UNPKG

authbase

Version:

AuthBase client library

61 lines (53 loc) 2.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
var _ = require('lodash'), ExpressRouter = require('express').Router, request = require('superagent'), jwt = require('jwt-simple'), errors = require('./errors'); var Router = function(parentOptions) { return function(options) { options = options || {}; var router = ExpressRouter(); // map out routes for all of the ready-to-use forms ['login', 'signup', 'reset-password', 'change-password', 'change-email'] .forEach(function(form) { router.get('/authbase/' + form, function(req, res) { request.get(parentOptions.url + '/forms/' + form) .query({stylesheets: options.stylesheets}) .query({userId: req.query.userId}) .query({email: req.query.email}) .set('X-App-Id', parentOptions.appId) .set('X-App-Secret', parentOptions.appSecret) .buffer() .on('error', function(err) { console.error(err.stack); res.status(errors.serviceError.status).send({error: errors.serviceError.message}); }) .end(function(response) { res.status(response.status).send(response.text); }); }); }); router.get('/authbase/return', function(req, res, next) { try { var decoded = jwt.decode(req.query.token, parentOptions.appSecret); if (decoded.iss !== 'AuthBase') throw errors.invalidToken; res.locals.user = decoded.sub; switch(req.query.action) { case 'login': options.onLogin(req, res, next); break; case 'signup': options.onSignup(req, res, next); break; case 'change-email': options.onChangeEmail(req, res, next); break; default: { console.warn('AuthBase: unrecognized response action'); options.onError(errors.invalidAction, req, res, next); } } } catch(e) { console.log(e.stack); console.warn('AuthBase: suspicious request from IP address ', req.ip); options.onError(errors.invalidToken, req, res, next); } }); return router; }; }; module.exports = Router;