Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

ScopedUser Logout Error #103

Open
wants to merge 4 commits into from

2 participants

David K Roberts Ciaran Jessup
David K Roberts

I modified the logout request for scopes to try to delete a user account. If the user account for that scope does not exist... It will throw a more contextual error instead of simply user is undefined

throw new Error('ScopeError: there are no user credentials associated with the SCOPE requested (' +  authContext.scope + ')');
Ciaran Jessup
Owner

I wonder if it would be better to log a warning and callback to the middlewareCallback (if it is defined) with an error object, rather than throw an error ? We could then change the logout callback in auth_middleware to pass this error back to the middlewarecallback that was passed to it (optionally passed) if something wanted to handle that dodgy logout ? What do you think?

@ciaranj - That is what I was originally thinking, but decided to go with a more conservative approach :smile: I like the way you are proposing much better since it is non obtrusive and doesn't leave the user dead in their tracks. Hold off on the pull request and I will implement.

David K Roberts

I added an error object to the middlewareCallback

Line 93 of auth_middleware.js

          if( middlewareCallback) middlewareCallback(err);

Bottom of requestMethods.js

    } catch(error){
      err = new Error('There are no user credentials associated with the scope: "' +  authContext.scope + '"');
    }
  }
  logoutHandler( authContext, user, middlewareCallback(err));
Ciaran Jessup
Owner

Sorry for the delay, quick question, I see you've chosen to attempt to access the object literal and catch any usage of 'undefined' in an exception handler, would you be adverse to testing the presence in a condition before trying to de-reference it, or is this a performance thing ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on May 27, 2012
  1. David K Roberts
Commits on May 29, 2012
  1. David K Roberts
  2. David K Roberts

    Code Cleanup

    djwglpuppy authored
  3. David K Roberts

    More Code Cleanup

    djwglpuppy authored
This page is out of date. Refresh to see the latest.
Showing with 20 additions and 15 deletions.
  1. +2 −2 lib/auth_middleware.js
  2. +18 −13 lib/requestMethods.js
4 lib/auth_middleware.js
View
@@ -81,7 +81,7 @@ module.exports = function(optionsOrStrategy) {
middlewareCallback= scope;
scope= undefined;
}
- RequestMethods.logout.call( this, {scope:scope, request:req, response:res}, logoutHandler, function() {
+ RequestMethods.logout.call( this, {scope:scope, request:req, response:res}, logoutHandler, function(err) {
//Clear out the saved auth details
//TODO: this should be scope-aware.
createAuthDetails( req );
@@ -90,7 +90,7 @@ module.exports = function(optionsOrStrategy) {
traceFunction( message, {scope:scope, request:req, response:res}, linePrefix );
};
- if( middlewareCallback) middlewareCallback();
+ if( middlewareCallback) middlewareCallback(err);
})
};
31 lib/requestMethods.js
View
@@ -1,3 +1,4 @@
+
/*!
* Copyright(c) 2010 Ciaran Jessup <ciaranj@gmai.com>
* MIT Licensed
@@ -155,17 +156,21 @@ module.exports.isUnAuthenticated= function(scope) {
};
module.exports.logout= function( authContext, logoutHandler, middlewareCallback ) {
- var ad= this.getAuthDetails();
- ad.trace( "Logout", authContext.scope, "!!!" );
- var user;
- if( authContext.scope === undefined) {
- user= ad.user;
- delete ad.user;
- ad.scopedUsers= {};
- }
- else {
- user= ad.scopedUsers[authContext.scope].user;
- delete ad.scopedUsers[authContext.scope].user;
- }
- logoutHandler( authContext, user, middlewareCallback );
+ var user, err;
+ var ad= this.getAuthDetails();
+ ad.trace( "Logout", authContext.scope, "!!!" );
+ if( authContext.scope === undefined) {
+ user= ad.user;
+ delete ad.user;
+ ad.scopedUsers= {};
+ }
+ else {
+ try {
+ user= ad.scopedUsers[authContext.scope].user;
+ delete ad.scopedUsers[authContext.scope].user;
+ } catch(error){
+ err= new Error('There are no user credentials associated with the scope: "' + authContext.scope + '"');
+ }
+ }
+ logoutHandler( authContext, user, middlewareCallback(err));
};
Something went wrong with that request. Please try again.