UNPKG

feathers-authentication-local

Version:

Local authentication strategy for feathers-authentication

github.com/feathersjs/feathers-authentication-local

feathersjs/feathers-authentication-local

145 lines (109 loc) 5.54 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
'use strict'; Object.defineProperty(exports, "__esModule", { value: true }); var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }(); var _debug = require('debug'); var _debug2 = _interopRequireDefault(_debug); var _feathersErrors = require('feathers-errors'); var _feathersErrors2 = _interopRequireDefault(_feathersErrors); var _bcryptjs = require('bcryptjs'); var _bcryptjs2 = _interopRequireDefault(_bcryptjs); var _lodash = require('lodash.get'); var _lodash2 = _interopRequireDefault(_lodash); var _lodash3 = require('lodash.omit'); var _lodash4 = _interopRequireDefault(_lodash3); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; } function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } var debug = (0, _debug2.default)('feathers-authentication-local:verify'); var LocalVerifier = function () { function LocalVerifier(app) { var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {}; _classCallCheck(this, LocalVerifier); this.app = app; this.options = options; this.service = typeof options.service === 'string' ? app.service(options.service) : options.service; if (!this.service) { throw new Error('options.service does not exist.\n\tMake sure you are passing a valid service path or service instance and it is initialized before feathers-authentication-local.'); } this._comparePassword = this._comparePassword.bind(this); this._normalizeResult = this._normalizeResult.bind(this); this.verify = this.verify.bind(this); } _createClass(LocalVerifier, [{ key: '_comparePassword', value: function _comparePassword(entity, password) { // select entity password field - take entityPasswordField over passwordField var passwordField = this.options.entityPasswordField || this.options.passwordField; // find password in entity, this allows for dot notation var hash = (0, _lodash2.default)(entity, passwordField); if (!hash) { return Promise.reject(new Error('\'' + this.options.entity + '\' record in the database is missing a \'' + passwordField + '\'')); } debug('Verifying password'); return new Promise(function (resolve, reject) { _bcryptjs2.default.compare(password, hash, function (error, result) { // Handle 500 server error. if (error) { return reject(error); } if (!result) { debug('Password incorrect'); return reject(false); } debug('Password correct'); return resolve(entity); }); }); } }, { key: '_normalizeResult', value: function _normalizeResult(results) { // Paginated services return the array of results in the data attribute. var entities = results.data ? results.data : results; var entity = entities[0]; // Handle bad username. if (!entity) { return Promise.reject(false); } debug(this.options.entity + ' found'); return Promise.resolve(entity); } }, { key: 'verify', value: function verify(req, username, password, done) { var _query, _this = this; debug('Checking credentials', username, password); var id = this.service.id; var usernameField = this.options.entityUsernameField || this.options.usernameField; var params = Object.assign({ 'query': (_query = {}, _defineProperty(_query, usernameField, username), _defineProperty(_query, '$limit', 1), _query) }, (0, _lodash4.default)(req.params, 'query', 'provider', 'headers', 'session', 'cookies')); if (id === null || id === undefined) { debug('failed: the service.id was not set'); return done(new Error('the `id` property must be set on the entity service for authentication')); } // Look up the entity this.service.find(params).then(function (response) { var results = response.data || response; if (!results.length) { debug('a record with ' + usernameField + ' of \'' + username + '\' did not exist'); } return _this._normalizeResult(response); }).then(function (entity) { return _this._comparePassword(entity, password); }).then(function (entity) { var id = entity[_this.service.id]; var payload = _defineProperty({}, _this.options.entity + 'Id', id); done(null, entity, payload); }).catch(function (error) { return error ? done(error) : done(null, error, { message: 'Invalid login' }); }); } }]); return LocalVerifier; }(); exports.default = LocalVerifier; module.exports = exports['default'];