verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Rename Session => AccessToken

This commit is contained in:
Ritchie 2013-11-13 11:49:08 -08:00
parent 642bfa84f4
commit 77a137eca6
9 changed files with 124 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/application.js
View File

@ -79,6 +79,14 @@ app.model = function (Model, config) {
return Model; return Model;
} }
/**
* Get a Model by name.
*/
app.getModel = function (modelName) {
this.models
};
/** /**
* Get all exposed models. * Get all exposed models.
*/ */

2
lib/loopback.js
View File

@ -172,5 +172,5 @@ loopback.memory = function (name) {
loopback.Model = require('./models/model'); loopback.Model = require('./models/model');
loopback.Email = require('./models/email'); loopback.Email = require('./models/email');
loopback.User = require('./models/user'); loopback.User = require('./models/user');
loopback.Session = require('./models/session');
loopback.Application = require('./models/application'); loopback.Application = require('./models/application');
loopback.AccessToken = require('./models/access-token');

28
lib/middleware/token.js Normal file
View File

@ -0,0 +1,28 @@
/**
* Module dependencies.
*/
var loopback = require('../loopback');
var RemoteObjects = require('strong-remoting');
/**
* Export the middleware.
*/
module.exports = token;
/**
*
*/
function token(app, options) {
options = options || {};
var tokenModelName = options.tokenModelName || 'Token';
var TokenModel = app.getModel(tokenModelName);
var tokenHeaderName = options.tokenHeaderName || 'X-Access-Token';
return function (req, res, next) {
next();
}
}

16
lib/models/session.js → lib/models/access-token.js
View File

@ -7,7 +7,7 @@ var Model = require('../loopback').Model
, crypto = require('crypto'); , crypto = require('crypto');
/** /**
* Default Session properties. * Default AccessToken properties.
*/ */
var properties = { var properties = {
@ -20,16 +20,16 @@ var properties = {
* Extends from the built in `loopback.Model` type. * Extends from the built in `loopback.Model` type.
*/ */
var Session = module.exports = Model.extend('Session', properties); var AccessToken = module.exports = Model.extend('access-token', properties);
/** /**
* Create a cryptographically random session id. * Create a cryptographically random access token id.
* *
* @param {Function} callback * @param {Function} callback
*/ */
Session.createSessionId = function (fn) { AccessToken.createAccessTokenId = function (fn) {
crypto.randomBytes(this.settings.sessionIdLength || 64, function(err, buf) { crypto.randomBytes(this.settings.accessTokenIdLength || 64, function(err, buf) {
if(err) { if(err) {
fn(err); fn(err);
} else { } else {
@ -39,13 +39,13 @@ Session.createSessionId = function (fn) {
} }
/*! /*!
* Hook to create session id. * Hook to create accessToken id.
*/ */
Session.beforeCreate = function (next, data) { AccessToken.beforeCreate = function (next, data) {
data = data || {}; data = data || {};
Session.createSessionId(function (err, id) { AccessToken.createAccessTokenId(function (err, id) {
if(err) { if(err) {
next(err); next(err);
} else { } else {

2
lib/models/index.js
View File

@ -1,7 +1,7 @@
exports.Model = require('./model'); exports.Model = require('./model');
exports.Email = require('./email'); exports.Email = require('./email');
exports.User = require('./user'); exports.User = require('./user');
exports.Session = require('./session'); exports.AccessToken = require('./access-token');
exports.Application = require('./application'); exports.Application = require('./application');
exports.ACL = require('./acl'); exports.ACL = require('./acl');

32
lib/models/user.js
View File

@ -50,8 +50,8 @@ var User = module.exports = Model.extend('User', properties);
/** /**
* Login a user by with the given `credentials`. * Login a user by with the given `credentials`.
* *
* User.login({username: 'foo', password: 'bar'}, function (err, session) { * User.login({username: 'foo', password: 'bar'}, function (err, token) {
* console.log(session.id); * console.log(token.id);
* }); * });
* *
* @param {Object} credentials * @param {Object} credentials
@ -79,7 +79,7 @@ User.login = function (credentials, fn) {
if(err) { if(err) {
fn(defaultError); fn(defaultError);
} else if(isMatch) { } else if(isMatch) {
createSession(user, fn); createAccessToken(user, fn);
} else { } else {
fn(defaultError); fn(defaultError);
} }
@ -89,41 +89,41 @@ User.login = function (credentials, fn) {
} }
}); });
function createSession(user, fn) { function createAccessToken(user, fn) {
var Session = UserCtor.session; var AccessToken = UserCtor.accessToken;
Session.create({uid: user.id}, function (err, session) { AccessToken.create({uid: user.id}, function (err, accessToken) {
if(err) { if(err) {
fn(err); fn(err);
} else { } else {
fn(null, session) fn(null, accessToken)
} }
}); });
} }
} }
/** /**
* Logout a user with the given session id. * Logout a user with the given accessToken id.
* *
* User.logout('asd0a9f8dsj9s0s3223mk', function (err) { * User.logout('asd0a9f8dsj9s0s3223mk', function (err) {
* console.log(err || 'Logged out'); * console.log(err || 'Logged out');
* }); * });
* *
* @param {String} sessionID * @param {String} accessTokenID
*/ */
User.logout = function (sid, fn) { User.logout = function (sid, fn) {
var UserCtor = this; var UserCtor = this;
var Session = UserCtor.settings.session || loopback.Session; var AccessToken = UserCtor.settings.accessToken || loopback.AccessToken;
Session.findById(sid, function (err, session) { AccessToken.findById(sid, function (err, accessToken) {
if(err) { if(err) {
fn(err); fn(err);
} else if(session) { } else if(accessToken) {
session.destroy(fn); accessToken.destroy(fn);
} else { } else {
fn(new Error('could not find session')); fn(new Error('could not find accessToken'));
} }
}); });
} }
@ -266,7 +266,7 @@ User.setup = function () {
accepts: [ accepts: [
{arg: 'credentials', type: 'object', required: true, http: {source: 'body'}} {arg: 'credentials', type: 'object', required: true, http: {source: 'body'}}
], ],
returns: {arg: 'session', type: 'object', root: true}, returns: {arg: 'accessToken', type: 'object', root: true},
http: {verb: 'post'} http: {verb: 'post'}
} }
); );
@ -305,7 +305,7 @@ User.setup = function () {
// default models // default models
UserModel.email = require('./email'); UserModel.email = require('./email');
UserModel.session = require('./session'); UserModel.accessToken = require('./access-token');
UserModel.validatesUniquenessOf('email', {message: 'Email already exists'}); UserModel.validatesUniquenessOf('email', {message: 'Email already exists'});
var re = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; var re = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;

3
package.json
View File

@ -28,7 +28,8 @@
"nodemailer": "~0.4.4", "nodemailer": "~0.4.4",
"ejs": "~0.8.4", "ejs": "~0.8.4",
"bcryptjs": "~0.7.10", "bcryptjs": "~0.7.10",
"underscore.string": "~2.3.3" "underscore.string": "~2.3.3",
"underscore": "~1.5.2"
}, },
"devDependencies": { "devDependencies": {
"blanket": "~1.1.5", "blanket": "~1.1.5",

35
test/access-token.test.js Normal file
View File

@ -0,0 +1,35 @@
var loopback = require('../');
var Token = loopback.AccessToken.extend('MyToken');
// attach Token to testing memory ds
Token.attachTo(loopback.memory());
describe('loopback.token(app, options)', function() {
beforeEach(createTestingToken);
it('should populate req.token from the query string', function (done) {
var app = loopback();
var options = {};
var testToken = this.token;
app.use(loopback.token(app, options));
app.get('/', function (req, res) {
assert(req.token === testToken);
res.send('ok');
done();
});
request(app)
.get('/?access_token=' + this.token.id)
.expect(200)
.end(done);
});
});
function createTestingToken(done) {
var test = this;
Token.create({}, function (err, token) {
if(err) return done(err);
test.token = token;
done();
});
}

50
test/user.test.js
View File

@ -1,5 +1,5 @@
var User = loopback.User.extend('user'); var User = loopback.User.extend('user');
var Session = loopback.Session; var AccessToken = loopback.AccessToken;
var passport = require('passport'); var passport = require('passport');
var MailConnector = require('../lib/connectors/mail'); var MailConnector = require('../lib/connectors/mail');
@ -15,7 +15,7 @@ describe('User', function(){
transports: [{type: 'STUB'}] transports: [{type: 'STUB'}]
}); });
User.attachTo(userMemory); User.attachTo(userMemory);
User.session.attachTo(userMemory); User.accessToken.attachTo(userMemory);
User.email.attachTo(mailDataSource); User.email.attachTo(mailDataSource);
// allow many User.afterRemote's to be called // allow many User.afterRemote's to be called
@ -30,7 +30,7 @@ describe('User', function(){
afterEach(function (done) { afterEach(function (done) {
User.destroyAll(function (err) { User.destroyAll(function (err) {
User.session.destroyAll(done); User.accessToken.destroyAll(done);
}); });
}); });
@ -84,8 +84,8 @@ describe('User', function(){
it('Requires a password to login with basic auth', function(done) { it('Requires a password to login with basic auth', function(done) {
User.create({email: 'b@c.com'}, function (err) { User.create({email: 'b@c.com'}, function (err) {
User.login({email: 'b@c.com'}, function (err, session) { User.login({email: 'b@c.com'}, function (err, accessToken) {
assert(!session, 'should not create a session without a valid password'); assert(!accessToken, 'should not create a accessToken without a valid password');
assert(err, 'should not login without a password'); assert(err, 'should not login without a password');
done(); done();
}); });
@ -100,10 +100,10 @@ describe('User', function(){
describe('User.login', function() { describe('User.login', function() {
it('Login a user by providing credentials', function(done) { it('Login a user by providing credentials', function(done) {
User.login({email: 'foo@bar.com', password: 'bar'}, function (err, session) { User.login({email: 'foo@bar.com', password: 'bar'}, function (err, accessToken) {
assert(session.uid); assert(accessToken.uid);
assert(session.id); assert(accessToken.id);
assert.equal((new Buffer(session.id, 'base64')).length, 64); assert.equal((new Buffer(accessToken.id, 'base64')).length, 64);
done(); done();
}); });
@ -117,11 +117,11 @@ describe('User', function(){
.send({email: 'foo@bar.com', password: 'bar'}) .send({email: 'foo@bar.com', password: 'bar'})
.end(function(err, res){ .end(function(err, res){
if(err) return done(err); if(err) return done(err);
var session = res.body; var accessToken = res.body;
assert(session.uid); assert(accessToken.uid);
assert(session.id); assert(accessToken.id);
assert.equal((new Buffer(session.id, 'base64')).length, 64); assert.equal((new Buffer(accessToken.id, 'base64')).length, 64);
done(); done();
}); });
@ -129,9 +129,9 @@ describe('User', function(){
it('Login should only allow correct credentials', function(done) { it('Login should only allow correct credentials', function(done) {
User.create({email: 'foo22@bar.com', password: 'bar'}, function(user, err) { User.create({email: 'foo22@bar.com', password: 'bar'}, function(user, err) {
User.login({email: 'foo44@bar.com', password: 'bar'}, function(err, session) { User.login({email: 'foo44@bar.com', password: 'bar'}, function(err, accessToken) {
assert(err); assert(err);
assert(!session); assert(!accessToken);
done(); done();
}); });
}); });
@ -139,19 +139,19 @@ describe('User', function(){
}); });
describe('User.logout', function() { describe('User.logout', function() {
it('Logout a user by providing the current session id (using node)', function(done) { it('Logout a user by providing the current accessToken id (using node)', function(done) {
login(logout); login(logout);
function login(fn) { function login(fn) {
User.login({email: 'foo@bar.com', password: 'bar'}, fn); User.login({email: 'foo@bar.com', password: 'bar'}, fn);
} }
function logout(err, session) { function logout(err, accessToken) {
User.logout(session.id, verify(session.id, done)); User.logout(accessToken.id, verify(accessToken.id, done));
} }
}); });
it('Logout a user by providing the current session id (over rest)', function(done) { it('Logout a user by providing the current accessToken id (over rest)', function(done) {
login(logout); login(logout);
function login(fn) { function login(fn) {
@ -162,12 +162,12 @@ describe('User', function(){
.send({email: 'foo@bar.com', password: 'bar'}) .send({email: 'foo@bar.com', password: 'bar'})
.end(function(err, res){ .end(function(err, res){
if(err) return done(err); if(err) return done(err);
var session = res.body; var accessToken = res.body;
assert(session.uid); assert(accessToken.uid);
assert(session.id); assert(accessToken.id);
fn(null, session.id); fn(null, accessToken.id);
}); });
} }
@ -186,8 +186,8 @@ describe('User', function(){
return function (err) { return function (err) {
if(err) return done(err); if(err) return done(err);
Session.findById(sid, function (err, session) { AccessToken.findById(sid, function (err, accessToken) {
assert(!session, 'session should not exist after logging out'); assert(!accessToken, 'accessToken should not exist after logging out');
done(err); done(err);
}); });
} }