UNPKG

stream-flow-control

Version:

Stream Flow Control

gitlab.com/agustin.moyano/sfc

190 lines (186 loc) 7.67 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
_require: crypto: crypto fs: fs authenticate: type: Goal build: __goal__: type: FlowAll name: choose_method choose_method: options: none_reason: code: 404 message: 'No valid authentication method provided' type: FlowAll when: - cond: | const req = payload.data return req.headers && req.headers.authorization && /^Basic /.test(req.headers.authorization) dst: type: Transform name: parse_basic - cond: | const req = payload.data if(!(req.query && req.query.user && req.query.pass) && !(req.body && req.body.user && req.body.pass)) return false req.auth = {user: req.query.user||req.body.user, pass: req.query.pass||req.body.pass} return true dst: type: FlowFirst name: first_auth - cond: | const req = payload.data return (req.query && req.query.token) || (req.headers && req.headers.authorization && /^Bearer /.test(req.headers.authorization)) dst: type: Transform name: parse_token none: __reject__ once: prefinish: code: | const payload = new DataWrapper(this.goal._src, this); this._write(payload, null, ()=>{}); parse_basic: type: Transform methods: transform: code: | let basic = payload.data.headers.authorization.replace(/^Basic (.*)$/, (str, match)=>match); let auth_array = Buffer.from(basic, 'base64').toString('utf8').split(':'); payload.data.auth = {user: auth_array[0], pass: auth_array[1]}; this.push(payload); cb() params: - payload - encoding - cb pipe: type: FlowFirst name: first_auth first_auth: type: FlowFirst methods: identify: code: | return payload.map.FlowAll.choose_method params: - payload pipe: type: Transform name: validate_user parse_token: type: Transform methods: transform: code: | try { const tokens = JSON.parse(fs.readFileSync('./tokens.json')).tokens const token = (payload.data.query && payload.data.query.token) || payload.data.headers.authorization.replace(/^Bearer (.*)$/, (str, match)=>match) if(!tokens.hasOwnProperty(token)) return callback(payload.getChild(this).setData({code: 401, message: 'Invalid token'})) payload.data.userid = tokens[token] this.push(payload) callback() } catch(e) { callback(payload.getChild(this).setData({code: 500, message: e.message})) } params: - payload - encoding - callback pipe: __resolve__ validate_user: type: Transform methods: transform: code: | try { const users = JSON.parse(fs.readFileSync('./users.json')).users const user = users.filter(u => u.user == payload.data.auth.user) if(!user.length) return callback(payload.getChild(this).setData({code: 401, message: 'Incorrect user or password'})) const hash = crypto.createHash(user[0].method) hash.update(payload.data.auth.pass) if(user[0].password != hash.digest('hex')) return callback(payload.getChild(this).setData({code: 401, message: 'Incorrect user or password'})) payload.data.userid = user[0].id delete payload.data.auth this.push(payload) callback() } catch(e) { callback(payload.getChild(this).setData({code: 500, message: e.message})) } params: - payload - encoding - callback pipe: __resolve__ authorise: type: Goal build: __goal__: type: Transform name: get_user_data get_user_data: type: Transform methods: transform: code: | try { const users = JSON.parse(fs.readFileSync('./users.json')).users const user = users.filter(u => u.id == payload.data.userid) if(!user.length) return callback(payload.getChild(this).setData({code: 401, message: 'Incorrect user or password'})) payload.data.user = user[0] this.push(payload) callback() } catch(e) { callback(payload.getChild(this).setData({code: 500, message: e.message})) } params: - payload - encoding - callback ponce: prefinish: code: | const payload = new DataWrapper(this.goal._src, this); this._write(payload, null, (err)=>{ if(err) this.emit('error', err)}); pipe: type: FlowOne name: auth_methods auth_methods: type: FlowOne options: none_reason: code: 401 message: Unauthorised access when: cond: | return payload.data.userid == payload.data.params.id || payload.data.user.is_admin dst: __resolve__ none: __reject__ get_user: type: Transform methods: transform: code: | try { const users = JSON.parse(fs.readFileSync('./users.json')).users const user = users.filter(u => u.id == payload.params.id) if(!user.length) return callback({code: 404, message: 'User not found'}) this.push(JSON.stringify(user[0])) callback() } catch(e) { callback({code: 500, message: e.message}) } params: - payload - encoding - callback on: pipe: code: - this._src = src params: - src ponce: prefinish: code: - this._write(this._src, null, (err)=>{ if(err) this.emit('error', err)});