UNPKG

areto/security/WebUser.js

Version:

3.78 kBJavaScriptView Raw

1/**
* @copyright Copyright (c) 2019 Maxim Khorin <maksimovichu@gmail.com>
*/
4'use strict';
5
6const Base = require('../base/Base');
7
8module.exports = class WebUser extends Base {
9
  _accessMap = {};
11
  isGuest () {
      return !this.identity;
  }
15
  isId (id) {
      return this.identity ? this.identity.isId(id) : false;
  }
19
  isSession () {
      return this.auth.enableSession;
  }
23
  getTitle (defaults = '[guest]') {
      return this.identity ? this.identity.getTitle() : defaults;
  }
27
  getId () {
      return this.identity ? this.identity.getId() : null;
  }
31
  getIdentity () {
      return this.identity;
  }
35
  getAuthKey () {
      return this.identity ? this.identity.getAuthKey() : null;
  }
39
  getIp () {
      return this.req.ip;
  }
43
  getLoginUrl () {
      return this.auth.loginUrl;
  }
47
  getReturnUrl (url) {
      return url
          || this.getSession(this.auth.returnUrlParam)
          || this.auth.returnUrl
          || this.module.getHomeUrl();
  }
54
  setReturnUrl (url) {
      this.setSession(this.auth.returnUrlParam, url);
  }
58
  getCsrfToken () {
      return this.auth.csrf ? this.getSession(this.auth.csrfParam) : '';
  }
62
  checkCsrfToken (token) {
      return this.auth.csrf
          ? this.getSession(this.auth.csrfParam) === token
          : true;
  }
68
  // LOGIN
70
  login () {
      return this.auth.login(this, ...arguments);
  }
74
  logout () {
      return this.isGuest() ? false : this.auth.logout(this);
  }
78
  // IDENTITY
80
  async ensureIdentity () {
      if (this.identity === undefined) {
          this.identity = null;
          if (this.isSession()) {
              await this.auth.renew(this);
              await this.setAssignments();
          }
      }
  }
90
  async switchIdentity (identity, duration) {
      this.identity = identity;
      if (this.isSession()) {
          const returnUrl = this.getReturnUrl();
          await this.createSession();
          this.setReturnUrl(returnUrl);
          this.auth.renewIdentity(this, duration);
      }
  }
100
  findIdentity (id) {
      return this.createIdentity().findIdentity(id);
  }
104
  createIdentity () {
      return this.module.spawn(this.auth.Identity);
  }
108
  // ACCESS CONTROL
110
  can (permission) {
      return Object.prototype.hasOwnProperty.call(this._accessMap, permission)
          ? this._accessMap[permission]
          : this.resolveAccess(...arguments);
  }
116
  async resolveAccess (permission, params) {
      const access = await this.auth.rbac.can(this.assignments, permission, params);
      return this._accessMap[permission] = !!access;
  }
121
  async setAssignments () {
      if (this.auth.rbac) {
          this.assignments = this.identity
              ? await this.identity.getAssignments() || this.auth.defaultAssignments
              : this.auth.guestAssignments;
      }
  }
129
  // SESSION
131
  getSession (name) {
      return this.req.session[name];
  }
135
  setSession (name, value) {
      this.req.session[name] = value;
  }
139
  createSession () { // create new session instance
      return PromiseHelper.promise(this.req.session.regenerate, this.req.session);
  }
143
  // COOKIE
145
  getCookie (name) {
      return this.req.cookies[name];
  }
149
  setCookie () {
      this.res.cookie(...arguments);
  }
153
  clearCookie () {
      this.res.clearCookie(...arguments);
  }
157};
158module.exports.init();
159
160const PromiseHelper = require('../helper/PromiseHelper');
\No newline at end of file

1	`/**`
2	`* @copyright Copyright (c) 2019 Maxim Khorin <maksimovichu@gmail.com>`
3	`*/`
4	`'use strict';`
5
6	`const Base = require('../base/Base');`
7
8	`module.exports = class WebUser extends Base {`
9
10	`_accessMap = {};`
11
12	`isGuest () {`
13	`return !this.identity;`
14	`}`
15
16	`isId (id) {`
17	`return this.identity ? this.identity.isId(id) : false;`
18	`}`
19
20	`isSession () {`
21	`return this.auth.enableSession;`
22	`}`
23
24	`getTitle (defaults = '[guest]') {`
25	`return this.identity ? this.identity.getTitle() : defaults;`
26	`}`
27
28	`getId () {`
29	`return this.identity ? this.identity.getId() : null;`
30	`}`
31
32	`getIdentity () {`
33	`return this.identity;`
34	`}`
35
36	`getAuthKey () {`
37	`return this.identity ? this.identity.getAuthKey() : null;`
38	`}`
39
40	`getIp () {`
41	`return this.req.ip;`
42	`}`
43
44	`getLoginUrl () {`
45	`return this.auth.loginUrl;`
46	`}`
47
48	`getReturnUrl (url) {`
49	`return url`
50	`\|\| this.getSession(this.auth.returnUrlParam)`
51	`\|\| this.auth.returnUrl`
52	`\|\| this.module.getHomeUrl();`
53	`}`
54
55	`setReturnUrl (url) {`
56	`this.setSession(this.auth.returnUrlParam, url);`
57	`}`
58
59	`getCsrfToken () {`
60	`return this.auth.csrf ? this.getSession(this.auth.csrfParam) : '';`
61	`}`
62
63	`checkCsrfToken (token) {`
64	`return this.auth.csrf`
65	`? this.getSession(this.auth.csrfParam) === token`
66	`: true;`
67	`}`
68
69	`// LOGIN`
70
71	`login () {`
72	`return this.auth.login(this, ...arguments);`
73	`}`
74
75	`logout () {`
76	`return this.isGuest() ? false : this.auth.logout(this);`
77	`}`
78
79	`// IDENTITY`
80
81	`async ensureIdentity () {`
82	`if (this.identity === undefined) {`
83	`this.identity = null;`
84	`if (this.isSession()) {`
85	`await this.auth.renew(this);`
86	`await this.setAssignments();`
87	`}`
88	`}`
89	`}`
90
91	`async switchIdentity (identity, duration) {`
92	`this.identity = identity;`
93	`if (this.isSession()) {`
94	`const returnUrl = this.getReturnUrl();`
95	`await this.createSession();`
96	`this.setReturnUrl(returnUrl);`
97	`this.auth.renewIdentity(this, duration);`
98	`}`
99	`}`
100
101	`findIdentity (id) {`
102	`return this.createIdentity().findIdentity(id);`
103	`}`
104
105	`createIdentity () {`
106	`return this.module.spawn(this.auth.Identity);`
107	`}`
108
109	`// ACCESS CONTROL`
110
111	`can (permission) {`
112	`return Object.prototype.hasOwnProperty.call(this._accessMap, permission)`
113	`? this._accessMap[permission]`
114	`: this.resolveAccess(...arguments);`
115	`}`
116
117	`async resolveAccess (permission, params) {`
118	`const access = await this.auth.rbac.can(this.assignments, permission, params);`
119	`return this._accessMap[permission] = !!access;`
120	`}`
121
122	`async setAssignments () {`
123	`if (this.auth.rbac) {`
124	`this.assignments = this.identity`
125	`? await this.identity.getAssignments() \|\| this.auth.defaultAssignments`
126	`: this.auth.guestAssignments;`
127	`}`
128	`}`
129
130	`// SESSION`
131
132	`getSession (name) {`
133	`return this.req.session[name];`
134	`}`
135
136	`setSession (name, value) {`
137	`this.req.session[name] = value;`
138	`}`
139
140	`createSession () { // create new session instance`
141	`return PromiseHelper.promise(this.req.session.regenerate, this.req.session);`
142	`}`
143
144	`// COOKIE`
145
146	`getCookie (name) {`
147	`return this.req.cookies[name];`
148	`}`
149
150	`setCookie () {`
151	`this.res.cookie(...arguments);`
152	`}`
153
154	`clearCookie () {`
155	`this.res.clearCookie(...arguments);`
156	`}`
157	`};`
158	`module.exports.init();`
159
160	`const PromiseHelper = require('../helper/PromiseHelper');`
\	No newline at end of file