diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7dccd97 --- /dev/null +++ b/.gitignore @@ -0,0 +1,15 @@ +lib-cov +*.seed +*.log +*.csv +*.dat +*.out +*.pid +*.gz + +pids +logs +results + +node_modules +npm-debug.log \ No newline at end of file diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..895dbd3 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,4 @@ +language: node_js +node_js: + - 0.6 + - 0.8 diff --git a/index.js b/index.js index 9f960d9..713f93a 100644 --- a/index.js +++ b/index.js @@ -1,11 +1,11 @@ "use strict"; var functionList = []; -var failureHandler = function (req, res, action){ +var failureHandler = function failureHandler(req, res, action) { res.send(403); }; var defaultUser = {}; -module.exports = function middleware(req, res, next){ +module.exports = function middleware(req, res, next) { var oldUser = req.user; req.user = req.user || Object.create(defaultUser); if(oldUser){ @@ -25,15 +25,16 @@ module.exports.log = false; module.exports.can = routeTester('can'); module.exports.is = routeTester('is'); -module.exports.isAuthenticated = function(req,res,next){ - if(arguments.length === 0){ return module.exports.isAuthenticated; } - if (req.user && req.user.isAuthenticated){ next(); } +module.exports.isAuthenticated = isAuthenticated; +function isAuthenticated(req,res,next) { + if(arguments.length === 0){ return isAuthenticated; } + if (req.user && req.user.isAuthenticated === true){ next(); } else if(req.user){ failureHandler(req, res, "isAuthenticated"); } else { throw "Request.user was null or undefined, include middleware"; } }; -module.exports.useAuthorisationStrategy = -module.exports.useAuthorizationStrategy = function(path, fn){ +module.exports.useAuthorisationStrategy = useAuthorizationStrategy; +function useAuthorizationStrategy(path, fn) { if(typeof path === "function"){ fn = path; } @@ -45,10 +46,12 @@ module.exports.useAuthorizationStrategy = function(path, fn){ }); return this; }; -module.exports.setFailureHandler = function(fn){ +module.exports.setFailureHandler = setFailureHandler; +function setFailureHandler(fn) { failureHandler = fn; }; -module.exports.setDefaultUser = function(user){ +module.exports.setDefaultUser = setDefaultUser; +function setDefaultUser(user) { defaultUser = user; }; diff --git a/package.json b/package.json index e8c3eba..9e02ecb 100644 --- a/package.json +++ b/package.json @@ -1,11 +1,31 @@ { - "name": "connect-roles", - "description": "Provides dynamic roles based authentication for node.js connect and express servers.", - "version": "0.1.7", - "homepage": "http://documentup.com/ForbesLindesay/connect-roles", - "repository": { - "type":"git", - "url": "git://github.com/ForbesLindesay/connect-roles.git" - }, - "main": "./index" + "name": "connect-roles", + "description": "Provides dynamic roles based authentication for node.js connect and express servers.", + "version": "0.1.7", + "homepage": "http://documentup.com/ForbesLindesay/connect-roles", + "repository": { + "type":"git", + "url": "git://github.com/ForbesLindesay/connect-roles.git" + }, + "main": "./index", + "devDependencies": { + "should": "*", + "mocha": "*" + }, + "scripts": { + "prepublish": "mocha", + "test": "mocha -R spec" + }, + "author": "ForbesLindesay", + "license": "BSD", + "keywords": [ + "roles", + "authorization", + "authentication", + "security", + "connect", + "express", + "passport", + "everyauth" + ] } \ No newline at end of file diff --git a/readme.md b/readme.md index 17212de..79ecf9b 100644 --- a/readme.md +++ b/readme.md @@ -1,4 +1,4 @@ - +[![Build Status](https://secure.travis-ci.org/ForbesLindesay/connect-roles.png?branch=master)](http://travis-ci.org/ForbesLindesay/connect-roles) # Connect Roles Connect roles is designed to work with connect or express. It is an authorization provider, not an authentication provider. It is designed to support context sensitive roles/abilities, through the use of middleware style authentication strategies. diff --git a/test/index.js b/test/index.js new file mode 100644 index 0000000..b9b391b --- /dev/null +++ b/test/index.js @@ -0,0 +1,81 @@ +var roles = require('../'); +var assert = require('should'); + +describe('middleware', function () { + describe('when there is a user', function () { + it('adds methods', function (done) { + var req = {user: { id: 'Forbes' }}; + var res = {}; + roles(req, res, function (err) { + if (err) return done(err); + req.user.isAuthenticated.should.equal(true); + req.user.can.should.be.a('function'); + req.user.is.should.be.a('function'); + done(); + }); + }); + }); + describe('when there is no user', function () { + it('adds methods and the anonymous user', function (done) { + var req = {}; + var res = {}; + roles(req, res, function (err) { + if (err) return done(err); + req.user.isAuthenticated.should.equal(false); + req.user.can.should.be.a('function'); + req.user.is.should.be.a('function'); + done(); + }); + }); + }); +}); + +function notCalled(name) { + return function notCalled() { + throw new Error('The function ' + name + ' should not be called here.'); + } +} +describe('isAuthenticated route middleware', function () { + describe('when there is a user', function () { + before(function () { + roles.setFailureHandler(notCalled('Failure Handler')); + }); + it('passes the test', function (done) { + var req = {user: { isAuthenticated: true }}; + var res = {send: notCalled('send')}; + roles.isAuthenticated(req, res, function (err) { + if (err) return done(err); + done(); + }); + }); + after(function () { + roles.setFailureHandler(function failureHandler(req, res, action) { + res.send(403); + }); + }); + }); + describe('when there is a user but they aren\'t authenticated.', function () { + it('fails the test', function (done) { + var req = {user: { id: 'Forbes' }}; + var res = {send: send}; + function send(code) { + code.should.equal(403); + done(); + } + roles.isAuthenticated(req, res, notCalled('next')); + }); + }); + describe('when there is no user', function () { + it('adds methods and the anonymous user', function (done) { + var req = {}; + var res = {}; + roles(req, res, function (err) { + if (err) return done(err); + req.user.isAuthenticated.should.equal(false); + req.user.can.should.be.a('function'); + req.user.is.should.be.a('function'); + done(); + }); + }); + }); +}); \ No newline at end of file