UNPKG

jaunty

Version:

A simple, all-in-one, lightweight JWT authentication and authorization middleware for express.

github.com/labsvisual/jaunty

labsvisual/jaunty

121 lines (73 loc) 3.94 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
const Utils = require( './utils' ); const Errors = require( './errors' ); /** * Creates an access control list validation middleware for a * specific route or router. * * @param {object} opts - the options to use for configuring the instance * @param {string} [opts.attachmentPath=user] - specifies the property name on the request object which contains * the deserialized user * @param {string} [opts.permissionsPath=permissions] - specified the property name on the user object which * contains the permissions string or array * * @returns {object} an object containing functions for ACL validation */ module.exports = function createACL( opts ) { const _defaults = { attachmentPath: 'user', permissionsPath: 'permissions' }; const options = Object.assign( _defaults, opts ); if ( typeof options.attachmentPath !== 'string' || options.attachmentPath === null ) { throw new TypeError( `Was expecting a String for "options.attachmentPath"; received a ${ typeof options.attachmentPath }` ); } if ( typeof options.permissionsPath !== 'string' || options.permissionsPath === null ) { throw new TypeError( `Was expecting a String for "options.permissionsPath"; received a ${ typeof options.permissionsPath }` ); } if ( !options.attachmentPath ) { throw new TypeError( `Was expecting a truthy value for "options.attachmentPath"; received "${ options.attachmentPath }"` ); } if ( !options.permissionsPath ) { throw new TypeError( `Was expecting a truthy value for "options.permissionsPath"; received "${ options.permissionsPath }"` ); } return { hasPermissions( ..._permissions ) { if ( !_permissions.every( el => Array.isArray( el ) ) ) { throw new TypeError( 'The permissions chain has to be a list of arrays. Found offending type.' ); } for ( let i = 0; i < _permissions.length; i++ ) { if ( !_permissions[ i ].every( el => typeof el === 'string' ) ) { throw new TypeError( 'The permissions block should only contain strings. Found offending type.' ); } } return function jauntyAclMiddleware( request, _, next ) { const user = request[ options.attachmentPath ]; if ( typeof user === 'undefined' || user === null ) { return next( new TypeError( `Was expecting type object, found "${ Utils.getType( user ) }" for user` ) ); } let permissions = user[ options.permissionsPath ]; if ( typeof permissions === 'undefined' || permissions === null ) { return next( new TypeError( `Was expecting type object, found "${ Utils.getType( permissions ) }" for permissions` ) ); } if ( typeof permissions === 'string' ) { permissions = permissions.split( ' ' ); } else if ( typeof permissions !== 'object' || !Array.isArray( permissions ) ) { return next( new TypeError( 'Was expecting the permissions property to be of type "string" or "array". ' + `Found "${ Utils.getType( permissions ) }".` ) ); } let hasPermissions = false; for ( let i = 0; i < _permissions.length; i++ ) { const permissionSet = _permissions[ i ]; if ( permissionSet.every( el => permissions.indexOf( el ) !== -1 ) ) { hasPermissions = true; break; } } return hasPermissions ? next() : next( new Errors.UnauthorizedError() ); }; } }; };