/
index.js
100 lines (93 loc) · 2.83 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
"use strict";
var functionList = [];
var failureHandler = function failureHandler(req, res, action) {
res.send(403);
};
var defaultUser = {};
module.exports = function middleware(req, res, next) {
var oldUser = req.user;
req.user = req.user || Object.create(defaultUser);
if(oldUser){
req.user.isAuthenticated = true;
}else{
req.user.isAuthenticated = false;
}
if(req.user){
req.user.is = tester(req,'is');
req.user.can = tester(req,'can');
}
next();
};
module.exports.log = false;
module.exports.can = routeTester('can');
module.exports.is = routeTester('is');
module.exports.isAuthenticated = isAuthenticated;
function isAuthenticated(req,res,next) {
if(arguments.length === 0){ return isAuthenticated; }
if (req.user && req.user.isAuthenticated === true){ next(); }
else if(req.user){ failureHandler(req, res, "isAuthenticated"); }
else { throw "Request.user was null or undefined, include middleware"; }
};
module.exports.useAuthorisationStrategy = useAuthorizationStrategy;
function useAuthorizationStrategy(path, fn) {
if(typeof path === "function"){
fn = path;
}
functionList.push(function(user, action, stop){
if(typeof path === "string" && path !== action){
return null;
}
return fn.call(this, user, action, stop);
});
return this;
};
module.exports.setFailureHandler = setFailureHandler;
function setFailureHandler(fn) {
failureHandler = fn;
};
module.exports.setDefaultUser = setDefaultUser;
function setDefaultUser(user) {
defaultUser = user;
};
function tester(req, verb){
return function(action){
var result = null,
vote;
var stop = false;
function stopNow(vote){
stop = true;
if (vote === false){
result = false;
} else if (vote === true) {
result = true;
}
}
for (var i = 0; i<functionList.length && !stop; i++){
var fn = functionList[i];
vote = fn.call(req, req.user, action, stopNow);
if(vote === false){
stop = true;
result = false;
} else if (vote === true){
result = true;
}
}
if(module.exports.log){
console.log('Check Permission: ' + (req.user.id||req.user.name||"user") +
"."+(verb||'can')+"('" + action + "') -> " + (result === true));
}
return (result === true);
};
}
function routeTester(verb){
return function (action){
return function(req,res,next){
if(tester(req,verb)(action)){
next();
}else{
//Failed authentication.
failureHandler(req, res, action);
}
};
};
}