1 |
|
2 |
|
3 |
|
4 | 'use strict';
|
5 |
|
6 | const Base = require('../base/Base');
|
7 |
|
8 | module.exports = class WebUser extends Base {
|
9 |
|
10 | _accessMap = {};
|
11 |
|
12 | isGuest () {
|
13 | return !this.identity;
|
14 | }
|
15 |
|
16 | isSession () {
|
17 | return this.auth.enableSession;
|
18 | }
|
19 |
|
20 | getTitle (defaults = '[guest]') {
|
21 | return this.identity ? this.identity.getTitle() : defaults;
|
22 | }
|
23 |
|
24 | getId () {
|
25 | return this.identity ? this.identity.getId() : null;
|
26 | }
|
27 |
|
28 | getIdentity () {
|
29 | return this.identity;
|
30 | }
|
31 |
|
32 | getAuthKey () {
|
33 | return this.identity ? this.identity.getAuthKey() : null;
|
34 | }
|
35 |
|
36 | getIp () {
|
37 | return this.req.ip;
|
38 | }
|
39 |
|
40 | getLoginUrl () {
|
41 | return this.auth.loginUrl;
|
42 | }
|
43 |
|
44 | getReturnUrl (url) {
|
45 | return url
|
46 | || this.getSession(this.auth.returnUrlParam)
|
47 | || this.auth.returnUrl
|
48 | || this.module.getHomeUrl();
|
49 | }
|
50 |
|
51 | setReturnUrl (url) {
|
52 | this.setSession(this.auth.returnUrlParam, url);
|
53 | }
|
54 |
|
55 | getCsrfToken () {
|
56 | return this.auth.csrf ? this.getSession(this.auth.csrfParam) : '';
|
57 | }
|
58 |
|
59 | checkCsrfToken (token) {
|
60 | return this.auth.csrf
|
61 | ? this.getSession(this.auth.csrfParam) === token
|
62 | : true;
|
63 | }
|
64 |
|
65 |
|
66 |
|
67 | login () {
|
68 | return this.auth.login(this, ...arguments);
|
69 | }
|
70 |
|
71 | logout () {
|
72 | return this.isGuest() ? false : this.auth.logout(this);
|
73 | }
|
74 |
|
75 |
|
76 |
|
77 | async ensureIdentity () {
|
78 | if (this.identity === undefined) {
|
79 | this.identity = null;
|
80 | if (this.isSession()) {
|
81 | await this.auth.renew(this);
|
82 | await this.setAssignments();
|
83 | }
|
84 | }
|
85 | }
|
86 |
|
87 | async switchIdentity (identity, duration) {
|
88 | this.identity = identity;
|
89 | if (this.isSession()) {
|
90 | const returnUrl = this.getReturnUrl();
|
91 | await this.createSession();
|
92 | this.setReturnUrl(returnUrl);
|
93 | this.auth.renewIdentity(this, duration);
|
94 | }
|
95 | }
|
96 |
|
97 | findIdentity (id) {
|
98 | return this.createIdentity().findIdentity(id);
|
99 | }
|
100 |
|
101 | createIdentity () {
|
102 | return this.module.spawn(this.auth.Identity);
|
103 | }
|
104 |
|
105 |
|
106 |
|
107 | can (permission) {
|
108 | return Object.prototype.hasOwnProperty.call(this._accessMap, permission)
|
109 | ? this._accessMap[permission]
|
110 | : this.resolveAccess(...arguments);
|
111 | }
|
112 |
|
113 | async resolveAccess (permission, params) {
|
114 | const access = await this.auth.rbac.can(this.assignments, permission, params);
|
115 | return this._accessMap[permission] = !!access;
|
116 | }
|
117 |
|
118 | async setAssignments () {
|
119 | if (this.auth.rbac) {
|
120 | this.assignments = this.identity
|
121 | ? await this.identity.getAssignments() || this.auth.defaultAssignments
|
122 | : this.auth.guestAssignments;
|
123 | }
|
124 | }
|
125 |
|
126 |
|
127 |
|
128 | getSession (name) {
|
129 | return this.req.session[name];
|
130 | }
|
131 |
|
132 | setSession (name, value) {
|
133 | this.req.session[name] = value;
|
134 | }
|
135 |
|
136 | createSession () {
|
137 | return PromiseHelper.promise(this.req.session.regenerate, this.req.session);
|
138 | }
|
139 |
|
140 |
|
141 |
|
142 | getCookie (name) {
|
143 | return this.req.cookies[name];
|
144 | }
|
145 |
|
146 | setCookie () {
|
147 | this.res.cookie(...arguments);
|
148 | }
|
149 |
|
150 | clearCookie () {
|
151 | this.res.clearCookie(...arguments);
|
152 | }
|
153 | };
|
154 | module.exports.init();
|
155 |
|
156 | const PromiseHelper = require('../helper/PromiseHelper'); |
\ | No newline at end of file |