mirror of
https://github.com/verdaccio/verdaccio.git
synced 2024-12-30 22:34:10 -05:00
refactor: clean up token middleware
This commit is contained in:
Juan Picado @jotadeveloper
parent
bc6bde5c1d
commit
e63674478a
7 changed files with 23 additions and 31 deletions
|
|
@ -23,7 +23,6 @@ export default function(route: Router, auth: IAuth) {
|
|||
res.status(201);
|
||||
return next({
|
||||
ok: 'you are authenticated as \'' + req.remote_user.name + '\'',
|
||||
// token: auth.issue_token(req.remote_user),
|
||||
token: token,
|
||||
});
|
||||
} else {
|
||||
|
|
@ -42,7 +41,6 @@ export default function(route: Router, auth: IAuth) {
|
|||
res.status(201);
|
||||
return next({
|
||||
ok: 'user \'' + req.body.name + '\' created',
|
||||
// token: auth.issue_token(req.remote_user),
|
||||
token: token,
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ export default function(config: Config, auth: IAuth, storage: IStorageHandler) {
|
|||
app.param('org_couchdb_user', match(/^org\.couchdb\.user:/));
|
||||
app.param('anything', match(/.*/));
|
||||
|
||||
app.use(auth.basic_middleware());
|
||||
app.use(auth.apiJWTmiddleware());
|
||||
app.use(bodyParser.json({strict: false, limit: config.max_body_size || '10mb'}));
|
||||
app.use(anti_loop(config));
|
||||
// encode / in a scoped package name to be matched as a single parameter in routes
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ module.exports = function(config: Config, auth: IAuth, storage: IStorageHandler)
|
|||
route.param('anything', match(/.*/));
|
||||
|
||||
route.use(bodyParser.urlencoded({extended: false}));
|
||||
route.use(auth.jwtMiddleware());
|
||||
route.use(auth.webUIJWTmiddleware());
|
||||
route.use(securityIframe);
|
||||
|
||||
addPackageWebApi(route, storage, auth);
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ function addUserAuthApi(route: Router, auth: IAuth, config: Config) {
|
|||
req.remote_user = user;
|
||||
|
||||
next({
|
||||
token: auth.issue_token(user, '24h'),
|
||||
token: auth.issueUIjwt(user, '24h'),
|
||||
username: req.remote_user.name,
|
||||
});
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ const spliceURL = require('../../utils/string').spliceURL;
|
|||
module.exports = function(config, auth, storage) {
|
||||
Search.configureStorage(storage);
|
||||
|
||||
router.use(auth.jwtMiddleware());
|
||||
router.use(auth.webUIJWTmiddleware());
|
||||
router.use(securityIframe);
|
||||
|
||||
// Static
|
||||
|
|
|
|||
|
|
@ -75,13 +75,13 @@ class Auth {
|
|||
authenticate(user: string, password: string, cb: Callback) {
|
||||
const plugins = this.plugins.slice(0)
|
||||
;(function next() {
|
||||
let p = plugins.shift();
|
||||
const plugin = plugins.shift();
|
||||
|
||||
if (typeof(p.authenticate) !== 'function') {
|
||||
if (typeof(plugin.authenticate) !== 'function') {
|
||||
return next();
|
||||
}
|
||||
|
||||
p.authenticate(user, password, function(err, groups) {
|
||||
plugin.authenticate(user, password, function(err, groups) {
|
||||
if (err) {
|
||||
return cb(err);
|
||||
}
|
||||
|
|
@ -171,26 +171,26 @@ class Auth {
|
|||
let pkg = Object.assign({name: packageName}, this.config.getMatchedPackagesSpec(packageName));
|
||||
|
||||
(function next() {
|
||||
let p = plugins.shift();
|
||||
const plugin = plugins.shift();
|
||||
|
||||
if (typeof(p.allow_publish) !== 'function') {
|
||||
if (typeof(plugin.allow_publish) !== 'function') {
|
||||
return next();
|
||||
}
|
||||
|
||||
p.allow_publish(user, pkg, function(err, ok) {
|
||||
if (err) return callback(err);
|
||||
if (ok) return callback(null, ok);
|
||||
plugin.allow_publish(user, pkg, function(err, ok) {
|
||||
if (err) {
|
||||
return callback(err);
|
||||
}
|
||||
|
||||
if (ok) {
|
||||
return callback(null, ok);
|
||||
}
|
||||
next(); // cb(null, false) causes next plugin to roll
|
||||
});
|
||||
})();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Set up a basic middleware.
|
||||
* @return {Function}
|
||||
*/
|
||||
basic_middleware() {
|
||||
apiJWTmiddleware() {
|
||||
return (req: $RequestExtend, res: $Response, _next: NextFunction) => {
|
||||
req.pause();
|
||||
|
||||
|
|
@ -265,7 +265,7 @@ class Auth {
|
|||
/**
|
||||
* JWT middleware for WebUI
|
||||
*/
|
||||
jwtMiddleware() {
|
||||
webUIJWTmiddleware() {
|
||||
return (req: $RequestExtend, res: $Response, _next: NextFunction) => {
|
||||
if (req.remote_user !== null && req.remote_user.name !== undefined) {
|
||||
return _next();
|
||||
|
|
@ -299,13 +299,7 @@ class Auth {
|
|||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates the token.
|
||||
* @param {object} user
|
||||
* @param {string} expire_time
|
||||
* @return {string}
|
||||
*/
|
||||
issue_token(user: any, expire_time: string) {
|
||||
issueUIjwt(user: any, expire_time: string) {
|
||||
return jwt.sign(
|
||||
{
|
||||
user: user.name,
|
||||
|
|
|
|||
|
|
@ -24,11 +24,11 @@ export interface IAuth {
|
|||
secret: string;
|
||||
plugins: Array<any>;
|
||||
aes_encrypt(buf: Buffer): Buffer;
|
||||
basic_middleware(): $NextFunctionVer;
|
||||
jwtMiddleware(): $NextFunctionVer;
|
||||
apiJWTmiddleware(): $NextFunctionVer;
|
||||
webUIJWTmiddleware(): $NextFunctionVer;
|
||||
authenticate(user: string, password: string, cb: Callback): void;
|
||||
allow_access(packageName: string, user: string, callback: Callback): void;
|
||||
issue_token(user: string, time: string): string;
|
||||
issueUIjwt(user: string, time: string): string;
|
||||
add_user(user: string, password: string, cb: Callback): any;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue