userauthjs/index.js

Node module for management of user/group privileges and sessions

/*!
 * userauth
 * Copyright(c) 2016 Artur Propp
 * MIT Licensed
 */

'use strict';

/**
* This module adds to express requests and responses
* monitoring and access control
*/


/**
 * Module dependencies
 */
var async = require('async')

/**
* Module variables
*/
var _supportedDbProtocols = ['mongoose']
var _users = ['admin']
var _usergroups = ['admin', 'user']
var defaults = require('./defaults')
var db, sessions, usergroups, privileges, users, sessionTimeout


/**
 * User auth prototype.
 */
var userauth = module.exports = {};


/**
 * Initialize userauth.
 *
 *   - setup default jwt secret key
 *   - setup default database configuration
 *   - setup link to functions
 *
 * @param - sessionTimeout in seconds
 * @private
 */
userauth.init = function init(jwtsecret, protocol, dbURL, sessionTimeout, logging, done) {
	var _this = this
	process.env.USERAUTH_KEY = typeof jwtsecret !== 'undefined' ? jwtsecret : 'default-secret-key'

	protocol = typeof protocol !== 'undefined' ? protocol : 'mongoose'
	if (_supportedDbProtocols.indexOf(protocol) < 0) {
		var errormsg = 'The db protocol \'' + protocol + '\' is not supported'
		throw new Error(errormsg)
	}

	dbURL = typeof dbURL !== 'undefined' ? dbURL : 'mongodb://localhost/userauth'
	process.env.USERAUTH_DB = dbURL

	sessionTimeout = typeof sessionTimeout !== 'undefined' ? sessionTimeout : 604800
	process.env.SESSION_TIMEOUT = sessionTimeout

	logging = typeof logging !== 'undefined' ? logging : false
	if (logging) { process.env.USERAUTH_LOG = logging }

	_this.db = require('./' + protocol + '/db')
	_this.sessions = require('./' + protocol + '/sessions')
	_this.usergroups = require('./' + protocol + '/usergroups')
	_this.privileges = require('./' + protocol + '/privileges')
	_this.users = require('./' + protocol + '/users')

	// initialize usergroups, if not already in database
	async.each(_usergroups, function(groupname, next) {
		_this.usergroups.add(groupname, function(err, usergroup) {
			if (err) { return next(err) }
			if (usergroup) {
				// init privileges and add every privilege to first (admin) usergroup
				if (usergroup.groupname === _usergroups[0]) {
					
					// initialize privileges if not already in database
					async.each(defaults.privileges, function(title, next2) {
						_this.privileges.add(title, function(err, privilege) {
							if (err) { return next2(err) }
							if (privilege) {
								_this.privileges.addUsergroup(usergroup.groupname, privilege.title, function (err) {
									if (err) { return next2(err) }
									next2()
								})
							}
						})
					}, function(err) {
						if (err) { return next(err)}
						next()
					})
				} else {
					next()
				}
			} else {
				next()
			}
		})
	}, function(err) {
		if (err) { throw new Error(err) }
		_this.users.add(_users[0], defaults.adminpw, defaults.adminemail, function(err, user) {
			if (err) { throw new Error(err) }
			if (user) {
				_this.usergroups.addUser(_users[0], _usergroups[0], function(err, user) {
					if (err) { throw new Error(err) }
					if (done) { return done() }	
				})
			} else {
				if (done) { done() }
			}
		})
	})
}

/**
* Express function for userauth which adds decoded userauth to express application.
*/
userauth.express = function(req, res, next) {
	if (req.headers['x-userauth']) {
		req.userauth = req.headers['x-userauth']
	}
	next()
}

/**
* Initializes usergroups with privileges.
*/
userauth.setupUsergroups = function setupUsergroups() {

}