¼
今回ã¯everyauthã¨ã„ã†èªè¨¼ãƒã‚¸ãƒƒã‚¯ã®ãƒ©ãƒƒãƒ‘ーライブラリã§ã¯ãªãã€ã‚µãƒ¼ãƒ“ス毎ã«çºã‚ã¦å¯¾å¿œã—ãŸèªè¨¼ãƒ©ã‚¤ãƒ–ラリを更ã«mongooseã®ãƒ—ラグインã¨ã—ã¦ä½¿ãˆã‚‹mongoose-authを使ã£ã¦èªè¨¼ã•ã›ã¾ã™ï¼ˆã‚„ã‚„ã“ã—ã„)
よã†ã™ã‚‹ã«å€‹äººçš„ãªãƒ¡ãƒ¢ã§ã™
用æ„ã™ã‚‹ã‚‚ã®
- node.js
- mongoose
- mongoose-auth
ãã®å‰ã«
ã“ã®mongoose-authã¯å½¢å¼ã¨ã—ã¦ã¯everyauthã‚’mongooseã‹ã‚‰ä½¿ã†ãŸã‚ã®pluginã¨ã„ã†å½¢å¼ã§ã‚ã‚‹ãŸã‚ã€ã§ãã‚Œã°å‰ã‚‚ã£ã¦everyauthã®çŸ¥è˜ã¯ã‚る程度欲ã—ã„ã¨ã“ã‚ã§ã™ã€‚
実際ã®ã¨ã“ã‚ã€READMEã«ã‚るサンプルãŒå‹•ã‹ã›ã‚Œã°å¤§ä½“ã§ãã¾ã™ï¼ˆãŠãƒï¼‰ã€‚ãŸã READMEã«ç„¡ã„部分ã§ã‚ã‹ã‚Šã«ãã„部分ãŒã‚ã‚‹ã®ã§ãã®ã¸ã‚“をサンプルã§æ›¸ã„ã¦ã¿ã¾ã™
Schemaã®æ‹¡å¼µ
mongoose-authを使ã†ã¨githubãªã‚‰githubモジュールã€facebookãªã‚‰facebookモジュールを使ã†ã®ã§ã€äºˆã‚用æ„ã•ã‚ŒãŸUserSchemaをベースã«DBã«æ ¼ç´ã•ã‚Œã¾ã™
mongoose-auth:lib/modules/github/schema.js
module.exports = {
github: {
id: Number
, login: String
, gravatarId: String
, name: String
, email: String
, publicRepoCount: Number
, publicGistCount: Number
, followingCount: Number
, followersCount: Number
, company: String
, blog: String
, location: String
, permission: String
, createdAt: Date
// Private data
, totalPrivateRepoCount: Number
, collaborators: Number
, diskUsage: Number
, ownedPrivateRepoCount: Number
, privateGistCount: Number
, plan: {
name: String
, collaborators: Number
, space: Number
, privateRepos: Number
}
}
, 'github.type': String
};
ã“ã®ã¾ã¾ã§ã‚‚ã¾ã‚最低é™å¿…è¦ãªæƒ…å ±ã¯ç¢ºä¿ã•ã‚Œã¦ã„ã‚‹ã‚“ã§ã™ãŒã€ã“ã“ã«è¿½åŠ ã§å±žæ€§è¿½åŠ ã—ãŸã„ãªãã€ãªã‚“ã¦æ€ã„ã¾ã™ã‚ˆã。
var mongoose = require('mongoose'),
mongooseAuth = require('mongoose-auth'),
Schema = mongoose.Schema,
ObjectId = mongoose.Schema.ObjectId;
// å…±é€šé …ç›®ã¨ã—ã¦displayNameã¨ã„ã†å±žæ€§ã‚’è¿½åŠ ã™ã‚‹
var UserSchema = new Schema({
displayName: {type:String, default: null}
});
ã“ã†ã—ã¦ãŠãã¨å„モジュールã®Schemaã§è¿½åŠ ã—ãŸé …ç›®ãŒmongoose経由ã§æ›´æ–°ã§ãるよã†ã«ãªã‚Šã¾ã™ã€‚
findOrCreateUserã®è¨å®š
例ãˆã°ã€æ™®é€šã«åˆ©ç”¨ã™ã‚‹å ´åˆã¯ä»¥ä¸‹ã®ã‚ˆã†ãªã‚½ãƒ¼ã‚¹ã§å‹•ãã¾ã™
var mongoose = require('mongoose')
, Schema = mongoose.Schema
, mongooseAuth = require('mongoose-auth');
var UserSchema = new Schema({})
, User;
// STEP 1: Schema Decoration and Configuration for the Routing
UserSchema.plugin(mongooseAuth, {
// Here, we attach your User model to every module
everymodule: {
everyauth: {
User: function () {
return User;
}
}
}
, github: {
everyauth: {
myHostname: 'http://localhost:3000'
, appId: 'YOUR APP ID HERE'
, appSecret: 'YOUR APP SECRET HERE'
, redirectPath: '/'
}
}
});
...
ã“ã‚Œã¯READMEã‹ã‚‰ã®æŠœç²‹ã§ã™ãŒã€UserSchemaã«å¯¾ã™ã‚‹pluginã¨ã—ã¦githubã®è¨å®šé …目を記述ã™ã‚‹ã ã‘ã§ã™ã€‚ã“ã‚Œã¯å®Ÿéš›ã«ã¯everyauthã®githubモジュールã«å¯¾ã™ã‚‹è¨å®šã«ç›´çµã—ã¦ã‚‹ã ã‘ã§ã™ã€‚everyauthã§ã¯findOrCreateUser関数を実装ã—ã¦ã„る訳ã§ã¯ã‚ã‚Šã¾ã›ã‚“ãŒã€everyauthã®OAuth2ã®å®Ÿè£…部分ã§findOrCreateUserã‚’èªè¨¼ã‚·ãƒ¼ã‚±ãƒ³ã‚¹ã®stepã¨ã—ã¦å‘¼ã³å‡ºã—ã¦ã„ã¾ã™ã€‚
everyauth:lib/modules/oauth2.js
.get('callbackPath',
'the callback path that the 3rd party OAuth provider redirects to after an OAuth authorization result - e.g., "/auth/facebook/callback"')
.step('getCode')
.description('retrieves a verifier code from the url query')
.accepts('req res')
.promises('code')
.canBreakTo('authCallbackErrorSteps')
.step('getAccessToken')
.accepts('code')
.promises('accessToken extra')
.step('fetchOAuthUser')
.accepts('accessToken')
.promises('oauthUser')
.step('getSession')
.accepts('req')
.promises('session')
.step('findOrCreateUser') //<- ココ
//.optional()
.accepts('session accessToken extra oauthUser')
.promises('user')
.step('compile')
.accepts('accessToken extra oauthUser user')
.promises('auth')
.step('addToSession')
.accepts('session auth')
.promises(null)
.step('sendResponse')
.accepts('res')
.promises(null)
ã“れを利用ã—ã¦findOrCreateUser関数を定義ã¨ã—ã¦å®Ÿè£…ã—ã¦ã‚„ã‚‹ã¨èªè¨¼å®Œäº†æ™‚ã«è‡ªå‹•çš„ã«findOrCreateUserを実行ã§ãã¾ã™ã€‚所謂hookçš„ãªç‰©ã§ã™ã€‚mongoose-authã§ã¯defaultã®å®šç¾©ã¨ã—ã¦äºˆã‚findOrCreateUser関数ãŒå®šç¾©ã•ã‚Œã¦ã„ã¾ã™ã€‚
mongoose-auth:lib/modules/github/everyauth.js
// Defaults
module.exports = {
findOrCreateUser: function (sess, accessTok, accessTokExtra, ghUser) {
var promise = this.Promise()
, self = this;
// TODO Check user in session or request helper first
// e.g., req.user or sess.auth.userId
this.User()().findOne({'github.id': ghUser.id}, function (err, foundUser) {
if (foundUser)
return promise.fulfill(foundUser);
self.User()().createWithGithub(ghUser, accessTok, function (err, createdUser) {
return promise.fulfill(createdUser);
});
});
return promise;
}
};
ã—ãŸãŒã£ã¦ã“ã®æŒ™å‹•ã‚’変ãˆãŸã„å ´åˆã¯ã“ã„ã¤ã‚’overrideã™ã‚‹å®šç¾©ã‚’è¿½åŠ ã—ã¦ã‚„ã‚Œã°è‰¯ã„訳ã§ã™ã€‚
UserSchema.plugin(mongooseAuth, {
everymodule: {
everyauth: {
User: function() {
return User;
},
handleLogout: function(req, res) {
req.logout();
res.writeHead(303, {'Location': this.logoutRedirectPath()});
res.end();
}
}
},
github: {
everyauth: {
myHostname: conf.myHostname,
appId: conf.github.oauth.appId,
appSecret: conf.github.oauth.appSecret,
scope: 'user,public_repo,repo,gist',
redirectPath: '/',
// ココã‹ã‚‰
findOrCreateUser: function(session, accessTok, accessTokExtra, ghUser) {
var promise = this.Promise(),
User = this.User()();
// mongodbã‹ã‚‰è©²å½“ã™ã‚‹idã®æƒ…å ±ã‚’æ¤œç´¢
User.findOne({'github.id': ghUser.id}, function(err, foundUser) {
if(err) return promise.fail(err);
if(foundUser) return promise.fulfill(foundUser);
// ç„¡ã„å ´åˆã¯UserSchemaã‚’å…ƒã«ä½œæˆ
console.log('CREATE GITHUB USER');
User.createWithGithub(ghUser, accessTok, function(err, createUser) {
if(err) return promise.fail(err);
// Schemaã§å®šç¾©ã—ãŸè¿½åŠ 属性ã«å€¤ã‚’セット
createUser.displayName = ghUser.name;
// ä¿å˜
createUser.save(function(err, modUser) {
if(err) return promise.fail(err);
return promise.fulfill(modUser);
});
});
});
return promise;
}
}
}
});
使ã„é“ã¨ã—ã¦ã¯ã€ä¾‹ãˆã°èªè¨¼å¾Œã®accessTokenã‚’sessionã«å…¥ã‚Œã¦ãŠãã¨ã‹ï¼ˆã„ã„ã‹æ‚ªã„ã‹ã¯åˆ¥ã«ã—ã¦â€¦ï¼‰ã€åˆ¥ã®schemaã‚’æ›´æ–°ã—ãŸã‚Šã¾ã‚ã„ã‚ã„ã‚使ã„é“ã¯ã‚ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。
