forest-express
Version:
Official package for all Forest Express Lianas
51 lines (49 loc) • 1.84 kB
JavaScript
;
var _require = require('compose-middleware'),
compose = _require.compose;
var error = require('../utils/error');
var logger = require('./logger');
var createIpAuthorizer = require('../middlewares/ip-whitelist');
var ERROR_MESSAGE = 'Forest cannot authenticate the user for this request.';
var ERROR_MESSAGE_TOKEN_OLD = 'Your token format is invalid, please login again.';
var ipAuthorizer;
function initAuth(options) {
ipAuthorizer = createIpAuthorizer(options.envSecret);
}
function ensureAuthenticated(request, response, next) {
if (!request.user) {
return next(new error.Unauthorized(ERROR_MESSAGE));
}
// NOTICE: Automatically logout users trying to access the API with a token having an
// old data format.
if (request.user.type) {
return next(new error.Unauthorized(ERROR_MESSAGE_TOKEN_OLD));
}
return next();
}
function authenticate(request, response, next, authenticator) {
if (request.user) {
// NOTICE: User already authentified by the liana authentication middleware.
return next();
}
if (!authenticator) {
logger.error('The Liana has not been initialized to enable the authentication.');
return next(new error.Unauthorized(ERROR_MESSAGE));
}
return authenticator(request, response, function (hasError) {
if (hasError) {
logger.debug(hasError);
return next(new error.Unauthorized(ERROR_MESSAGE));
}
return ensureAuthenticated(request, response, next);
});
}
exports.allowedUsers = [];
exports.ensureAuthenticated = compose([ensureAuthenticated, function (request, response, next) {
if (!ipAuthorizer) {
return logger.error('"ensureAuthenticated" middleware must be called after "liana.init" function.');
}
return ipAuthorizer(request, response, next);
}]);
exports.authenticate = authenticate;
exports.initAuth = initAuth;