Begin support for external auths

2025-02-25 18:55:32 -06:00 · 2020-04-28 14:49:03 +02:00
parent 98813e69bc
commit 4a8d113b9b
15 changed files with 397 additions and 175 deletions
--- a/shared/models/plugins/register-server-auth.model.ts
+++ b/shared/models/plugins/register-server-auth.model.ts
@@ -1,42 +1,52 @@
 import { UserRole } from '@shared/models'
 import { MOAuthToken } from '@server/typings/models'
+import * as express from 'express'

 export type RegisterServerAuthOptions = RegisterServerAuthPassOptions | RegisterServerAuthExternalOptions

-export interface RegisterServerAuthPassOptions {
+export interface RegisterServerAuthenticatedResult {
+  username: string
+  email: string
+  role?: UserRole
+  displayName?: string
+}
+
+export interface RegisterServerExternalAuthenticatedResult extends RegisterServerAuthenticatedResult {
+  req: express.Request
+  res: express.Response
+}
+
+interface RegisterServerAuthBase {
  // Authentication name (a plugin can register multiple auth strategies)
  authName: string

  // Called by PeerTube when a user from your plugin logged out
  onLogout?(): void

-  // Weight of this authentication so PeerTube tries the auth methods in DESC weight order
-  getWeight(): number
-
  // Your plugin can hook PeerTube access/refresh token validity
  // So you can control for your plugin the user session lifetime
  hookTokenValidity?(options: { token: MOAuthToken, type: 'access' | 'refresh' }): Promise<{ valid: boolean }>
+}
+
+export interface RegisterServerAuthPassOptions extends RegisterServerAuthBase {
+  // Weight of this authentication so PeerTube tries the auth methods in DESC weight order
+  getWeight(): number

  // Used by PeerTube to login a user
  // Returns null if the login failed, or { username, email } on success
  login(body: {
    id: string
    password: string
-  }): Promise<{
-    username: string
-    email: string
-    role?: UserRole
-    displayName?: string
-  } | null>
+  }): Promise<RegisterServerAuthenticatedResult | null>
 }

-export interface RegisterServerAuthExternalOptions {
-  // Authentication name (a plugin can register multiple auth strategies)
-  authName: string
+export interface RegisterServerAuthExternalOptions extends RegisterServerAuthBase {
+  // Will be displayed in a block next to the login form
+  authDisplayName: string

-  onLogout?: Function
+  onAuthRequest: (req: express.Request, res: express.Response) => void
 }

 export interface RegisterServerAuthExternalResult {
-  onAuth (options: { username: string, email: string }): void
+  userAuthenticated (options: RegisterServerExternalAuthenticatedResult): void
 }
--- a/shared/models/plugins/register-server-setting.model.ts
+++ b/shared/models/plugins/register-server-setting.model.ts
@@ -9,7 +9,7 @@ export interface RegisterServerSettingOptions {
  private: boolean

  // Default setting value
-  default?: string
+  default?: string | boolean
 }

 export interface RegisteredServerSettings {
--- a/shared/models/server/server-config.model.ts
+++ b/shared/models/server/server-config.model.ts
@@ -12,6 +12,18 @@ export interface ServerConfigTheme extends ServerConfigPlugin {
  css: string[]
 }

+export interface RegisteredExternalAuthConfig {
+  npmName: string
+  authName: string
+  authDisplayName: string
+}
+
+export interface RegisteredIdAndPassAuthConfig {
+  npmName: string
+  authName: string
+  weight: number
+}
+
 export interface ServerConfig {
  serverVersion: string
  serverCommit?: string
@@ -37,6 +49,10 @@ export interface ServerConfig {

  plugin: {
    registered: ServerConfigPlugin[]
+
+    registeredExternalAuths: RegisteredExternalAuthConfig[]
+
+    registeredIdAndPassAuths: RegisteredIdAndPassAuthConfig[]
  }

  theme: {