UNPKG

mdds-mongoose-express-auth-server

Version:

Model Driver Development Stack - authentication and authorization server for mongoose and express based application. It can be enabled to work as authentication, user profile managment, and authorization management servers.

124 lines (101 loc) 3.36 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
const express = require('express'); const createError = require('http-errors'); const AuthnController = require('./controller') const { templates, commonInfo } = require('./mdds-emailing'); const AuthnRouter = function(userDef, getUserRoleFunc) { let authModelCreated = false; const authn = userDef.authn || {}; let authUserFields = "username"; if ("authUserFields" in authn) { authUserFields = authn["authUserFields"]; } let authPasswordField = "password"; if ("authPasswordField" in authn) { authPasswordField = authn["authPasswordField"]; } let authSchemaName; if ("authUserSchema" in authn) { authSchemaName = authn["authUserSchema"]; } const authnController = new AuthnController(); let schemas = userDef.schemas; for (let schemaName in schemas) { let schemaDef = schemas[schemaName]; //schemaDef.views in [briefView, detailView, CreateView, EditView, SearchView] sequence if (schemaName == authSchemaName) { let schm = schemaDef.schema; authnController.registerAuth(authSchemaName, schemaDef.schema, authUserFields, authPasswordField); authModelCreated = true; break; } } let expressRouter = express.Router(); let setSchemaName = function(req, res, next) { req.authSchemaName = authSchemaName; next(); } let roleFunc = function(req, res, next) { if (getUserRoleFunc) getUserRoleFunc(req, res, next); else next(); } if (authModelCreated) { expressRouter.post( "/login", setSchemaName, authnController.authLogin.bind(authnController), roleFunc, authnController.generateToken.bind(authnController) ); expressRouter.post( "/refresh", setSchemaName, authnController.verifyRefreshToken.bind(authnController), authnController.authRefresh.bind(authnController), roleFunc, authnController.generateToken.bind(authnController) ); expressRouter.post("/register", setSchemaName, authnController.authRegister.bind(authnController) ); expressRouter.post("/changepass", setSchemaName, authnController.authLogin.bind(authnController), authnController.changePass.bind(authnController) ); expressRouter.post("/findpass", setSchemaName, authnController.findPass.bind(authnController) ); //expressRouter = util.moveRouterStackTailToHead(expressRouter, 3); //not supported api expressRouter.use(function(req, res, next) { next(createError(404)); }); //error handler expressRouter.use(function(err, req, res, next) { let e = {"error": err.message, "status": err.status || 500}; if (req.app.get('env') === 'development') { e.details = err.stack } // render the error page res.status(err.status || 500); res.json(e); }); } expressRouter.setEmailer = function(emailer, info) { if (!authnController.mmdsProperties) { authnController.mmdsProperties = {}; } emailer.populateTemplatesToDB(templates); authnController.mmdsProperties.emailer = emailer; authnController.mmdsProperties.emailerObj = commonInfo; if (info) { authnController.mmdsProperties.emailerObj = info; } } return expressRouter; } module.exports = AuthnRouter;