-
Notifications
You must be signed in to change notification settings - Fork 605
/
session.js
160 lines (143 loc) · 5 KB
/
session.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
'use strict';
/**
This class holds the current access token and other session data. There will always be a
session regardless of whether a user is currently authenticated or not. That (singleton) instance
of this class is automatically injected into all models, controller, routes and views so you should
never instantiate this class directly but always use the auto-injected instance.
@class Session
@namespace Ember.SimpleAuth
@extends Ember.Object
@constructor
*/
Ember.SimpleAuth.Session = Ember.Object.extend({
init: function() {
this._super();
this.syncProperties();
this.handleAuthTokenRefresh();
},
/**
Sets up the session from a plain JavaScript object. This does not create a new instance but sets up
the instance with the data that is passed. Any data assigned here is also persisted in a session cookie (see http://en.wikipedia.org/wiki/HTTP_cookie#Session_cookie) so it survives a page reload.
@method setup
@param {Object} data The data to set the session up with
@param {String} data.access_token The access token that will be included in the `Authorization` header
@param {String} [data.refresh_token] An optional refresh token that will be used for obtaining fresh tokens
@param {String} [data.expires_in] An optional expiry for the access_token in seconds; if both expires_in and refresh_token are set,
Ember.SimpleAuth will automatically refresh access tokens before they expire
@example
```javascript
this.get('session').setup({
access_token: 'the secret token!',
refresh_token: 'a secret refresh token!',
expires_in: 3600 // 1 minute
})
```
*/
setup: function(data) {
data = data || {};
this.setProperties({
authToken: data.access_token,
refreshToken: (data.refresh_token || this.get('refreshToken')),
authTokenExpiry: (data.expires_in > 0 ? data.expires_in * 1000 : this.get('authTokenExpiry')) || 0
});
},
/**
Destroys the session by setting all properties to undefined (see [Session#setup](#Ember.SimpleAuth.Session_setup)). This also deletes any
saved data from the session cookie and effectively logs the current user out.
@method destroy
*/
destroy: function() {
this.setProperties({
authToken: undefined,
refreshToken: undefined,
authTokenExpiry: undefined
});
},
/**
Returns whether a user is currently authenticated.
@method isAuthenticated
@return {Boolean} true if a user is authenticated, false otherwise
*/
isAuthenticated: Ember.computed('authToken', function() {
return !Ember.isEmpty(this.get('authToken'));
}),
/**
@method syncProperties
@private
*/
syncProperties: function() {
this.setProperties({
authToken: this.load('authToken'),
refreshToken: this.load('refreshToken'),
authTokenExpiry: this.load('authTokenExpiry')
});
Ember.run.cancel(Ember.SimpleAuth.Session._syncPropertiesTimeout);
Ember.SimpleAuth.Session._syncPropertiesTimeout = Ember.run.later(this, this.syncProperties, 500);
},
/**
@method load
@private
*/
load: function(property) {
var value = document.cookie.match(new RegExp(property + '=([^;]+)')) || [];
if (Ember.isEmpty(value)) {
return undefined;
} else {
return decodeURIComponent(value[1] || '');
}
},
/**
@method store
@private
*/
store: function(property) {
document.cookie = property + '=' + encodeURIComponent(this.get(property) || '');
},
/**
@method authTokenObserver
@private
*/
authTokenObserver: Ember.observer(function() {
this.store('authToken');
}, 'authToken'),
/**
@method refreshTokenObserver
@private
*/
refreshTokenObserver: Ember.observer(function() {
this.store('refreshToken');
this.handleAuthTokenRefresh();
}, 'refreshToken'),
/**
@method authTokenExpiryObserver
@private
*/
authTokenExpiryObserver: Ember.observer(function() {
this.store('authTokenExpiry');
this.handleAuthTokenRefresh();
}, 'authTokenExpiry'),
/**
@method handleAuthTokenRefresh
@private
*/
handleAuthTokenRefresh: function() {
if (Ember.SimpleAuth.autoRefreshToken) {
Ember.run.cancel(Ember.SimpleAuth.Session._refreshTokenTimeout);
Ember.SimpleAuth.Session._refreshTokenTimeout = undefined;
var waitTime = this.get('authTokenExpiry') - 5000;
if (!Ember.isEmpty(this.get('refreshToken')) && waitTime > 0) {
Ember.SimpleAuth.Session._refreshTokenTimeout = Ember.run.later(this, function() {
var _this = this;
Ember.$.ajax(Ember.SimpleAuth.serverTokenEndpoint, {
type: 'POST',
data: 'grant_type=refresh_token&refresh_token=' + this.get('refreshToken'),
contentType: 'application/x-www-form-urlencoded'
}).then(function(response) {
_this.setup(response);
_this.handleAuthTokenRefresh();
});
}, waitTime);
}
}
}
});