@aptana/multichannel-common 2.9.15 → 2.9.16

package/core/domain/auth/TokenGuard.d.ts

@@ -14,10 +14,16 @@ export declare class TokenGuard implements Guard {
      * The currently authenticated user.
      */
     private _user;
+    /**
+     * Skip userKey & userToken authentication
+     */
+    private _skipUserKeyAuth;
     /**
      * Create a new authtentication guard.
      */
-    constructor(provider: UserProvider, req: any);
+    constructor(provider: UserProvider, req: any, options?: {
+        skipUserKeyAuth?: boolean;
+    });
     /**
      * Determine if the current user is authenticated. If not, throw an error.
      */

package/core/domain/auth/TokenGuard.js

@@ -18,12 +18,17 @@ class TokenGuard {
      * The currently authenticated user.
      */
     _user;
+    /**
+     * Skip userKey & userToken authentication
+     */
+    _skipUserKeyAuth;
     /**
      * Create a new authtentication guard.
      */
-    constructor(provider, req) {
+    constructor(provider, req, options) {
         this._provider = provider;
         this._req = req;
+        this._skipUserKeyAuth = options?.skipUserKeyAuth ?? false;
     }
     /**
      * Determine if the current user is authenticated. If not, throw an error.
@@ -54,7 +59,8 @@ class TokenGuard {
         let user = null;
         let token = this.getTokenFromRequest();
         let { userKey, userToken } = this.getUserKeyTokenFromRequest();
-        if (userKey && userToken) {
+        // Skip userKey auth if configured
+        if (!this._skipUserKeyAuth && userKey && userToken) {
             user = await this._provider.getByUserKeyAndUserToken(userKey, userToken);
         }
         else if (token) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aptana/multichannel-common",
-  "version": "2.9.15",
+  "version": "2.9.16",
   "license": "MIT",
   "description": "",
   "keywords": [