UNPKG

areto/security/WebUser.js

Version:

3.69 kBJavaScriptView Raw

1/**
* @copyright Copyright (c) 2019 Maxim Khorin <maksimovichu@gmail.com>
*/
4'use strict';
5
6const Base = require('../base/Base');
7
8module.exports = class WebUser extends Base {
9
  _accessMap = {};
11
  isGuest () {
      return !this.identity;
  }
15
  isSession () {
      return this.auth.enableSession;
  }
19
  getTitle (defaults = '[guest]') {
      return this.identity ? this.identity.getTitle() : defaults;
  }
23
  getId () {
      return this.identity ? this.identity.getId() : null;
  }
27
  getIdentity () {
      return this.identity;
  }
31
  getAuthKey () {
      return this.identity ? this.identity.getAuthKey() : null;
  }
35
  getIp () {
      return this.req.ip;
  }
39
  getLoginUrl () {
      return this.auth.loginUrl;
  }
43
  getReturnUrl (url) {
      return url
          || this.getSession(this.auth.returnUrlParam)
          || this.auth.returnUrl
          || this.module.getHomeUrl();
  }
50
  setReturnUrl (url) {
      this.setSession(this.auth.returnUrlParam, url);
  }
54
  getCsrfToken () {
      return this.auth.csrf ? this.getSession(this.auth.csrfParam) : '';
  }
58
  checkCsrfToken (token) {
      return this.auth.csrf
          ? this.getSession(this.auth.csrfParam) === token
          : true;
  }
64
  // LOGIN
66
  login () {
      return this.auth.login(this, ...arguments);
  }
70
  logout () {
      return this.isGuest() ? false : this.auth.logout(this);
  }
74
  // IDENTITY
76
  async ensureIdentity () {
      if (this.identity === undefined) {
          this.identity = null;
          if (this.isSession()) {
              await this.auth.renew(this);
              await this.setAssignments();
          }
      }
  }
86
  async switchIdentity (identity, duration) {
      this.identity = identity;
      if (this.isSession()) {
          const returnUrl = this.getReturnUrl();
          await this.createSession();
          this.setReturnUrl(returnUrl);
          this.auth.renewIdentity(this, duration);
      }
  }
96
  findIdentity (id) {
      return this.createIdentity().findIdentity(id);
  }
100
  createIdentity () {
      return this.module.spawn(this.auth.Identity);
  }
104
  // ACCESS CONTROL
106
  can (permission) {
      return Object.prototype.hasOwnProperty.call(this._accessMap, permission)
          ? this._accessMap[permission]
          : this.resolveAccess(...arguments);
  }
112
  async resolveAccess (permission, params) {
      const access = await this.auth.rbac.can(this.assignments, permission, params);
      return this._accessMap[permission] = !!access;
  }
117
  async setAssignments () {
      if (this.auth.rbac) {
          this.assignments = this.identity
              ? await this.identity.getAssignments() || this.auth.defaultAssignments
              : this.auth.guestAssignments;
      }
  }
125
  // SESSION
127
  getSession (name) {
      return this.req.session[name];
  }
131
  setSession (name, value) {
      this.req.session[name] = value;
  }
135
  createSession () { // create new session instance
      return PromiseHelper.promise(this.req.session.regenerate, this.req.session);
  }
139
  // COOKIE
141
  getCookie (name) {
      return this.req.cookies[name];
  }
145
  setCookie () {
      this.res.cookie(...arguments);
  }
149
  clearCookie () {
      this.res.clearCookie(...arguments);
  }
153};
154module.exports.init();
155
156const PromiseHelper = require('../helper/PromiseHelper');
\No newline at end of file

1	`/**`
2	`* @copyright Copyright (c) 2019 Maxim Khorin <maksimovichu@gmail.com>`
3	`*/`
4	`'use strict';`
5
6	`const Base = require('../base/Base');`
7
8	`module.exports = class WebUser extends Base {`
9
10	`_accessMap = {};`
11
12	`isGuest () {`
13	`return !this.identity;`
14	`}`
15
16	`isSession () {`
17	`return this.auth.enableSession;`
18	`}`
19
20	`getTitle (defaults = '[guest]') {`
21	`return this.identity ? this.identity.getTitle() : defaults;`
22	`}`
23
24	`getId () {`
25	`return this.identity ? this.identity.getId() : null;`
26	`}`
27
28	`getIdentity () {`
29	`return this.identity;`
30	`}`
31
32	`getAuthKey () {`
33	`return this.identity ? this.identity.getAuthKey() : null;`
34	`}`
35
36	`getIp () {`
37	`return this.req.ip;`
38	`}`
39
40	`getLoginUrl () {`
41	`return this.auth.loginUrl;`
42	`}`
43
44	`getReturnUrl (url) {`
45	`return url`
46	`\|\| this.getSession(this.auth.returnUrlParam)`
47	`\|\| this.auth.returnUrl`
48	`\|\| this.module.getHomeUrl();`
49	`}`
50
51	`setReturnUrl (url) {`
52	`this.setSession(this.auth.returnUrlParam, url);`
53	`}`
54
55	`getCsrfToken () {`
56	`return this.auth.csrf ? this.getSession(this.auth.csrfParam) : '';`
57	`}`
58
59	`checkCsrfToken (token) {`
60	`return this.auth.csrf`
61	`? this.getSession(this.auth.csrfParam) === token`
62	`: true;`
63	`}`
64
65	`// LOGIN`
66
67	`login () {`
68	`return this.auth.login(this, ...arguments);`
69	`}`
70
71	`logout () {`
72	`return this.isGuest() ? false : this.auth.logout(this);`
73	`}`
74
75	`// IDENTITY`
76
77	`async ensureIdentity () {`
78	`if (this.identity === undefined) {`
79	`this.identity = null;`
80	`if (this.isSession()) {`
81	`await this.auth.renew(this);`
82	`await this.setAssignments();`
83	`}`
84	`}`
85	`}`
86
87	`async switchIdentity (identity, duration) {`
88	`this.identity = identity;`
89	`if (this.isSession()) {`
90	`const returnUrl = this.getReturnUrl();`
91	`await this.createSession();`
92	`this.setReturnUrl(returnUrl);`
93	`this.auth.renewIdentity(this, duration);`
94	`}`
95	`}`
96
97	`findIdentity (id) {`
98	`return this.createIdentity().findIdentity(id);`
99	`}`
100
101	`createIdentity () {`
102	`return this.module.spawn(this.auth.Identity);`
103	`}`
104
105	`// ACCESS CONTROL`
106
107	`can (permission) {`
108	`return Object.prototype.hasOwnProperty.call(this._accessMap, permission)`
109	`? this._accessMap[permission]`
110	`: this.resolveAccess(...arguments);`
111	`}`
112
113	`async resolveAccess (permission, params) {`
114	`const access = await this.auth.rbac.can(this.assignments, permission, params);`
115	`return this._accessMap[permission] = !!access;`
116	`}`
117
118	`async setAssignments () {`
119	`if (this.auth.rbac) {`
120	`this.assignments = this.identity`
121	`? await this.identity.getAssignments() \|\| this.auth.defaultAssignments`
122	`: this.auth.guestAssignments;`
123	`}`
124	`}`
125
126	`// SESSION`
127
128	`getSession (name) {`
129	`return this.req.session[name];`
130	`}`
131
132	`setSession (name, value) {`
133	`this.req.session[name] = value;`
134	`}`
135
136	`createSession () { // create new session instance`
137	`return PromiseHelper.promise(this.req.session.regenerate, this.req.session);`
138	`}`
139
140	`// COOKIE`
141
142	`getCookie (name) {`
143	`return this.req.cookies[name];`
144	`}`
145
146	`setCookie () {`
147	`this.res.cookie(...arguments);`
148	`}`
149
150	`clearCookie () {`
151	`this.res.clearCookie(...arguments);`
152	`}`
153	`};`
154	`module.exports.init();`
155
156	`const PromiseHelper = require('../helper/PromiseHelper');`
\	No newline at end of file