UNPKG

@quarks/quarks-iam

Version:

A modern authorization server built to authenticate your users and protect your APIs

github.com/anvilresearch/connect

anvilresearch/connect

48 lines (39 loc) 1.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
/** * Module dependencies */ var User = require('../models/User') var NotFoundError = require('../errors/NotFoundError') /** * Export */ function patchUserInfo (req, res, next) { // Map updates given in the request body to attributes // in the scopes authorized by the access token. var scopeUserAttributes = [] var authorizedUpdates = {} req.scopes.forEach(function (scope) { scope.attributes && scope.attributes.user && scope.attributes.user.forEach(function (key) { scopeUserAttributes.push(key) if (req.body && req.body[key] !== undefined) { authorizedUpdates[key] = req.body[key] } }) }) // Do the update and return the usual userinfo data // after the update is complete. User.patch(req.claims.sub, authorizedUpdates, { mapping: 'userinfo' }, function (err, user) { if (err) { return next(err) } if (!user) { return next(new NotFoundError()) } var projection = user.project('userinfo') var userInfo = { sub: projection.sub } scopeUserAttributes.forEach(function (key) { if (typeof projection[key] !== 'undefined') { userInfo[key] = projection[key] } }) res.status(200).json(userInfo) }) } module.exports = patchUserInfo