@guardian/pan-domain-node/dist/src/api.js

NodeJs implementation of Guardian pan-domain auth verification

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.gracePeriodInMillis = exports.PanDomainAuthentication = void 0;
exports.guardianValidation = guardianValidation;
var panda_1 = require("./panda");
Object.defineProperty(exports, "PanDomainAuthentication", { enumerable: true, get: function () { return panda_1.PanDomainAuthentication; } });
// We continue to consider the request authenticated for
// a period of time after the cookie expiry. This is to allow
// API requests which cannot directly send the user for re-auth to
// indicate to the user that they must take some action to refresh their
// credentials (usually, refreshing the page).
// Panda cookie:               issued     expires
//                             |          |
//                             |--1 hour--|
// Grace period:                          [------------- 24 hours ------]
// `success`:         --false-][-true-----------------------------------][-false-------->
// `shouldRefreshCredentials`  [-false---][-true------------------------]
exports.gracePeriodInMillis = 24 * 60 * 60 * 1000;
function guardianValidation(user) {
    const isGuardianUser = user.email.indexOf('guardian.co.uk') !== -1;
    return isGuardianUser && user.multifactor;
}