1 |
|
2 |
|
3 |
|
4 | 'use strict';
|
5 |
|
6 | const Base = require('../base/Base');
|
7 |
|
8 | module.exports = class WebUser extends Base {
|
9 |
|
10 | _accessMap = {};
|
11 |
|
12 | isGuest () {
|
13 | return !this.identity;
|
14 | }
|
15 |
|
16 | isId (id) {
|
17 | return this.identity ? this.identity.isId(id) : false;
|
18 | }
|
19 |
|
20 | isSession () {
|
21 | return this.auth.enableSession;
|
22 | }
|
23 |
|
24 | getTitle (defaults = '[guest]') {
|
25 | return this.identity ? this.identity.getTitle() : defaults;
|
26 | }
|
27 |
|
28 | getId () {
|
29 | return this.identity ? this.identity.getId() : null;
|
30 | }
|
31 |
|
32 | getIdentity () {
|
33 | return this.identity;
|
34 | }
|
35 |
|
36 | getAuthKey () {
|
37 | return this.identity ? this.identity.getAuthKey() : null;
|
38 | }
|
39 |
|
40 | getIp () {
|
41 | return this.req.ip;
|
42 | }
|
43 |
|
44 | getLoginUrl () {
|
45 | return this.auth.loginUrl;
|
46 | }
|
47 |
|
48 | getReturnUrl (url) {
|
49 | return url
|
50 | || this.getSession(this.auth.returnUrlParam)
|
51 | || this.auth.returnUrl
|
52 | || this.module.getHomeUrl();
|
53 | }
|
54 |
|
55 | setReturnUrl (url) {
|
56 | this.setSession(this.auth.returnUrlParam, url);
|
57 | }
|
58 |
|
59 | getCsrfToken () {
|
60 | return this.auth.csrf ? this.getSession(this.auth.csrfParam) : '';
|
61 | }
|
62 |
|
63 | checkCsrfToken (token) {
|
64 | return this.auth.csrf
|
65 | ? this.getSession(this.auth.csrfParam) === token
|
66 | : true;
|
67 | }
|
68 |
|
69 |
|
70 |
|
71 | login () {
|
72 | return this.auth.login(this, ...arguments);
|
73 | }
|
74 |
|
75 | logout () {
|
76 | return this.isGuest() ? false : this.auth.logout(this);
|
77 | }
|
78 |
|
79 |
|
80 |
|
81 | async ensureIdentity () {
|
82 | if (this.identity === undefined) {
|
83 | this.identity = null;
|
84 | if (this.isSession()) {
|
85 | await this.auth.renew(this);
|
86 | await this.setAssignments();
|
87 | }
|
88 | }
|
89 | }
|
90 |
|
91 | async switchIdentity (identity, duration) {
|
92 | this.identity = identity;
|
93 | if (this.isSession()) {
|
94 | const returnUrl = this.getReturnUrl();
|
95 | await this.createSession();
|
96 | this.setReturnUrl(returnUrl);
|
97 | this.auth.renewIdentity(this, duration);
|
98 | }
|
99 | }
|
100 |
|
101 | findIdentity (id) {
|
102 | return this.createIdentity().findIdentity(id);
|
103 | }
|
104 |
|
105 | createIdentity () {
|
106 | return this.module.spawn(this.auth.Identity);
|
107 | }
|
108 |
|
109 |
|
110 |
|
111 | can (permission) {
|
112 | return Object.prototype.hasOwnProperty.call(this._accessMap, permission)
|
113 | ? this._accessMap[permission]
|
114 | : this.resolveAccess(...arguments);
|
115 | }
|
116 |
|
117 | async resolveAccess (permission, params) {
|
118 | const access = await this.auth.rbac.can(this.assignments, permission, params);
|
119 | return this._accessMap[permission] = !!access;
|
120 | }
|
121 |
|
122 | async setAssignments () {
|
123 | if (this.auth.rbac) {
|
124 | this.assignments = this.identity
|
125 | ? await this.identity.getAssignments() || this.auth.defaultAssignments
|
126 | : this.auth.guestAssignments;
|
127 | }
|
128 | }
|
129 |
|
130 |
|
131 |
|
132 | getSession (name) {
|
133 | return this.req.session[name];
|
134 | }
|
135 |
|
136 | setSession (name, value) {
|
137 | this.req.session[name] = value;
|
138 | }
|
139 |
|
140 | createSession () {
|
141 | return PromiseHelper.promise(this.req.session.regenerate, this.req.session);
|
142 | }
|
143 |
|
144 |
|
145 |
|
146 | getCookie (name) {
|
147 | return this.req.cookies[name];
|
148 | }
|
149 |
|
150 | setCookie () {
|
151 | this.res.cookie(...arguments);
|
152 | }
|
153 |
|
154 | clearCookie () {
|
155 | this.res.clearCookie(...arguments);
|
156 | }
|
157 | };
|
158 | module.exports.init();
|
159 |
|
160 | const PromiseHelper = require('../helper/PromiseHelper'); |
\ | No newline at end of file |