UNPKG

sailor-module-authentication

Version:

Adds support for verify domains and JSONWebtoken (JWT)

github.com/sailorjs/sailor-module-authentication

sailorjs/sailor-module-authentication

66 lines (55 loc) 2.32 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
## -- Dependencies ------------------------------------------------------------- jwt = require 'jsonwebtoken' sailor = require 'sailorjs' translate = sailor.translate errorify = sailor.errorify tokenConfig = sails.config.authentication.token existValue = (array, value) -> if (array.indexOf(value) > -1) then true else false isEndpoint = (req) -> requestPath = req._parsedOriginalUrl.pathname.toLowerCase() sanetizeRequestPath = requestPath.substring(1) requestMethod = req.route.method.toLowerCase() endpoints = tokenConfig.endpoints endpoint = unless endpoints[sanetizeRequestPath]? then false else existValue(endpoints[sanetizeRequestPath], requestMethod) sails.log.debug "Token verification :: path [#{requestPath}], method [#{requestMethod}], endpoint [#{endpoint}] :: valid [true]" endpoint ## -- Exports ------------------------------------------------------------- module.exports = (req, res, next) -> return next() if isEndpoint(req) token = undefined if req.method is "OPTIONS" and req.headers.hasOwnProperty("access-control-request-headers") hasAuthInAccessControl = !!~req.headers["access-control-request-headers"].split(",").map((header) -> header.trim() ).indexOf("authorization") return next() if hasAuthInAccessControl if req.headers and req.headers.authorization parts = req.headers.authorization.split(" ") if parts.length is 2 scheme = parts[0] credentials = parts[1] token = credentials if /^Bearer$/i.test(scheme) else return errorify .add 'domain', translate.get("Token.BadFormat"), 'token' .end res, 'badRequest' else return errorify .add 'domain', translate.get("Token.NotFound"), 'token' .end res, 'badRequest' JWTService.decode token, (err, decoded) -> if (err) if err.name is 'TokenExpiredError' return errorify .add 'domain', translate.get("Token.Expired"), 'token' .end res, 'badRequest' else return res.badRequest(errorify.serialize(err)) else req.token = decoded if decoded.user.id? User.findOne(decoded.user.id).populateAll().exec (err, user) -> if err then req.user = null else req.user = user next() else next()