fix custom token model in token middleware
Fixing server/middleware/token.js to handle correctly the setup of a custom AccessToken model by name in either middleware.json or using any of : app.use(loopback.token({...})); app.middlewareFromConfig(loopback.token, {...}) app.middleware('auth', loopback.token({...})
This commit is contained in:
parent
01ce9b5f5a
commit
cf98d379c4
|
@ -95,13 +95,7 @@ function token(options) {
|
||||||
var app = req.app;
|
var app = req.app;
|
||||||
var registry = app.registry;
|
var registry = app.registry;
|
||||||
if (!TokenModel) {
|
if (!TokenModel) {
|
||||||
if (registry === loopback.registry) {
|
TokenModel = registry.getModel(options.model || 'AccessToken');
|
||||||
TokenModel = options.model || loopback.AccessToken;
|
|
||||||
} else if (options.model) {
|
|
||||||
TokenModel = registry.getModel(options.model);
|
|
||||||
} else {
|
|
||||||
TokenModel = registry.getModel('AccessToken');
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
assert(typeof TokenModel === 'function',
|
assert(typeof TokenModel === 'function',
|
||||||
|
|
|
@ -14,7 +14,7 @@ var extend = require('util')._extend;
|
||||||
var session = require('express-session');
|
var session = require('express-session');
|
||||||
var request = require('supertest');
|
var request = require('supertest');
|
||||||
|
|
||||||
var Token, ACL;
|
var Token, ACL, User, TestModel;
|
||||||
|
|
||||||
describe('loopback.token(options)', function() {
|
describe('loopback.token(options)', function() {
|
||||||
var app;
|
var app;
|
||||||
|
@ -22,17 +22,99 @@ describe('loopback.token(options)', function() {
|
||||||
app = loopback({localRegistry: true, loadBuiltinModels: true});
|
app = loopback({localRegistry: true, loadBuiltinModels: true});
|
||||||
app.dataSource('db', {connector: 'memory'});
|
app.dataSource('db', {connector: 'memory'});
|
||||||
|
|
||||||
|
ACL = app.registry.getModel('ACL');
|
||||||
|
app.model(ACL, {dataSource: 'db'});
|
||||||
|
|
||||||
|
User = app.registry.getModel('User');
|
||||||
|
app.model(User, {dataSource: 'db'});
|
||||||
|
|
||||||
Token = app.registry.createModel({
|
Token = app.registry.createModel({
|
||||||
name: 'MyToken',
|
name: 'MyToken',
|
||||||
base: 'AccessToken',
|
base: 'AccessToken',
|
||||||
});
|
});
|
||||||
app.model(Token, {dataSource: 'db'});
|
app.model(Token, {dataSource: 'db'});
|
||||||
|
|
||||||
ACL = app.registry.getModel('ACL');
|
TestModel = app.registry.createModel({
|
||||||
|
name: 'TestModel',
|
||||||
|
base: 'Model',
|
||||||
|
});
|
||||||
|
TestModel.getToken = function(options, cb) {
|
||||||
|
cb(null, options && options.accessToken || null);
|
||||||
|
};
|
||||||
|
TestModel.remoteMethod('getToken', {
|
||||||
|
accepts: {arg: 'options', type: 'object', http: 'optionsFromRequest'},
|
||||||
|
returns: {arg: 'token', type: 'object'},
|
||||||
|
http: {verb: 'GET', path: '/token'},
|
||||||
|
});
|
||||||
|
app.model(TestModel, {dataSource: 'db'});
|
||||||
|
|
||||||
createTestingToken.call(this, done);
|
createTestingToken.call(this, done);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('defaults to built-in AccessToken model', function() {
|
||||||
|
var BuiltInToken = app.registry.getModel('AccessToken');
|
||||||
|
app.model(BuiltInToken, {dataSource: 'db'});
|
||||||
|
|
||||||
|
app.enableAuth({dataSource: 'db'});
|
||||||
|
app.use(loopback.token());
|
||||||
|
app.use(loopback.rest());
|
||||||
|
|
||||||
|
return BuiltInToken.create({userId: 123}).then(function(token) {
|
||||||
|
return request(app)
|
||||||
|
.get('/TestModels/token?_format=json')
|
||||||
|
.set('authorization', token.id)
|
||||||
|
.expect(200)
|
||||||
|
.expect('Content-Type', /json/)
|
||||||
|
.then(res => {
|
||||||
|
expect(res.body.token.id).to.eql(token.id);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it('uses correct custom AccessToken model from model class param', function() {
|
||||||
|
User.hasMany(Token, {
|
||||||
|
as: 'accessTokens',
|
||||||
|
options: {disableInclude: true},
|
||||||
|
});
|
||||||
|
|
||||||
|
app.enableAuth();
|
||||||
|
app.use(loopback.token({model: Token}));
|
||||||
|
app.use(loopback.rest());
|
||||||
|
|
||||||
|
return Token.create({userId: 123}).then(function(token) {
|
||||||
|
return request(app)
|
||||||
|
.get('/TestModels/token?_format=json')
|
||||||
|
.set('authorization', token.id)
|
||||||
|
.expect(200)
|
||||||
|
.expect('Content-Type', /json/)
|
||||||
|
.then(res => {
|
||||||
|
expect(res.body.token.id).to.eql(token.id);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it('uses correct custom AccessToken model from string param', function() {
|
||||||
|
User.hasMany(Token, {
|
||||||
|
as: 'accessTokens',
|
||||||
|
options: {disableInclude: true},
|
||||||
|
});
|
||||||
|
|
||||||
|
app.enableAuth();
|
||||||
|
app.use(loopback.token({model: Token.modelName}));
|
||||||
|
app.use(loopback.rest());
|
||||||
|
|
||||||
|
return Token.create({userId: 123}).then(function(token) {
|
||||||
|
return request(app)
|
||||||
|
.get('/TestModels/token?_format=json')
|
||||||
|
.set('authorization', token.id)
|
||||||
|
.expect(200)
|
||||||
|
.expect('Content-Type', /json/)
|
||||||
|
.then(res => {
|
||||||
|
expect(res.body.token.id).to.eql(token.id);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
it('should populate req.token from the query string', function(done) {
|
it('should populate req.token from the query string', function(done) {
|
||||||
createTestAppAndRequest(this.token, done)
|
createTestAppAndRequest(this.token, done)
|
||||||
.get('/?access_token=' + this.token.id)
|
.get('/?access_token=' + this.token.id)
|
||||||
|
@ -287,7 +369,7 @@ describe('loopback.token(options)', function() {
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should overwrite invalid existing token (is !== undefined and has no "id" property) ' +
|
it('should overwrite invalid existing token (is !== undefined and has no "id" property) ' +
|
||||||
' when enableDoubkecheck is true',
|
' when enableDoublecheck is true',
|
||||||
function(done) {
|
function(done) {
|
||||||
var token = this.token;
|
var token = this.token;
|
||||||
app.use(function(req, res, next) {
|
app.use(function(req, res, next) {
|
||||||
|
@ -607,9 +689,10 @@ function createTestAppAndRequest(testToken, settings, done) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function createTestApp(testToken, settings, done) {
|
function createTestApp(testToken, settings, done) {
|
||||||
done = arguments[arguments.length - 1];
|
if (!done && typeof settings === 'function') {
|
||||||
if (settings == done) settings = {};
|
done = settings;
|
||||||
settings = settings || {};
|
settings = {};
|
||||||
|
}
|
||||||
|
|
||||||
var appSettings = settings.app || {};
|
var appSettings = settings.app || {};
|
||||||
var modelSettings = settings.model || {};
|
var modelSettings = settings.model || {};
|
||||||
|
|
|
@ -20,5 +20,5 @@
|
||||||
"principalId": "$everyone"
|
"principalId": "$everyone"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"replaceOnPUT": false
|
"replaceOnPUT": false
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue