not-node 5.1.45 → 6.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +4 -0
- package/package.json +2 -1
- package/src/app.js +2 -2
- package/src/auth/index.js +0 -2
- package/src/auth/routes.js +25 -61
- package/src/auth/rules.js +8 -7
- package/src/common.js +19 -0
- package/src/identity/exceptions.js +17 -0
- package/src/identity/identity.js +61 -0
- package/src/identity/index.js +35 -0
- package/src/identity/providers/session.js +137 -0
- package/src/identity/providers/token.js +255 -0
- package/src/manifest/route.js +2 -1
- package/static2.js +24 -0
- package/test/auth/identity.js +0 -0
- package/test/auth/routes.js +1 -1
- package/test/auth.js +0 -15
- package/test/env.js +20 -20
- package/test/identity/identity.js +1 -0
- package/test/identity/index.js +12 -0
- package/test/identity/providers/session.js +227 -0
- package/test/identity/providers/token.js +244 -0
- package/test/identity.js +5 -0
- package/test/notRoute.js +1022 -799
- package/src/auth/session.js +0 -151
- package/test/auth/session.js +0 -266
package/src/auth/session.js
DELETED
|
@@ -1,151 +0,0 @@
|
|
|
1
|
-
const log = require("not-log")(module, "Auth");
|
|
2
|
-
const CONST = require("./const");
|
|
3
|
-
const ROLES = require("./roles");
|
|
4
|
-
|
|
5
|
-
/**
|
|
6
|
-
* Checks if user is authenticated, by searching req.session.user
|
|
7
|
-
* @param {object} req Express Request object
|
|
8
|
-
* @return {boolean} true - authenticated, false - guest
|
|
9
|
-
**/
|
|
10
|
-
|
|
11
|
-
function isUser(req) {
|
|
12
|
-
return req && req.session && req.session.user ? true : false;
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
function ifUser(req) {
|
|
16
|
-
log.error("ifUser is obsolete, use new version as isUser");
|
|
17
|
-
return isUser(req);
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
/**
|
|
21
|
-
* Returns user role from request object
|
|
22
|
-
* @param {object} req Express Request
|
|
23
|
-
* @return user role
|
|
24
|
-
**/
|
|
25
|
-
function getRole(req) {
|
|
26
|
-
return req && req.session && req.session.role
|
|
27
|
-
? req.session.role
|
|
28
|
-
: undefined;
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
/**
|
|
32
|
-
* Set user role for active session
|
|
33
|
-
* @param {object} req Express Request
|
|
34
|
-
* @param {Array<string>} role array of roles
|
|
35
|
-
**/
|
|
36
|
-
function setRole(req, role) {
|
|
37
|
-
if (req && req.session) {
|
|
38
|
-
req.session.role = role;
|
|
39
|
-
}
|
|
40
|
-
}
|
|
41
|
-
|
|
42
|
-
function setId(req, _id) {
|
|
43
|
-
log.error("setId is obsolete, use new version as setUserId");
|
|
44
|
-
log.error(req.originalUrl);
|
|
45
|
-
return setUserId(req, _id);
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
/**
|
|
49
|
-
* Set user id for active session
|
|
50
|
-
* @param {object} req Express Request
|
|
51
|
-
* @param {string} _id user id
|
|
52
|
-
**/
|
|
53
|
-
function setUserId(req, _id) {
|
|
54
|
-
if (req && req.session) {
|
|
55
|
-
req.session.user = _id;
|
|
56
|
-
}
|
|
57
|
-
}
|
|
58
|
-
|
|
59
|
-
/**
|
|
60
|
-
* Returns true if user is admin
|
|
61
|
-
* @param {object} req Express Request object
|
|
62
|
-
* @return {boolean} true - admin, false - not admin
|
|
63
|
-
**/
|
|
64
|
-
function ifAdmin(req) {
|
|
65
|
-
log.error("ifAdmin is obsolete, use new version as isRoot");
|
|
66
|
-
log.error(req.originalUrl);
|
|
67
|
-
return isRoot(req);
|
|
68
|
-
}
|
|
69
|
-
|
|
70
|
-
function isRoot(req) {
|
|
71
|
-
return (
|
|
72
|
-
isUser(req) &&
|
|
73
|
-
ROLES.compareRoles(getRole(req), CONST.DEFAULT_USER_ROLE_FOR_ADMIN)
|
|
74
|
-
);
|
|
75
|
-
}
|
|
76
|
-
|
|
77
|
-
/**
|
|
78
|
-
* Get user id for active session
|
|
79
|
-
* @param {object} req Express Request
|
|
80
|
-
**/
|
|
81
|
-
function getUserId(req) {
|
|
82
|
-
if (req && req.session) {
|
|
83
|
-
return req.session.user;
|
|
84
|
-
} else {
|
|
85
|
-
return undefined;
|
|
86
|
-
}
|
|
87
|
-
}
|
|
88
|
-
|
|
89
|
-
/**
|
|
90
|
-
* Get session id for active session
|
|
91
|
-
* @param {object} req Express Request
|
|
92
|
-
**/
|
|
93
|
-
function getSessionId(req) {
|
|
94
|
-
if (req && req.session && req.session.id) {
|
|
95
|
-
return req.session.id.toString();
|
|
96
|
-
} else {
|
|
97
|
-
return undefined;
|
|
98
|
-
}
|
|
99
|
-
}
|
|
100
|
-
|
|
101
|
-
/**
|
|
102
|
-
* Set auth data in session, user id and role
|
|
103
|
-
* @param {object} req Express Request
|
|
104
|
-
* @param {string} id user id
|
|
105
|
-
* @param {string} role user role
|
|
106
|
-
**/
|
|
107
|
-
function setAuth(req, id, role) {
|
|
108
|
-
setUserId(req, id);
|
|
109
|
-
setRole(req, role);
|
|
110
|
-
}
|
|
111
|
-
|
|
112
|
-
/**
|
|
113
|
-
* Set auth data in session to Guest
|
|
114
|
-
* @param {object} req Express Request
|
|
115
|
-
**/
|
|
116
|
-
function setGuest(req) {
|
|
117
|
-
if (req && req.session) {
|
|
118
|
-
req.user = null;
|
|
119
|
-
req.session.user = null;
|
|
120
|
-
setRole(req, [CONST.DEFAULT_USER_ROLE_FOR_GUEST]);
|
|
121
|
-
}
|
|
122
|
-
}
|
|
123
|
-
|
|
124
|
-
/**
|
|
125
|
-
* Reset session
|
|
126
|
-
* @param {object} req Express Request
|
|
127
|
-
**/
|
|
128
|
-
function cleanse(req) {
|
|
129
|
-
if (req && req.session) {
|
|
130
|
-
setGuest(req);
|
|
131
|
-
if (req.session.destroy) {
|
|
132
|
-
req.session.destroy();
|
|
133
|
-
}
|
|
134
|
-
}
|
|
135
|
-
}
|
|
136
|
-
|
|
137
|
-
module.exports = {
|
|
138
|
-
isUser,
|
|
139
|
-
ifUser,
|
|
140
|
-
ifAdmin,
|
|
141
|
-
isRoot,
|
|
142
|
-
getRole,
|
|
143
|
-
setRole,
|
|
144
|
-
setId,
|
|
145
|
-
getUserId,
|
|
146
|
-
setUserId,
|
|
147
|
-
getSessionId,
|
|
148
|
-
setAuth,
|
|
149
|
-
setGuest,
|
|
150
|
-
cleanse,
|
|
151
|
-
};
|
package/test/auth/session.js
DELETED
|
@@ -1,266 +0,0 @@
|
|
|
1
|
-
const mongoose = require('mongoose');
|
|
2
|
-
|
|
3
|
-
module.exports = ({
|
|
4
|
-
Auth,
|
|
5
|
-
expect
|
|
6
|
-
}) => {
|
|
7
|
-
describe('Session', () => {
|
|
8
|
-
describe('isUser', function() {
|
|
9
|
-
it('check if user exists - true', function() {
|
|
10
|
-
var t = {
|
|
11
|
-
session: {
|
|
12
|
-
user: true
|
|
13
|
-
}
|
|
14
|
-
};
|
|
15
|
-
var res = Auth.isUser(t);
|
|
16
|
-
expect(res).to.eql(true);
|
|
17
|
-
});
|
|
18
|
-
it('check if user exists - false', function() {
|
|
19
|
-
var t = {
|
|
20
|
-
session: {}
|
|
21
|
-
};
|
|
22
|
-
var res = Auth.isUser(t);
|
|
23
|
-
expect(res).to.eql(false);
|
|
24
|
-
});
|
|
25
|
-
|
|
26
|
-
it('obsolete version ifUser', () => {
|
|
27
|
-
var t = {
|
|
28
|
-
session: {}
|
|
29
|
-
};
|
|
30
|
-
var res = Auth.ifUser(t);
|
|
31
|
-
expect(res).to.eql(false);
|
|
32
|
-
});
|
|
33
|
-
});
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
describe('isRoot', function() {
|
|
38
|
-
it('check if user admin - true', function() {
|
|
39
|
-
var t = {
|
|
40
|
-
session: {
|
|
41
|
-
user: mongoose.Types.ObjectId(),
|
|
42
|
-
role: 'root'
|
|
43
|
-
}
|
|
44
|
-
};
|
|
45
|
-
var res = Auth.isRoot(t);
|
|
46
|
-
expect(res).to.eql(true);
|
|
47
|
-
});
|
|
48
|
-
it('check if user admin - false', function() {
|
|
49
|
-
var t = {
|
|
50
|
-
session: {
|
|
51
|
-
user: mongoose.Types.ObjectId()
|
|
52
|
-
}
|
|
53
|
-
};
|
|
54
|
-
var res = Auth.isRoot(t);
|
|
55
|
-
expect(res).to.eql(false);
|
|
56
|
-
});
|
|
57
|
-
|
|
58
|
-
it('obsolete version ifAdmin', function() {
|
|
59
|
-
var t = {
|
|
60
|
-
session: {
|
|
61
|
-
user: mongoose.Types.ObjectId()
|
|
62
|
-
}
|
|
63
|
-
};
|
|
64
|
-
var res = Auth.ifAdmin(t);
|
|
65
|
-
expect(res).to.eql(false);
|
|
66
|
-
});
|
|
67
|
-
});
|
|
68
|
-
|
|
69
|
-
describe('getRole', function() {
|
|
70
|
-
it('get role - root', function() {
|
|
71
|
-
var t = {
|
|
72
|
-
session:{
|
|
73
|
-
user: mongoose.Types.ObjectId(),
|
|
74
|
-
role: 'root'
|
|
75
|
-
}
|
|
76
|
-
};
|
|
77
|
-
var res = Auth.getRole(t);
|
|
78
|
-
expect(res).to.eql('root');
|
|
79
|
-
});
|
|
80
|
-
it('get role - undefined', function() {
|
|
81
|
-
var t = {
|
|
82
|
-
session:{
|
|
83
|
-
user: mongoose.Types.ObjectId()
|
|
84
|
-
}
|
|
85
|
-
};
|
|
86
|
-
var res = Auth.getRole(t);
|
|
87
|
-
expect(res).to.eql(undefined);
|
|
88
|
-
});
|
|
89
|
-
});
|
|
90
|
-
|
|
91
|
-
describe('setRole', function() {
|
|
92
|
-
it('session exist, set role - root', function() {
|
|
93
|
-
var t = {
|
|
94
|
-
session:{
|
|
95
|
-
user: mongoose.Types.ObjectId(),
|
|
96
|
-
role: 'user'
|
|
97
|
-
}
|
|
98
|
-
};
|
|
99
|
-
Auth.setRole(t, 'root');
|
|
100
|
-
expect(t.session.role).to.eql('root');
|
|
101
|
-
});
|
|
102
|
-
|
|
103
|
-
it('session not exist, set role - admin', function() {
|
|
104
|
-
var t = {};
|
|
105
|
-
Auth.setRole(t, 'admin');
|
|
106
|
-
expect(t).to.be.deep.eql({});
|
|
107
|
-
});
|
|
108
|
-
});
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
describe('setUserId', function() {
|
|
112
|
-
it('session exist, set _id', function() {
|
|
113
|
-
const t = {
|
|
114
|
-
session:{
|
|
115
|
-
role: 'user'
|
|
116
|
-
}
|
|
117
|
-
};
|
|
118
|
-
const id = mongoose.Types.ObjectId();
|
|
119
|
-
Auth.setUserId(t, id);
|
|
120
|
-
expect(t.session.user).to.eql(id);
|
|
121
|
-
});
|
|
122
|
-
|
|
123
|
-
it('session not exist, set _id', function() {
|
|
124
|
-
const t = {};
|
|
125
|
-
const id = mongoose.Types.ObjectId();
|
|
126
|
-
Auth.setUserId(t, id);
|
|
127
|
-
expect(t).to.be.deep.eql({});
|
|
128
|
-
});
|
|
129
|
-
|
|
130
|
-
it('obsolete version setId', function() {
|
|
131
|
-
const t = {};
|
|
132
|
-
const id = mongoose.Types.ObjectId();
|
|
133
|
-
Auth.setId(t, id);
|
|
134
|
-
expect(t).to.be.deep.eql({});
|
|
135
|
-
});
|
|
136
|
-
});
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
describe('getUserId', function() {
|
|
140
|
-
it('session exist, user id exist', function() {
|
|
141
|
-
const t = {
|
|
142
|
-
session:{
|
|
143
|
-
user: mongoose.Types.ObjectId(),
|
|
144
|
-
role: 'user'
|
|
145
|
-
}
|
|
146
|
-
};
|
|
147
|
-
const id = Auth.getUserId(t);
|
|
148
|
-
expect(id.toString()).to.eql(t.session.user.toString());
|
|
149
|
-
});
|
|
150
|
-
|
|
151
|
-
it('session not exist', function() {
|
|
152
|
-
const t = {};
|
|
153
|
-
const id = Auth.getUserId(t);
|
|
154
|
-
expect(id).to.be.deep.eql(undefined);
|
|
155
|
-
});
|
|
156
|
-
});
|
|
157
|
-
|
|
158
|
-
describe('getSessionId', function() {
|
|
159
|
-
it('session exist, session id exist', function() {
|
|
160
|
-
const t = {
|
|
161
|
-
session:{
|
|
162
|
-
id: mongoose.Types.ObjectId(),
|
|
163
|
-
role: 'user'
|
|
164
|
-
}
|
|
165
|
-
};
|
|
166
|
-
const id = Auth.getSessionId(t);
|
|
167
|
-
expect(id.toString()).to.eql(t.session.id.toString());
|
|
168
|
-
});
|
|
169
|
-
|
|
170
|
-
it('session not exist', function() {
|
|
171
|
-
const t = {};
|
|
172
|
-
const id = Auth.getSessionId(t);
|
|
173
|
-
expect(id).to.be.deep.eql(undefined);
|
|
174
|
-
});
|
|
175
|
-
});
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
describe('setAuth', function() {
|
|
179
|
-
it('session exist', function() {
|
|
180
|
-
const t = {
|
|
181
|
-
session:{}
|
|
182
|
-
};
|
|
183
|
-
const id = mongoose.Types.ObjectId();
|
|
184
|
-
Auth.setAuth(t, id, 'root');
|
|
185
|
-
expect(t.session.user.toString()).to.eql(id.toString());
|
|
186
|
-
expect(t.session.role).to.eql('root');
|
|
187
|
-
});
|
|
188
|
-
|
|
189
|
-
it('session not exist', function() {
|
|
190
|
-
const t = {};
|
|
191
|
-
const id = mongoose.Types.ObjectId();
|
|
192
|
-
Auth.setAuth(t, id, 'user');
|
|
193
|
-
expect(t).to.be.deep.eql({});
|
|
194
|
-
});
|
|
195
|
-
});
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
describe('setGuest', function() {
|
|
199
|
-
it('session exist', function() {
|
|
200
|
-
const id = mongoose.Types.ObjectId();
|
|
201
|
-
const t = {
|
|
202
|
-
session:{user: id, role: 'admin'},
|
|
203
|
-
user: {_id:id}
|
|
204
|
-
};
|
|
205
|
-
Auth.setGuest(t);
|
|
206
|
-
expect(t.session.user).to.eql(null);
|
|
207
|
-
expect(t.user).to.eql(null);
|
|
208
|
-
expect(t.session.role).to.eql(['guest']);
|
|
209
|
-
});
|
|
210
|
-
|
|
211
|
-
it('session not exist', function() {
|
|
212
|
-
const t = {};
|
|
213
|
-
Auth.setGuest(t);
|
|
214
|
-
expect(t).to.be.deep.eql({});
|
|
215
|
-
});
|
|
216
|
-
});
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
describe('cleanse', function() {
|
|
220
|
-
it('session exist, destroy method exists', function() {
|
|
221
|
-
const id = mongoose.Types.ObjectId();
|
|
222
|
-
let destroyed = false;
|
|
223
|
-
const t = {
|
|
224
|
-
session:{
|
|
225
|
-
user: id,
|
|
226
|
-
role: 'admin',
|
|
227
|
-
destroy(){
|
|
228
|
-
destroyed = true;
|
|
229
|
-
}
|
|
230
|
-
}
|
|
231
|
-
};
|
|
232
|
-
Auth.cleanse(t);
|
|
233
|
-
expect(t.session.user).to.eql(null);
|
|
234
|
-
expect(t.session.role).to.eql(['guest']);
|
|
235
|
-
expect(destroyed).to.eql(true);
|
|
236
|
-
});
|
|
237
|
-
|
|
238
|
-
it('session exist, destroy method exists', function() {
|
|
239
|
-
const id = mongoose.Types.ObjectId();
|
|
240
|
-
const t = {
|
|
241
|
-
session:{
|
|
242
|
-
user: id,
|
|
243
|
-
role: 'admin'
|
|
244
|
-
}
|
|
245
|
-
};
|
|
246
|
-
Auth.cleanse(t);
|
|
247
|
-
expect(t.session.user).to.eql(null);
|
|
248
|
-
expect(t.session.role).to.eql(['guest']);
|
|
249
|
-
});
|
|
250
|
-
|
|
251
|
-
it('session not exist', function() {
|
|
252
|
-
const t = {};
|
|
253
|
-
Auth.cleanse(t);
|
|
254
|
-
expect(t).to.be.deep.eql({});
|
|
255
|
-
});
|
|
256
|
-
});
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
});
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
};
|