Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-18 01:10:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

refactor: improve passport strategy handling in async/await manner to prevent race conditions upon importing modules (#682)

Browse source
This commit is contained in:
Danny Avila 2023-07-22 07:29:17 -07:00 committed by GitHub
parent e38483a8b9
commit 6943f1c2c7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 273 additions and 246 deletions
Download patch file Download diff file Expand all files Collapse all files

2
api/package.json
View file

@ -51,7 +51,9 @@
"openai": "^3.2.1",
"openid-client": "^5.4.2",
"passport": "^0.6.0",
"passport-discord": "^0.1.4",
"passport-facebook": "^3.0.0",
"passport-github2": "^0.1.12",
"passport-google-oauth20": "^2.0.0",
"passport-jwt": "^4.0.1",
"passport-local": "^1.0.0",

23
api/server/index.js
View file

@ -11,6 +11,15 @@ const passport = require('passport');
const port = process.env.PORT || 3080;
const host = process.env.HOST || 'localhost';
const projectPath = path.join(__dirname, '..', '..', 'client');
const {
jwtLogin,
passportLogin,
googleLogin,
githubLogin,
discordLogin,
facebookLogin,
setupOpenId,
} = require('../strategies');
// Init the config and validate it
const config = require('../../config/loader');
@ -40,19 +49,19 @@ config.validate(); // Validate the config
// OAUTH
app.use(passport.initialize());
require('../strategies/jwtStrategy');
require('../strategies/localStrategy');
passport.use(await jwtLogin());
passport.use(await passportLogin());
if (process.env.GOOGLE_CLIENT_ID && process.env.GOOGLE_CLIENT_SECRET) {
require('../strategies/googleStrategy');
passport.use(await googleLogin());
}
if (process.env.FACEBOOK_CLIENT_ID && process.env.FACEBOOK_CLIENT_SECRET) {
require('../strategies/facebookStrategy');
passport.use(await facebookLogin());
}
if (process.env.GITHUB_CLIENT_ID && process.env.GITHUB_CLIENT_SECRET) {
require('../strategies/githubStrategy');
passport.use(await githubLogin());
}
if (process.env.DISCORD_CLIENT_ID && process.env.DISCORD_CLIENT_SECRET) {
require('../strategies/discordStrategy');
passport.use(await discordLogin());
}
if (
process.env.OPENID_CLIENT_ID &&
@ -69,7 +78,7 @@ config.validate(); // Validate the config
}),
);
app.use(passport.session());
require('../strategies/openidStrategy');
await setupOpenId();
}
app.use('/oauth', routes.oauth);
// api endpoint

86
api/strategies/discordStrategy.js
View file

@ -1,51 +1,51 @@
const passport = require('passport');
const { Strategy: DiscordStrategy } = require('passport-discord');
const User = require('../models/User');
const config = require('../../config/loader');
const domains = config.domains;
const discordLogin = new DiscordStrategy(
{
clientID: process.env.DISCORD_CLIENT_ID,
clientSecret: process.env.DISCORD_CLIENT_SECRET,
callbackURL: `${domains.server}${process.env.DISCORD_CALLBACK_URL}`,
scope: ['identify', 'email'], // Request scopes
authorizationURL: 'https://discord.com/api/oauth2/authorize?prompt=none', // Add the prompt query parameter
},
async (accessToken, refreshToken, profile, cb) => {
try {
const email = profile.email;
const discordId = profile.id;
const discordLogin = async () =>
new DiscordStrategy(
{
clientID: process.env.DISCORD_CLIENT_ID,
clientSecret: process.env.DISCORD_CLIENT_SECRET,
callbackURL: `${domains.server}${process.env.DISCORD_CALLBACK_URL}`,
scope: ['identify', 'email'], // Request scopes
authorizationURL: 'https://discord.com/api/oauth2/authorize?prompt=none', // Add the prompt query parameter
},
async (accessToken, refreshToken, profile, cb) => {
try {
const email = profile.email;
const discordId = profile.id;
const oldUser = await User.findOne({ email });
if (oldUser) {
return cb(null, oldUser);
const oldUser = await User.findOne({ email });
if (oldUser) {
return cb(null, oldUser);
}
let avatarURL;
if (profile.avatar) {
const format = profile.avatar.startsWith('a_') ? 'gif' : 'png';
avatarURL = `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.${format}`;
} else {
const defaultAvatarNum = Number(profile.discriminator) % 5;
avatarURL = `https://cdn.discordapp.com/embed/avatars/${defaultAvatarNum}.png`;
}
const newUser = await User.create({
provider: 'discord',
discordId,
username: profile.username,
email,
name: profile.global_name,
avatar: avatarURL,
});
cb(null, newUser);
} catch (err) {
console.error(err);
cb(err);
}
},
);
let avatarURL;
if (profile.avatar) {
const format = profile.avatar.startsWith('a_') ? 'gif' : 'png';
avatarURL = `https://cdn.discordapp.com/avatars/${profile.id}/${profile.avatar}.${format}`;
} else {
const defaultAvatarNum = Number(profile.discriminator) % 5;
avatarURL = `https://cdn.discordapp.com/embed/avatars/${defaultAvatarNum}.png`;
}
const newUser = await User.create({
provider: 'discord',
discordId,
username: profile.username,
email,
name: profile.global_name,
avatar: avatarURL,
});
cb(null, newUser);
} catch (err) {
console.error(err);
cb(err);
}
},
);
passport.use(discordLogin);
module.exports = discordLogin;

96
api/strategies/facebookStrategy.js
View file

@ -1,59 +1,59 @@
const passport = require('passport');
const FacebookStrategy = require('passport-facebook').Strategy;
const User = require('../models/User');
const config = require('../../config/loader');
const domains = config.domains;
// facebook strategy
const facebookLogin = new FacebookStrategy(
{
clientID: process.env.FACEBOOK_APP_ID,
clientSecret: process.env.FACEBOOK_SECRET,
callbackURL: `${domains.server}${process.env.FACEBOOK_CALLBACK_URL}`,
proxy: true,
// profileFields: [
// 'id',
// 'email',
// 'gender',
// 'profileUrl',
// 'displayName',
// 'locale',
// 'name',
// 'timezone',
// 'updated_time',
// 'verified',
// 'picture.type(large)'
// ]
},
async (accessToken, refreshToken, profile, done) => {
console.log('facebookLogin => profile', profile);
try {
const oldUser = await User.findOne({ email: profile.emails[0].value });
const facebookLogin = async () =>
new FacebookStrategy(
{
clientID: process.env.FACEBOOK_APP_ID,
clientSecret: process.env.FACEBOOK_SECRET,
callbackURL: `${domains.server}${process.env.FACEBOOK_CALLBACK_URL}`,
proxy: true,
// profileFields: [
// 'id',
// 'email',
// 'gender',
// 'profileUrl',
// 'displayName',
// 'locale',
// 'name',
// 'timezone',
// 'updated_time',
// 'verified',
// 'picture.type(large)'
// ]
},
async (accessToken, refreshToken, profile, done) => {
console.log('facebookLogin => profile', profile);
try {
const oldUser = await User.findOne({ email: profile.emails[0].value });
if (oldUser) {
console.log('FACEBOOK LOGIN => found user', oldUser);
return done(null, oldUser);
if (oldUser) {
console.log('FACEBOOK LOGIN => found user', oldUser);
return done(null, oldUser);
}
} catch (err) {
console.log(err);
}
} catch (err) {
console.log(err);
}
// register user
try {
const newUser = await new User({
provider: 'facebook',
facebookId: profile.id,
username: profile.name.givenName + profile.name.familyName,
email: profile.emails[0].value,
name: profile.displayName,
avatar: profile.photos[0].value,
}).save();
// register user
try {
const newUser = await new User({
provider: 'facebook',
facebookId: profile.id,
username: profile.name.givenName + profile.name.familyName,
email: profile.emails[0].value,
name: profile.displayName,
avatar: profile.photos[0].value,
}).save();
done(null, newUser);
} catch (err) {
console.log(err);
}
},
);
done(null, newUser);
} catch (err) {
console.log(err);
}
},
);
passport.use(facebookLogin);
module.exports = facebookLogin;

76
api/strategies/githubStrategy.js
View file

@ -1,4 +1,3 @@
const passport = require('passport');
const { Strategy: GitHubStrategy } = require('passport-github2');
const config = require('../../config/loader');
const domains = config.domains;
@ -6,42 +5,43 @@ const domains = config.domains;
const User = require('../models/User');
// GitHub strategy
const githubLogin = new GitHubStrategy(
{
clientID: process.env.GITHUB_CLIENT_ID,
clientSecret: process.env.GITHUB_CLIENT_SECRET,
callbackURL: `${domains.server}${process.env.GITHUB_CALLBACK_URL}`,
proxy: false,
scope: ['user:email'], // Request email scope
},
async (accessToken, refreshToken, profile, cb) => {
try {
let email;
if (profile.emails && profile.emails.length > 0) {
email = profile.emails[0].value;
const githubLogin = async () =>
new GitHubStrategy(
{
clientID: process.env.GITHUB_CLIENT_ID,
clientSecret: process.env.GITHUB_CLIENT_SECRET,
callbackURL: `${domains.server}${process.env.GITHUB_CALLBACK_URL}`,
proxy: false,
scope: ['user:email'], // Request email scope
},
async (accessToken, refreshToken, profile, cb) => {
try {
let email;
if (profile.emails && profile.emails.length > 0) {
email = profile.emails[0].value;
}
const oldUser = await User.findOne({ email });
if (oldUser) {
return cb(null, oldUser);
}
const newUser = await new User({
provider: 'github',
githubId: profile.id,
username: profile.username,
email,
emailVerified: profile.emails[0].verified,
name: profile.displayName,
avatar: profile.photos[0].value,
}).save();
cb(null, newUser);
} catch (err) {
console.error(err);
cb(err);
}
},
);
const oldUser = await User.findOne({ email });
if (oldUser) {
return cb(null, oldUser);
}
const newUser = await new User({
provider: 'github',
githubId: profile.id,
username: profile.username,
email,
emailVerified: profile.emails[0].verified,
name: profile.displayName,
avatar: profile.photos[0].value,
}).save();
cb(null, newUser);
} catch (err) {
console.error(err);
cb(err);
}
},
);
passport.use(githubLogin);
module.exports = githubLogin;

66
api/strategies/googleStrategy.js
View file

@ -1,4 +1,3 @@
const passport = require('passport');
const { Strategy: GoogleStrategy } = require('passport-google-oauth20');
const config = require('../../config/loader');
const domains = config.domains;
@ -6,38 +5,39 @@ const domains = config.domains;
const User = require('../models/User');
// google strategy
const googleLogin = new GoogleStrategy(
{
clientID: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
callbackURL: `${domains.server}${process.env.GOOGLE_CALLBACK_URL}`,
proxy: true,
},
async (accessToken, refreshToken, profile, cb) => {
try {
const oldUser = await User.findOne({ email: profile.emails[0].value });
if (oldUser) {
return cb(null, oldUser);
const googleLogin = async () =>
new GoogleStrategy(
{
clientID: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
callbackURL: `${domains.server}${process.env.GOOGLE_CALLBACK_URL}`,
proxy: true,
},
async (accessToken, refreshToken, profile, cb) => {
try {
const oldUser = await User.findOne({ email: profile.emails[0].value });
if (oldUser) {
return cb(null, oldUser);
}
} catch (err) {
console.log(err);
}
} catch (err) {
console.log(err);
}
try {
const newUser = await new User({
provider: 'google',
googleId: profile.id,
username: profile.name.givenName,
email: profile.emails[0].value,
emailVerified: profile.emails[0].verified,
name: `${profile.name.givenName} ${profile.name.familyName}`,
avatar: profile.photos[0].value,
}).save();
cb(null, newUser);
} catch (err) {
console.log(err);
}
},
);
try {
const newUser = await new User({
provider: 'google',
googleId: profile.id,
username: profile.name.givenName,
email: profile.emails[0].value,
emailVerified: profile.emails[0].verified,
name: `${profile.name.givenName} ${profile.name.familyName}`,
avatar: profile.photos[0].value,
}).save();
cb(null, newUser);
} catch (err) {
console.log(err);
}
},
);
passport.use(googleLogin);
module.exports = googleLogin;

17
api/strategies/index.js Normal file
View file

@ -0,0 +1,17 @@
const passportLogin = require('./localStrategy');
const googleLogin = require('./googleStrategy');
const githubLogin = require('./githubStrategy');
const discordLogin = require('./discordStrategy');
const jwtLogin = require('./jwtStrategy');
const facebookLogin = require('./facebookStrategy');
const setupOpenId = require('./openidStrategy');
module.exports = {
passportLogin,
googleLogin,
githubLogin,
discordLogin,
jwtLogin,
facebookLogin,
setupOpenId,
};

40
api/strategies/jwtStrategy.js
View file

@ -1,26 +1,26 @@
const passport = require('passport');
const { Strategy: JwtStrategy, ExtractJwt } = require('passport-jwt');
const User = require('../models/User');
// JWT strategy
const jwtLogin = new JwtStrategy(
{
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: process.env.JWT_SECRET,
},
async (payload, done) => {
try {
const user = await User.findById(payload.id);
if (user) {
done(null, user);
} else {
console.log('JwtStrategy => no user found');
done(null, false);
const jwtLogin = async () =>
new JwtStrategy(
{
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: process.env.JWT_SECRET,
},
async (payload, done) => {
try {
const user = await User.findById(payload.id);
if (user) {
done(null, user);
} else {
console.log('JwtStrategy => no user found');
done(null, false);
}
} catch (err) {
done(err, false);
}
} catch (err) {
done(err, false);
}
},
);
},
);
passport.use(jwtLogin);
module.exports = jwtLogin;

88
api/strategies/localStrategy.js
View file

@ -1,62 +1,60 @@
const passport = require('passport');
const PassportLocalStrategy = require('passport-local').Strategy;
const User = require('../models/User');
const { loginSchema } = require('./validators');
const DebugControl = require('../utils/debug.js');
const passportLogin = new PassportLocalStrategy(
{
usernameField: 'email',
passwordField: 'password',
session: false,
passReqToCallback: true,
},
async (req, email, password, done) => {
const { error } = loginSchema.validate(req.body);
if (error) {
log({
title: 'Passport Local Strategy - Validation Error',
parameters: [{ name: 'req.body', value: req.body }],
});
return done(null, false, { message: error.details[0].message });
}
try {
const user = await User.findOne({ email: email.trim() });
if (!user) {
const passportLogin = async () =>
new PassportLocalStrategy(
{
usernameField: 'email',
passwordField: 'password',
session: false,
passReqToCallback: true,
},
async (req, email, password, done) => {
const { error } = loginSchema.validate(req.body);
if (error) {
log({
title: 'Passport Local Strategy - User Not Found',
parameters: [{ name: 'email', value: email }],
title: 'Passport Local Strategy - Validation Error',
parameters: [{ name: 'req.body', value: req.body }],
});
return done(null, false, { message: 'Email does not exists.' });
return done(null, false, { message: error.details[0].message });
}
user.comparePassword(password, function (err, isMatch) {
if (err) {
try {
const user = await User.findOne({ email: email.trim() });
if (!user) {
log({
title: 'Passport Local Strategy - Compare password error',
parameters: [{ name: 'error', value: err }],
title: 'Passport Local Strategy - User Not Found',
parameters: [{ name: 'email', value: email }],
});
return done(err);
}
if (!isMatch) {
log({
title: 'Passport Local Strategy - Password does not match',
parameters: [{ name: 'isMatch', value: isMatch }],
});
return done(null, false, { message: 'Incorrect password.' });
return done(null, false, { message: 'Email does not exists.' });
}
return done(null, user);
});
} catch (err) {
return done(err);
}
},
);
user.comparePassword(password, function (err, isMatch) {
if (err) {
log({
title: 'Passport Local Strategy - Compare password error',
parameters: [{ name: 'error', value: err }],
});
return done(err);
}
if (!isMatch) {
log({
title: 'Passport Local Strategy - Password does not match',
parameters: [{ name: 'isMatch', value: isMatch }],
});
return done(null, false, { message: 'Incorrect password.' });
}
passport.use(passportLogin);
return done(null, user);
});
} catch (err) {
return done(err);
}
},
);
function log({ title, parameters }) {
DebugControl.log.functionName(title);
@ -64,3 +62,5 @@ function log({ title, parameters }) {
DebugControl.log.parameters(parameters);
}
}
module.exports = passportLogin;

13
api/strategies/openidStrategy.js
View file

@ -36,8 +36,9 @@ const downloadImage = async (url, imagePath, accessToken) => {
}
};
Issuer.discover(process.env.OPENID_ISSUER)
.then((issuer) => {
async function setupOpenId() {
try {
const issuer = await Issuer.discover(process.env.OPENID_ISSUER);
const client = new issuer.Client({
client_id: process.env.OPENID_CLIENT_ID,
client_secret: process.env.OPENID_CLIENT_SECRET,
@ -128,7 +129,9 @@ Issuer.discover(process.env.OPENID_ISSUER)
);
passport.use('openid', openidLogin);
})
.catch((err) => {
} catch (err) {
console.error(err);
});
}
}
module.exports = setupOpenId;

7
package-lock.json generated
View file

@ -15,10 +15,7 @@
"packages/*"
],
"dependencies": {
"axios": "^1.4.0",
"passport": "^0.6.0",
"passport-discord": "^0.1.4",
"passport-github2": "^0.1.12"
"axios": "^1.4.0"
},
"devDependencies": {
"@playwright/test": "^1.32.1",
@ -78,7 +75,9 @@
"openai": "^3.2.1",
"openid-client": "^5.4.2",
"passport": "^0.6.0",
"passport-discord": "^0.1.4",
"passport-facebook": "^3.0.0",
"passport-github2": "^0.1.12",
"passport-google-oauth20": "^2.0.0",
"passport-jwt": "^4.0.1",
"passport-local": "^1.0.0",

5
package.json
View file

@ -45,10 +45,7 @@
},
"homepage": "https://github.com/danny-avila/LibreChat#readme",
"dependencies": {
"axios": "^1.4.0",
"passport": "^0.6.0",
"passport-discord": "^0.1.4",
"passport-github2": "^0.1.12"
"axios": "^1.4.0"
},
"devDependencies": {
"@playwright/test": "^1.32.1",