Add scopes for access tokens

2015-02-23 09:23:41 -08:00 · 2015-02-23 09:23:41 -08:00 · 7f86e0bb32
parent c7bead4107
commit 7f86e0bb32
4 changed files with 16 additions and 3 deletions
--- a/common/models/access-token.json
+++ b/common/models/access-token.json
@ -11,6 +11,9 @@
      "default": 1209600,
      "description": "time to live in seconds (2 weeks by default)"
    },
+    "scopes": {
+      "type": ["string"]
+    },
    "created": {
      "type": "Date"
    }
@ -20,6 +23,11 @@
      "type": "belongsTo",
      "model": "User",
      "foreignKey": "userId"
+    },
+    "application": {
+      "type": "belongsTo",
+      "model": "Application",
+      "foreignKey": "appId"
    }
  },
  "acls": [
--- a/common/models/user.js
+++ b/common/models/user.js
@ -424,7 +424,7 @@ module.exports = function(User) {
  };

  /**
-   * Create a short lived acess token for temporary login. Allows users
+   * Create a short lived access token for temporary login. Allows users
   * to change passwords if forgotten.
   *
   * @options {Object} options
@ -445,7 +445,8 @@ module.exports = function(User) {
        } else if (user) {
          // create a short lived access token for temp login to change password
          // TODO(ritch) - eventually this should only allow password change
-          user.accessTokens.create({ttl: ttl}, function(err, accessToken) {
+          user.accessTokens.create({ttl: ttl, scopes: ['resetPassword']},
+            function(err, accessToken) {
            if (err) {
              cb(err);
            } else {
--- a/test/support.js
+++ b/test/support.js
@ -2,8 +2,10 @@
 * loopback test setup and support.
 */

-assert = require('assert');
+assert = require('chai').assert;
 expect = require('chai').expect;
+should = require('chai').should;
+
 loopback = require('../');
 memoryConnector = loopback.Memory;
 GeoPoint = loopback.GeoPoint;
--- a/test/user.test.js
+++ b/test/user.test.js
@ -923,6 +923,8 @@ describe('User', function() {
          assert(info.email);
          assert(info.accessToken);
          assert(info.accessToken.id);
+          assert.equal(info.accessToken.scopes.length, 0);
+          assert.equal(info.accessToken.scopes[0], 'resetPassword');
          assert.equal(info.accessToken.ttl / 60, 15);
          assert(calledBack);
          info.accessToken.user(function(err, user) {