UNPKG

serveros

Version:

Auth for networks of applications.

github.com/frankiethekneeman/serveros

frankiethekneeman/serveros

120 lines (113 loc) 4.52 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
var Hawk = require('hawk') , inMemoryHash = {} ; /** * A helper class to do Hawk Authentication for Consumers. * @class Plugins.HawkAuthenticator * * @param {Object} [storageInterface=InMemoryStorage] A storage interface for the Credentials as they're unpacked. * @param {Plugins.HawkAuthenticator~StorageInterfaceStore} storageInterface.store * @param {Plugins.HawkAuthenticator~StorageInterfaceRetrieve} storageInterface.retrieve * @param {Plugins.HawkAuthenticator~StorageInterfacePurge} storageInterface.purge */ function HawkAuthenticator(storageInterface) { this.storage = storageInterface || { /** * Store some credentials for later retrieval. * * @callback Plugins.HawkAuthenticator~StorageInterfaceStore * @param {String} key The key which will be used to retrieve the credentials. * @param {Object} credentials The credentials which will need retrieval. * @param {Plugins.HawkAuthenticator~thinCallback} callback A callback for the results of the operation. */ store: function(key, credentials, callback) { inMemoryHash[key] = credentials; process.nextTick( function() { if (callback) callback(true); }); }, /** * Retrieve some credentials. * * @callback Plugins.HawkAuthenticator~StorageInterfaceRetrieve * @param {String} key The key which was used to store the credentials. * @param {Plugins.HawkAuthenticator~thinCallback} callback A callback for the results of the operation. */ retrieve: function(id, callback) { var toReturn = inMemoryHash[id]; process.nextTick( function() { if (callback) callback(toReturn); }); }, /** * Eliminate some credentials from * * @callback Plugins.HawkAuthenticator~StorageInterfacePurge * @param {String} key The key which was used to store the credentials. * @param {Plugins.HawkAuthenticator~thinCallback} callback A callback for the results of the operation. */ purge: function(id, callback) { delete inMemoryHash[id]; process.nextTick( function() { if (callback) callback(true); }); } } } HawkAuthenticator.prototype = { /** * Create a credentials acceptance function to pass into {@link ServerosServiceProvider.expressValidator} * * @return {ServerosServiceProvider~validatorCallback} a credentials function. */ credentialsAccepter: function() { var that = this; return function(credentials) { that.storage.store(credentials.id, credentials); }; }, /** * Create a credentials acceptance function to pass into {@link ServerosServiceProvider.expressValidator} * * @return {function} an Express filter. */ expressAuthorizer: function() { var that = this; return function(req, res, next) { Hawk.server.authenticate(req, function(id, callback) { that.storage.retrieve(id, function(credentials) { if (!credentials) { callback("No Credentials Found."); return; } if (Date.now() > credentials.expires) { that.storage.purge(id, function() { if (callback) callback("Credentials Expired"); }); return; } var hawkCredentials = { key: credentials.secret , algorithm: credentials.hash , authData: credentials.authData , consumer: credentials.requester } callback(null, hawkCredentials); }); }, {}, function(err, credentials, artifacts) { if (!err) { req.authedAs = credentials.consumer; req.authData = credentials.authData; } else { req.authErr = err } next(); }); }; } } module.exports = exports = HawkAuthenticator; /** * @callback Plugins.HawkAuthenticator~thinCallback * @param {mixed} the result of the operation. */