UNPKG

litejs/app/auth.js

Version:

1.54 kBJavaScriptView Raw

1
2
3/*
4 * Authentication - login + password (who you are)
5 * Authorization  - permissions (what you are allowed to do)
6 * Accounting     - consumed resources (session statistics and usage for authorization control, billing, trend analysis, resource utilization, and capacity planning activities)
7 */
8
9
10module.exports = auth
11
12function auth(req, res, next, options) {
13	var authorization = req.headers["authorization"]
14
15	if (authorization) {
16		authorization = authorization.split(/\s+/)
17
18		if (authorization[0] == "Session") {
19			options.sessionStorage.get(authorization[1], handleSession)
20		} else if (authorization[0] == "Basic") {
21			return res.sendStatus(501) // Not Implemented
22
23			var user_and_pass = Buffer.from(authorization[1], "base64").toString()
24			, name = user_and_pass.split(":")[0]
25			, token = crypto.createHash("sha1").update(user_and_pass).digest("hex")
26
27		} else if (authorization[0] == "Bearer") {
28			return res.sendStatus(501) // Not Implemented
29		} else if (authorization[0] == "MAC") {
30			// http://tools.ietf.org/html/rfc6749#section-7.1
31			return res.sendStatus(501) // Not Implemented
32		} else {
33			// res.setHeader("WWW-Authenticate", 'Basic realm="LiteJS"')
34			res.end()
35		}
36	} else {
37		req.session = {}
38		next()
39	}
40
41	function handleSession(err, session) {
42		req.session = session = session || {}
43		session.seen = +req.date
44		if (session && session.userId) {
45			options.userStorage.get(session.userId, handleUser)
46		} else {
47			next()
48		}
49	}
50
51	function handleUser(err, user) {
52		req.user = user
53		next()
54	}
55}
56
57
58

1
2
3	`/*`
4	`* Authentication - login + password (who you are)`
5	`* Authorization - permissions (what you are allowed to do)`
6	`* Accounting - consumed resources (session statistics and usage for authorization control, billing, trend analysis, resource utilization, and capacity planning activities)`
7	`*/`
8
9
10	`module.exports = auth`
11
12	`function auth(req, res, next, options) {`
13	`var authorization = req.headers["authorization"]`
14
15	`if (authorization) {`
16	`authorization = authorization.split(/\s+/)`
17
18	`if (authorization[0] == "Session") {`
19	`options.sessionStorage.get(authorization[1], handleSession)`
20	`} else if (authorization[0] == "Basic") {`
21	`return res.sendStatus(501) // Not Implemented`
22
23	`var user_and_pass = Buffer.from(authorization[1], "base64").toString()`
24	`, name = user_and_pass.split(":")[0]`
25	`, token = crypto.createHash("sha1").update(user_and_pass).digest("hex")`
26
27	`} else if (authorization[0] == "Bearer") {`
28	`return res.sendStatus(501) // Not Implemented`
29	`} else if (authorization[0] == "MAC") {`
30	`// http://tools.ietf.org/html/rfc6749#section-7.1`
31	`return res.sendStatus(501) // Not Implemented`
32	`} else {`
33	`// res.setHeader("WWW-Authenticate", 'Basic realm="LiteJS"')`
34	`res.end()`
35	`}`
36	`} else {`
37	`req.session = {}`
38	`next()`
39	`}`
40
41	`function handleSession(err, session) {`
42	`req.session = session = session \|\| {}`
43	`session.seen = +req.date`
44	`if (session && session.userId) {`
45	`options.userStorage.get(session.userId, handleUser)`
46	`} else {`
47	`next()`
48	`}`
49	`}`
50
51	`function handleUser(err, user) {`
52	`req.user = user`
53	`next()`
54	`}`
55	`}`
56
57
58