/
strategy.js
49 lines (45 loc) · 1.41 KB
/
strategy.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */
module.exports = function( ApiApp, devMode ) {
var DEVKEY = "00000000-0000-0000-000000000000",
uuid = require( "uuid" );
function devKeyLookupStrategy( publickey, callback ) {
var credentials = {
user: publickey,
algorithm: "sha256"
};
if ( publickey === DEVKEY ) {
credentials.key = DEVKEY;
credentials.isAdmin = true;
} else {
// generate a fake password so that credential verification will fail
credentials.key = uuid.v4();
}
callback( null, credentials );
}
function databaseKeyLookupStrategy( publickey, callback ) {
var credentials = {
algorithm: "sha256",
user: publickey
};
ApiApp.findOne({ publickey: publickey }, function( err, doc ) {
if ( err || !doc ) {
return callback( err );
}
if ( doc.revoked ) {
// only warn of revoked key if the passed MAC is successfully authenticated
// see the hawk callback below
req.revokedKey = true;
}
credentials.key = doc.privatekey;
credentials.admin = doc.admin;
callback( null, credentials );
});
}
if ( devMode ) {
return devKeyLookupStrategy;
} else {
return databaseKeyLookupStrategy;
}
};