passport-unique-token
Version:
Unique Token authentication strategy for Passport.
101 lines • 4.05 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.UniqueTokenStrategy = void 0;
const passport_strategy_1 = require("passport-strategy");
const utils_1 = require("./utils");
const BAD_REQUEST = 400;
/**
* `Strategy` class.
*
* The token authentication strategy authenticates requests based on the
* credentials submitted through standard request headers, body, querystring or params.
*
* Applications must supply a `verify` callback which accepts
* unique `token` credentials, and then calls the `done` callback supplying a
* `user`, which should be set to `false` if the credentials are not valid.
* If an exception occured, `err` should be set.
*
* Optionally, `options` can be used to change the fields in which the
* credentials are found.
*
* Options:
*
* - `tokenField` field name where the token is found, defaults to 'token'
* - `tokenQuery` query string name where the token is found, defaults to 'token'
* - `tokenParams` params name where the token is found, defaults to 'token'
* - `tokenHeader` header name where the token is found, defaults to 'token'
* - `passReqToCallback` when `true`, `req` is the first argument to the verify callback (default: `false`)
* - `failOnMissing` when `false`, if the token is not found it will not fail (default: `true`)
* - `caseSensitive` when `true` the token validation is case Sensitive (default: `false`)
*
* Examples:
*
* passport.use(new UniqueTokenStrategy(
* function(token, done) {
* User.findOne({ token: token }, function (err, user) {
* done(err, user);
* });
* }
* ));
*
* @param {UniqueTokenOptions | UniqueTokenOptionsWithRequest} options
* @param {VerifyFunction | VerifyFunctionWithRequest} verify
* @api public
*/
class UniqueTokenStrategy extends passport_strategy_1.Strategy {
constructor(options, verify) {
super();
this.name = 'token';
this.defaultToken = 'token';
if (typeof options === 'function') {
verify = options;
options = {};
}
if (!verify) {
throw new TypeError('Token authentication strategy requires a verify function');
}
this.tokenField = this.sanitizeToken(options, 'tokenField');
this.tokenQuery = this.sanitizeToken(options, 'tokenQuery');
this.tokenParams = this.sanitizeToken(options, 'tokenParams');
this.tokenHeader = this.sanitizeToken(options, 'tokenHeader');
this.failOnMissing = typeof options.failOnMissing !== 'undefined' ? !!options.failOnMissing : true;
this.verify = verify;
this.passReqToCallback = !!options.passReqToCallback;
}
authenticate(req, options = {}) {
const token = utils_1.lookup(req.body, this.tokenField) ||
utils_1.lookup(req.query, this.tokenQuery) ||
utils_1.lookup(req.params, this.tokenParams) ||
utils_1.lookup(req.headers, this.tokenHeader);
if (!token) {
return this.failOnMissing
? this.fail({ message: options.badRequestMessage || 'Missing credentials' }, BAD_REQUEST)
: this.pass();
}
const verifiedCallback = (err, user, info) => {
if (err) {
return this.error(err);
}
if (!user) {
return this.fail(info, 401);
}
return this.success(user, info);
};
try {
return this.passReqToCallback
? this.verify(req, token, verifiedCallback)
: this.verify(token, verifiedCallback);
}
catch (e) {
return this.error(e);
}
}
sanitizeToken(options, optionsField) {
const token = options[optionsField];
if (!token)
return this.defaultToken;
return options.caseSensitive ? token : token.toLowerCase();
}
}
exports.UniqueTokenStrategy = UniqueTokenStrategy;
//# sourceMappingURL=strategy.js.map