UNPKG

authorify

Version:

Authorization and authentication system for REST server

github.com/mgesmundo/authorify

mgesmundo/authorify

77 lines (66 loc) 2.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
var logger = console; logger.debug = function(){}; var fs = require('fs'), path = require('path'), should = require('should'), restify = require('restify'), certPath = path.resolve(__dirname, '../../lib/config/cert'), authorify = require('../../index')({ logger: logger, debug: false, key: fs.readFileSync(path.join(certPath,'/serverCert.key'), 'utf8'), cert: fs.readFileSync(path.join(certPath,'/serverCert.cer'), 'utf8'), ca: fs.readFileSync(path.join(certPath,'/serverCA.cer'), 'utf8'), login: function(id, app, username, password, callback) { if (username === 'username' && password === 'password') { callback(1, ['admin']); } else if (username === 'user' && password === 'pass') { callback(2, ['user']); } else { callback(); } } }); var server = restify.createServer(); // add plugin authorify.load('authorify-websocket', 'ws', { transports: ['ws', 'http'], requestTimeout: 200 }); var ws = authorify.plugin.ws; ws.createServer(server); var router = ws.router; server.use(restify.queryParser({ mapParams: false })); server.use(restify.bodyParser()); // server.use(restify.CORS()); server.use(authorify.authentication); var sec = authorify.authorization; var ok = function(req, res, next){ var body = { success: true, session: req.session, content: req.body }; res.send(body); }; router.get('/handshake', ok); router.get('/auth', ok); router.get('/test', ok); router.post('/test', ok); router.get('/free', function(req, res, next) { res.send(200,'ok'); }); router.get('/logout', function(req, res, next) {res.send({ success: true, content: 'logged out'});}); // router.get('/logout', ok); // to test isLoggedIn router.get('/secure/loggedin1', sec.isLoggedIn(), ok); router.get('/secure/loggedin2', sec.isLoggedIn('opt1 == 1', { forbiddenOnFail: true }), ok); router.post('/secure/loggedin2', sec.isLoggedIn('opt1 == 1'), ok); router.get('/secure/loggedin3', sec.isLoggedIn('opt1 == 1', { nextOnError: true }), ok); router.get('/secure/loggedin4', sec.isLoggedIn('opt1 == 1', { forbiddenOnFail: true }), ok); router.post('/secure/loggedin5', sec.isLoggedIn('opt1 == 1'), ok); // to test isSelf router.get('/secure1/user/:user', sec.isSelf(), ok); router.get('/secure2/user/:user', sec.isLoggedIn('opt1 == 1'), ok); // to test isInRole router.get('/secure/roletest1',sec.isInRole('admin'), ok); router.get('/secure/roletest2',sec.isInRole(['user', 'guest']), ok); // to test isSelfOrInRole router.get('/secure/selfrole/:user/somepath', sec.isSelfOrInRole(['admin', 'user']), ok); server.listen(3000);