@hitchy/plugin-auth 0.6.1 → 0.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/api/policy/authentication.js +18 -0
  2. package/api/service/authentication/passport.js +2 -4
  3. package/api/service/no-such-user-error.js +10 -0
  4. package/index.js +4 -0
  5. package/package.json +5 -5
package/api/policy/authentication.js CHANGED
@@ -47,6 +47,24 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
47
47
  } );
48
48
  }
49
49
 
50
+ /**
51
+ * Destroys session of current request if its associated user has not
52
+ * been found.
53
+ *
54
+ * @param {Error} error description of error encountered on dispatching request
55
+ * @param {Hitchy.Core.IncomingMessage} req request descriptor
56
+ * @param {Hitchy.Core.ServerResponse} res response manager
57
+ * @param {Hitchy.Core.ContinuationHandler} next callback to be invoked once the handler is done
58
+ * @returns {void}
59
+ */
60
+ static async dropSessionOfUnknownUser( error, req, res, next ) {
61
+ if ( req.session && error instanceof service.NoSuchUserError ) {
62
+ await req.session.$destroy( res );
63
+ }
64
+
65
+ next( error );
66
+ }
67
+
50
68
  /**
51
69
  * Discovers HTTP basic authentication header and processes it
52
70
  * accordingly based local user database.
package/api/service/authentication/passport.js CHANGED
@@ -30,12 +30,10 @@ export default function() { // eslint-disable-line jsdoc/require-jsdoc
30
30
  const user = new User( uuid );
31
31
 
32
32
  user.$exists
33
- .then( async exists => {
33
+ .then( exists => {
34
34
  if ( exists ) return user.load();
35
35
 
36
- await req.session.$destroy( res );
37
-
38
- throw new Error( "missing user with selected UUID" );
36
+ throw new api.service.NoSuchUserError( "missing user with selected UUID" );
39
37
  } )
40
38
  .then( () => AuthManager.listRolesOfUser( user ) )
41
39
  .then( roles => {
package/api/service/no-such-user-error.js ADDED
@@ -0,0 +1,10 @@
1
+ /** */
2
+ export default function() {
3
+ /**
4
+ * Implements particular error type as service for indicating a particular user
5
+ * is missing during authentication.
6
+ */
7
+ return class NoSuchUserError extends Error {
8
+ statusCode = 403;
9
+ };
10
+ }
package/index.js CHANGED
@@ -63,6 +63,10 @@ export default function( options, plugins ) { // eslint-disable-line jsdoc/requi
63
63
  "authentication.injectPassport",
64
64
  "authentication.handleBasicAuth",
65
65
  ];
66
+
67
+ policies["@error /"] = [
68
+ "authentication.dropSessionOfUnknownUser",
69
+ ];
66
70
  }
67
71
 
68
72
  return prefix === false ? policies : {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hitchy/plugin-auth",
3
- "version": "0.6.1",
3
+ "version": "0.6.2",
4
4
  "description": "user authentication and authorization for Hitchy",
5
5
  "type": "module",
6
6
  "main": "index.js",
@@ -26,19 +26,19 @@
26
26
  },
27
27
  "homepage": "https://auth.hitchy.org",
28
28
  "peerDependencies": {
29
- "@hitchy/core": "1.x",
29
+ "@hitchy/core": ">=1.4.x && <2.x",
30
30
  "@hitchy/plugin-cookies": "0.1.x",
31
31
  "@hitchy/plugin-odem": "0.13.x",
32
32
  "@hitchy/plugin-session": "1.x"
33
33
  },
34
34
  "devDependencies": {
35
- "@hitchy/core": "^1.2.1",
36
- "@hitchy/server-dev-tools": "^0.9.1",
35
+ "@hitchy/core": "^1.4.1",
36
+ "@hitchy/server-dev-tools": "^0.9.3",
37
37
  "@hitchy/types": "^0.1.3",
38
38
  "c8": "^10.1.3",
39
39
  "eslint": "^9.31.0",
40
40
  "eslint-config-cepharum": "^2.0.2",
41
- "mermaid": "^11.8.1",
41
+ "mermaid": "^11.9.0",
42
42
  "mocha": "^11.7.1",
43
43
  "openid-client": "^5.7.1",
44
44
  "passport-saml": "^3.2.4",