@hitchy/plugin-auth 0.3.0 → 0.3.1

package/coverage/plugin-auth/api/service/authentication/strategies.js.html

@@ -23,30 +23,30 @@
         <div class='clearfix'>
             
             <div class='fl pad1y space-right2'>
-                <span class="strong">88.84% </span>
+                <span class="strong">79.5% </span>
                 <span class="quiet">Statements</span>
-                <span class='fraction'>231/260</span>
+                <span class='fraction'>225/283</span>
             </div>
         
             
             <div class='fl pad1y space-right2'>
-                <span class="strong">68.42% </span>
+                <span class="strong">78.12% </span>
                 <span class="quiet">Branches</span>
-                <span class='fraction'>26/38</span>
+                <span class='fraction'>25/32</span>
             </div>
         
             
             <div class='fl pad1y space-right2'>
-                <span class="strong">91.66% </span>
+                <span class="strong">84.61% </span>
                 <span class="quiet">Functions</span>
-                <span class='fraction'>11/12</span>
+                <span class='fraction'>11/13</span>
             </div>
         
             
             <div class='fl pad1y space-right2'>
-                <span class="strong">88.84% </span>
+                <span class="strong">79.5% </span>
                 <span class="quiet">Lines</span>
-                <span class='fraction'>231/260</span>
+                <span class='fraction'>225/283</span>
             </div>
         
             
@@ -55,7 +55,7 @@
             Press <em>n</em> or <em>j</em> to go to the next uncovered block, <em>b</em>, <em>p</em> or <em>k</em> for the previous block.
         </p>
     </div>
-    <div class='status-line high'></div>
+    <div class='status-line medium'></div>
     <pre><table class="coverage">
 <tr><td class="line-count quiet"><a name='L1'></a><a href='#L1'>1</a>
 <a name='L2'></a><a href='#L2'>2</a>
@@ -317,7 +317,30 @@
 <a name='L258'></a><a href='#L258'>258</a>
 <a name='L259'></a><a href='#L259'>259</a>
 <a name='L260'></a><a href='#L260'>260</a>
-<a name='L261'></a><a href='#L261'>261</a></td><td class="line-coverage quiet"><span class="cline-any cline-yes">1x</span>
+<a name='L261'></a><a href='#L261'>261</a>
+<a name='L262'></a><a href='#L262'>262</a>
+<a name='L263'></a><a href='#L263'>263</a>
+<a name='L264'></a><a href='#L264'>264</a>
+<a name='L265'></a><a href='#L265'>265</a>
+<a name='L266'></a><a href='#L266'>266</a>
+<a name='L267'></a><a href='#L267'>267</a>
+<a name='L268'></a><a href='#L268'>268</a>
+<a name='L269'></a><a href='#L269'>269</a>
+<a name='L270'></a><a href='#L270'>270</a>
+<a name='L271'></a><a href='#L271'>271</a>
+<a name='L272'></a><a href='#L272'>272</a>
+<a name='L273'></a><a href='#L273'>273</a>
+<a name='L274'></a><a href='#L274'>274</a>
+<a name='L275'></a><a href='#L275'>275</a>
+<a name='L276'></a><a href='#L276'>276</a>
+<a name='L277'></a><a href='#L277'>277</a>
+<a name='L278'></a><a href='#L278'>278</a>
+<a name='L279'></a><a href='#L279'>279</a>
+<a name='L280'></a><a href='#L280'>280</a>
+<a name='L281'></a><a href='#L281'>281</a>
+<a name='L282'></a><a href='#L282'>282</a>
+<a name='L283'></a><a href='#L283'>283</a>
+<a name='L284'></a><a href='#L284'>284</a></td><td class="line-coverage quiet"><span class="cline-any cline-yes">1x</span>
 <span class="cline-any cline-yes">1x</span>
 <span class="cline-any cline-yes">1x</span>
 <span class="cline-any cline-yes">1x</span>
@@ -383,37 +406,60 @@
 <span class="cline-any cline-yes">18x</span>
 <span class="cline-any cline-yes">18x</span>
 <span class="cline-any cline-yes">18x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
 <span class="cline-any cline-no">&nbsp;</span>
 <span class="cline-any cline-no">&nbsp;</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
 <span class="cline-any cline-no">&nbsp;</span>
 <span class="cline-any cline-no">&nbsp;</span>
 <span class="cline-any cline-no">&nbsp;</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
 <span class="cline-any cline-no">&nbsp;</span>
 <span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-no">&nbsp;</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">18x</span>
+<span class="cline-any cline-yes">9x</span>
 <span class="cline-any cline-yes">9x</span>
 <span class="cline-any cline-yes">9x</span>
 <span class="cline-any cline-yes">9x</span>
 <span class="cline-any cline-yes">9x</span>
 <span class="cline-any cline-no">&nbsp;</span>
 <span class="cline-any cline-no">&nbsp;</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
-<span class="cline-any cline-yes">9x</span>
+<span class="cline-any cline-no">&nbsp;</span>
 <span class="cline-any cline-no">&nbsp;</span>
 <span class="cline-any cline-no">&nbsp;</span>
 <span class="cline-any cline-yes">9x</span>
@@ -596,9 +642,9 @@ const RemoteAuthCustomData = new Map();
 &nbsp;
 module.exports = function() {
 	const api = this;
-	const { models } = api.runtime;
+	const { models, services } = api.runtime;
 &nbsp;
-	const AlertLog = api.log( "hitchy:plugin:auth:alert" );
+	const logAlert = api.log( "hitchy:plugin:auth:alert" );
 &nbsp;
 	/**
 	 * Fetches named user's local profile.
@@ -635,6 +681,52 @@ module.exports = function() {
 	 * Implements helpers for generating strategies for passport.js.
 	 */
 	class AuthenticationStrategies {
+		/**
+		 * Picks user based on provided name and checks if provided password is
+		 * matching or not.
+		 *
+		 * @param {string} username name of user to authenticate
+		 * @param {string} password named user's password for authentication
+		 * @param {function(Error?, object, object)} done invoked with optional error, authenticated user or some message as feedback
+		 * @returns {void}
+		 */
+		static <span class="fstat-no" title="function not covered" >checkAuthentication( username, password, done ) {</span>
+<span class="cstat-no" title="statement not covered" >			models.User</span>
+<span class="cstat-no" title="statement not covered" >				.find( { eq: { username } }, {}, { loadRecords: true } )</span>
+<span class="cstat-no" title="statement not covered" >				.then( matches =&gt; {</span>
+<span class="cstat-no" title="statement not covered" >					switch ( matches.length ) {</span>
+<span class="cstat-no" title="statement not covered" >						case 0 :</span>
+<span class="cstat-no" title="statement not covered" >							done( null, false, { message: "Incorrect username." } );</span>
+<span class="cstat-no" title="statement not covered" >							return undefined;</span>
+<span class="cstat-no" title="statement not covered" ></span>
+<span class="cstat-no" title="statement not covered" >						case 1 : {</span>
+<span class="cstat-no" title="statement not covered" >							const [user] = matches;</span>
+<span class="cstat-no" title="statement not covered" ></span>
+<span class="cstat-no" title="statement not covered" >							if ( user.strategy &amp;&amp; user.strategy !== "local" ) {</span>
+<span class="cstat-no" title="statement not covered" >								done( null, false, { message: "Authenticating this user requires different strategy." } );</span>
+<span class="cstat-no" title="statement not covered" >								return undefined;</span>
+<span class="cstat-no" title="statement not covered" >							}</span>
+<span class="cstat-no" title="statement not covered" ></span>
+<span class="cstat-no" title="statement not covered" >							return user.verifyPassword( password ).then( result =&gt; {</span>
+<span class="cstat-no" title="statement not covered" >								if ( result ) {</span>
+<span class="cstat-no" title="statement not covered" >									done( null, user );</span>
+<span class="cstat-no" title="statement not covered" >								} else {</span>
+<span class="cstat-no" title="statement not covered" >									done( null, false, { message: "Incorrect password." } );</span>
+<span class="cstat-no" title="statement not covered" >								}</span>
+<span class="cstat-no" title="statement not covered" >							} );</span>
+<span class="cstat-no" title="statement not covered" >						}</span>
+<span class="cstat-no" title="statement not covered" ></span>
+<span class="cstat-no" title="statement not covered" >						default :</span>
+<span class="cstat-no" title="statement not covered" >							done( null, false, { message: "Ambiguous username." } );</span>
+<span class="cstat-no" title="statement not covered" >							return undefined;</span>
+<span class="cstat-no" title="statement not covered" >					}</span>
+<span class="cstat-no" title="statement not covered" >				} )</span>
+<span class="cstat-no" title="statement not covered" >				.catch( err =&gt; {</span>
+<span class="cstat-no" title="statement not covered" >					logAlert( err );</span>
+<span class="cstat-no" title="statement not covered" >					done( err );</span>
+<span class="cstat-no" title="statement not covered" >				} );</span>
+<span class="cstat-no" title="statement not covered" >		}</span>
+&nbsp;
 		/**
 		 * Generates local strategy authenticating user based on local user
 		 * model managed in local ODM.
@@ -643,39 +735,16 @@ module.exports = function() {
 		 */
 		static generateLocal() {
 			const strategy = new LocalStrategy( ( name, password, done ) =&gt; {
-				models.User
-					.find( { eq: { name } }, {}, { loadRecords: true } )
-					.then( matches =&gt; {
-						switch ( matches.length ) {
-<span class="branch-0 cbranch-no" title="branch not covered" >							case 0 :</span>
-<span class="cstat-no" title="statement not covered" >								done( null, false, { message: "Incorrect username." } );</span>
-<span class="cstat-no" title="statement not covered" >								return undefined;</span>
-&nbsp;
-							case 1 : {
-								const [user] = matches;
-&nbsp;
-								if ( user.strategy <span class="branch-0 cbranch-no" title="branch not covered" >&amp;&amp; user.strategy !== "local" </span>) <span class="branch-0 cbranch-no" title="branch not covered" >{</span>
-<span class="cstat-no" title="statement not covered" >									done( null, false, { message: "Authenticating this user requires different strategy." } );</span>
-<span class="cstat-no" title="statement not covered" >									return undefined;</span>
-<span class="cstat-no" title="statement not covered" >								}</span>
-&nbsp;
-								return user.verifyPassword( password ).then( result =&gt; {
-									if ( result ) {
-										done( null, user );
-									}<span class="branch-0 cbranch-no" title="branch not covered" > else {</span>
-<span class="cstat-no" title="statement not covered" >										done( null, false, { message: "Incorrect password." } );</span>
-<span class="cstat-no" title="statement not covered" >									}</span>
-								} );
-							}
-&nbsp;
-<span class="branch-0 cbranch-no" title="branch not covered" >							default :</span>
-<span class="cstat-no" title="statement not covered" >								done( null, false, { message: "Ambiguous username." } );</span>
-<span class="cstat-no" title="statement not covered" >								return undefined;</span>
-						}
+				services.AuthManager.checkAuthentication( name, password, done )
+					.then( user =&gt; {
+						done( null, user );
 					} )
-					.catch( err =&gt; {
-<span class="cstat-no" title="statement not covered" >						AlertLog( err );</span>
-<span class="cstat-no" title="statement not covered" >						done( err );</span>
+					.catch( error =&gt; {
+<span class="cstat-no" title="statement not covered" >						if ( error instanceof services.HttpException &amp;&amp; error.statusCode === 400 ) {</span>
+<span class="cstat-no" title="statement not covered" >							done( null, false, { message: error.message } );</span>
+<span class="cstat-no" title="statement not covered" >						} else {</span>
+<span class="cstat-no" title="statement not covered" >							done( error );</span>
+<span class="cstat-no" title="statement not covered" >						}</span>
 					} );
 			} );
 &nbsp;
@@ -844,7 +913,7 @@ module.exports = function() {
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank">istanbul</a>
-                at Sun Mar 27 2022 18:00:09 GMT+0200 (Mitteleuropäische Sommerzeit)
+                at Sun Mar 27 2022 22:51:56 GMT+0200 (Mitteleuropäische Sommerzeit)
             </div>
         </div>
         <script src="../../../../prettify.js"></script>

package/coverage/plugin-auth/api/service/authorization/index.html

@@ -125,7 +125,7 @@
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank">istanbul</a>
-                at Sun Mar 27 2022 18:00:09 GMT+0200 (Mitteleuropäische Sommerzeit)
+                at Sun Mar 27 2022 22:51:56 GMT+0200 (Mitteleuropäische Sommerzeit)
             </div>
         </div>
         <script src="../../../../prettify.js"></script>

package/coverage/plugin-auth/api/service/authorization/node.js.html

@@ -928,7 +928,7 @@ module.exports = function() {
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank">istanbul</a>
-                at Sun Mar 27 2022 18:00:09 GMT+0200 (Mitteleuropäische Sommerzeit)
+                at Sun Mar 27 2022 22:51:56 GMT+0200 (Mitteleuropäische Sommerzeit)
             </div>
         </div>
         <script src="../../../../prettify.js"></script>

package/coverage/plugin-auth/api/service/authorization/policy-generator.js.html

@@ -370,7 +370,7 @@ module.exports = function() {
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank">istanbul</a>
-                at Sun Mar 27 2022 18:00:09 GMT+0200 (Mitteleuropäische Sommerzeit)
+                at Sun Mar 27 2022 22:51:56 GMT+0200 (Mitteleuropäische Sommerzeit)
             </div>
         </div>
         <script src="../../../../prettify.js"></script>

package/coverage/plugin-auth/api/service/authorization/tree.js.html

@@ -665,8 +665,8 @@ module.exports = function() {
 	const api = this;
 	const { services, models } = api.runtime;
  
-	const AlertLog = api.log( "hitchy:plugin:auth:alert" );
-	const DebugLog = api.log( "hitchy:plugin:auth:debug" );
+	const logAlert = api.log( "hitchy:plugin:auth:alert" );
+	const logDebug = api.log( "hitchy:plugin:auth:debug" );
  
 	let cachedTree;
  
@@ -763,7 +763,7 @@ module.exports = function() {
 		addRule( rule ) {
 			const { selector, role, user, accept } = rule;
  
-			DebugLog( "adding authorization rule", { selector, role, user, accept } );
+			logDebug( "adding authorization rule", { selector, role, user, accept } );
  
 			const node = this.selectNode( selector );
  
@@ -787,7 +787,7 @@ module.exports = function() {
 		removeRule( rule ) {
 			const { selector, role, user, accept } = rule;
  
-			DebugLog( "removing authorization rule", { selector, role, user, accept } );
+			logDebug( "removing authorization rule", { selector, role, user, accept } );
  
 			const node = this.selectNode( selector, false );
  
@@ -830,7 +830,7 @@ module.exports = function() {
 					}
 				} );
 			} catch ( cause ) {
-				AlertLog( cause.message );
+				logAlert( cause.message );
 				return false;
 			}
  
@@ -874,7 +874,7 @@ module.exports = function() {
 <span class="cstat-no" title="statement not covered" >				const users = {};</span>
 <span class="cstat-no" title="statement not covered" >				const roles = {};</span>
 <span class="cstat-no" title="statement not covered" ></span>
-<span class="cstat-no" title="statement not covered" >				DebugLog( `restoring ${entries.length} authorization rule(s) from database` );</span>
+<span class="cstat-no" title="statement not covered" >				logDebug( `restoring ${entries.length} authorization rule(s) from database` );</span>
 <span class="cstat-no" title="statement not covered" ></span>
 <span class="cstat-no" title="statement not covered" >				for ( const entry of entries ) {</span>
 <span class="cstat-no" title="statement not covered" >					const userKey = entry.user ? entry.user.toString( "hex" ) : undefined;</span>
@@ -912,7 +912,7 @@ module.exports = function() {
 		loadFromConfiguration( configuration ) {
 			const { authorizations = {} } = configuration <span class="branch-0 cbranch-no" title="branch not covered" >|| {};</span>
 &nbsp;
-			DebugLog( `loading authorization(s) from configuration` );
+			logDebug( `loading authorization(s) from configuration` );
 &nbsp;
 			const processLevel = ( source, prefix ) =&gt; {
 				const names = Object.keys( source );
@@ -943,7 +943,7 @@ module.exports = function() {
 									[isRole ? "role" : "user"]: id,
 								} );
 							}<span class="branch-0 cbranch-no" title="branch not covered" > else {</span>
-<span class="cstat-no" title="statement not covered" >								AlertLog( `invalid user/role selector in ${key || "rule"} on ${name}` );</span>
+<span class="cstat-no" title="statement not covered" >								logAlert( `invalid user/role selector in ${key || "rule"} on ${name}` );</span>
 <span class="cstat-no" title="statement not covered" >							}</span>
 						}
 					}
@@ -967,7 +967,7 @@ module.exports = function() {
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank">istanbul</a>
-                at Sun Mar 27 2022 18:00:09 GMT+0200 (Mitteleuropäische Sommerzeit)
+                at Sun Mar 27 2022 22:51:56 GMT+0200 (Mitteleuropäische Sommerzeit)
             </div>
         </div>
         <script src="../../../../prettify.js"></script>

package/coverage/plugin-auth/config/auth.js.html

@@ -124,7 +124,7 @@ module.exports = function() {
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank">istanbul</a>
-                at Sun Mar 27 2022 18:00:09 GMT+0200 (Mitteleuropäische Sommerzeit)
+                at Sun Mar 27 2022 22:51:56 GMT+0200 (Mitteleuropäische Sommerzeit)
             </div>
         </div>
         <script src="../../prettify.js"></script>

package/coverage/plugin-auth/config/index.html

@@ -95,7 +95,7 @@
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank">istanbul</a>
-                at Sun Mar 27 2022 18:00:09 GMT+0200 (Mitteleuropäische Sommerzeit)
+                at Sun Mar 27 2022 22:51:56 GMT+0200 (Mitteleuropäische Sommerzeit)
             </div>
         </div>
         <script src="../../prettify.js"></script>

package/coverage/plugin-auth/index.html

@@ -95,7 +95,7 @@
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank">istanbul</a>
-                at Sun Mar 27 2022 18:00:09 GMT+0200 (Mitteleuropäische Sommerzeit)
+                at Sun Mar 27 2022 22:51:56 GMT+0200 (Mitteleuropäische Sommerzeit)
             </div>
         </div>
         <script src="../prettify.js"></script>

package/coverage/plugin-auth/index.js.html

@@ -284,7 +284,7 @@ module.exports = function( options, plugins ) {
 			const { config: { auth: { prefix } } } = this;
  
 			const policies = {
-				"/": "authentication.initialize",
+				"/": ["authentication.initialize", "authentication.handleBasicAuth"],
 			};
  
 			return prefix === false <span class="branch-0 cbranch-no" title="branch not covered" >? policies </span>: {
@@ -328,7 +328,7 @@ module.exports = function( options, plugins ) {
             <div class='footer quiet pad2 space-top1 center small'>
                 Code coverage generated by
                 <a href="https://istanbul.js.org/" target="_blank">istanbul</a>
-                at Sun Mar 27 2022 18:00:09 GMT+0200 (Mitteleuropäische Sommerzeit)
+                at Sun Mar 27 2022 22:51:56 GMT+0200 (Mitteleuropäische Sommerzeit)
             </div>
         </div>
         <script src="../prettify.js"></script>