diff --git a/controllers/auth.js b/controllers/auth.js index 897edb2fa..9910aa5d3 100644 --- a/controllers/auth.js +++ b/controllers/auth.js @@ -244,7 +244,9 @@ exports.callback = function (aReq, aRes, aNext) { } if (aInfo === 'readonly strategy') { - aRes.redirect(doneUri + (doneUri === '/' ? 'login' : '') + '?rostrat'); + aRes.redirect(doneUri + (doneUri === '/' ? 'login' : '') + '?roauth'); + } else if (aInfo === 'username recovered') { + aRes.redirect(doneUri + (doneUri === '/' ? 'login' : '') + '?retryauth'); } else { aRes.redirect(doneUri + (doneUri === '/' ? 'login' : '') + '?authfail'); } diff --git a/libs/passportVerify.js b/libs/passportVerify.js index 42532babd..30ac880c6 100644 --- a/libs/passportVerify.js +++ b/libs/passportVerify.js @@ -19,6 +19,7 @@ var allStrategies = require('../controllers/strategies.json'); exports.verify = function (aId, aStrategy, aUsername, aLoggedIn, aDone) { var shasum = crypto.createHash('sha256'); var digest = null; + var digestUnsecure = null; var query = {}; var ids = []; @@ -88,8 +89,42 @@ exports.verify = function (aId, aStrategy, aUsername, aLoggedIn, aDone) { } } else if (aUser) { // user was found matching name but can't be authenticated - aDone(null, false, 'username is taken'); - return; + + if (aStrategy === 'steam') { + // Attempt to recover from http to https switch #1347 + if (new Date(aUser._since) < new Date('2018-04-05T00:00:00.000Z')) { + + digestUnsecure = crypto.createHash('sha256').update(String(aId) + .replace(/^https:/, 'http:')).digest('hex'); + pos = aUser.auths.indexOf(digestUnsecure); + + if (pos > -1) { + aUser.auths[pos] = digest; + + aUser.markModified('auths'); + aUser.save(function (aErr, aUser) { + if (aErr) { + aDone(null, false, 'username recovery failed'); + return; + } + console.log('RECOVERED STEAM AUTH', aUser.name, digestUnsecure, '->', digest); + + aDone(null, false, 'username recovered'); + return; + }); + } else { + aDone(null, false, 'username is taken'); + return; + } + } else { + aDone(null, false, 'username is taken'); + return; + } + + } else { + aDone(null, false, 'username is taken'); + return; + } } else { // Check for strategy readonly if (allStrategies[aStrategy].readonly) { @@ -113,11 +148,14 @@ exports.verify = function (aId, aStrategy, aUsername, aLoggedIn, aDone) { } }); } else if (pos > -1 && pos < aUser.auths.length - 1) { - // Toggle to the existing default strategy + // Set current strategy to use as default aUser.strategies.splice(pos, 1); aUser.auths.splice(pos, 1); aUser.strategies.push(aStrategy); aUser.auths.push(digest); + + aUser.markModified('strategies'); + aUser.markModified('auths'); aUser.save(function (aErr, aUser) { aDone(aErr, aUser); return; @@ -126,6 +164,8 @@ exports.verify = function (aId, aStrategy, aUsername, aLoggedIn, aDone) { // The user was authenticated however... // Migrate from OpenID to OAuth aUser.auths[openIdIdPos] = digest; + + aUser.markModified('auths'); aUser.save(function (aErr, aUser) { aDone(aErr, aUser); return;