Everyauth: Check github authentication against a database

Question

I'm pretty new to node.js and I'm having problem with the everyAuth module.

My issue is, I am trying to create an app that lets the user login via github oauth and checks to see if the user is whitelisted in the database. I want to stop the authentication returning true until I check the user is in the whitelist. I have tried several methods to do this but to no avail.

Can anyone shed any light?

Calling github method

everyauth.github
  .appId(conf.github.appId)
  .appSecret(conf.github.appSecret)
  .redirectPath('/')
  .findOrCreateUser (sess, accessToken, accessTokenExtra, ghUser) ->
      promise = this.Promise()
      users.findOrCreateByGhData ghUser, accessToken, accessTokenExtra, promise
      promise;

User class

conf =      require '../config'
# Mongoose
mongoose =  require 'mongoose'
Schema =    mongoose.Schema
ObjectId =  Schema.ObjectId

# Connect
mongoose.connect('mongodb://' + conf.db.user + ':' + conf.db.password + '@' +  conf.db.url )

# User Schema
NewUser = new Schema 
    id :
        type: Number
        min: 18
        index: true
    login  :
        type: String
    ghId :
        type: Number
        unique: true
    date :
        type: Date
        default: Date.now

# Create Model
User = mongoose.model 'NewUser', NewUser

exports.findOrCreateByGhData = ( ghData , accessToken, accessTokenExtra, promise ) ->
    User.find  'ghId': ghData.id , (err, docs) ->
        if docs.length
            console.log '=========User==============='
            console.log docs
            return promise.fulfill ['Nah its an error']
        else
            console.log '=========No user============='
            user = new User()
            user.login = ghData.login
            user.ghId = ghData.id
            user.save ( err ) ->
                if err
                    throw err
                console.log 'saved'
            promise.fulfill user

What do you mean by "user is in the whitelist"? – alessioalex Nov 23 '11 at 09:16 — alessioalex, Nov 23 '11 at 09:16

score 1 · Answer 1 · answered Jan 06 '12 at 20:16

I had some problems with Everyauth in the beginning, so I switched to Passport. There's a module for GitHub authentication as well. It's much simpler to use, in my opinion. Passport delivers a user profile which you can just store in the database and get after successful authentication.

rkusa · Answer 2 · 2012-01-10T17:07:53.600

0

promise.fail is what you are locking for?

function (session, accessToken, extra, user) {
  var promise = this.Promise();
  doSomethingAsync(function (err, user) {
    if (user.whitelisted) promise.fulfill(user);
    else promise.fail('denied');
  });
  return promise;
}

edited Jan 10 '12 at 17:07

answered Jan 10 '12 at 15:29

rkusa

4,792
1
22
28

Everyauth: Check github authentication against a database

Calling github method

User class

2 Answers2