@adonisjs/auth - npm Package Compare versions

Comparing version 3.0.2 to 3.0.3

CHANGELOG.md

@@ -0,1 +1,19 @@
+<a name="3.0.3"></a>
+## [3.0.3](https://github.com/adonisjs/adonis-auth/compare/v3.0.1...v3.0.3) (2018-03-16)
+
+
+### Bug Fixes
+
+* **databaseSerializer:** fix serializer after knex upgrade ([d88d2a8](https://github.com/adonisjs/adonis-auth/commit/d88d2a8))
+* **package:** add comma ([b9a456f](https://github.com/adonisjs/adonis-auth/commit/b9a456f))
+* **provider:** use correct namespace for WsContext ([d28698c](https://github.com/adonisjs/adonis-auth/commit/d28698c))
+
+
+### Features
+
+* **basicauth:** allow basic auth string via request body ([0466ed8](https://github.com/adonisjs/adonis-auth/commit/0466ed8))
+* **middleware:** add methods on middleware to be used with Websocket ([1afb942](https://github.com/adonisjs/adonis-auth/commit/1afb942))
+
+
+
 <a name="3.0.2"></a>
@@ -2,0 +20,0 @@ ## [3.0.2](https://github.com/adonisjs/adonis-auth/compare/v3.0.1...v3.0.2) (2018-02-16)

package.json

 {
   "name": "@adonisjs/auth",
-  "version": "3.0.2",
+  "version": "3.0.3",
   "description": "Offical authentication provider for Adonis framework",
@@ -26,6 +26,13 @@ "main": "index.js",
   "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/adonisjs/adonis-auth"
+  },
+  "bugs": {
+    "url": "https://github.com/adonisjs/adonis-auth/issues"
+  },
   "devDependencies": {
-    "@adonisjs/fold": "^4.0.5",
-    "@adonisjs/lucid": "^5.0.1",
-    "@adonisjs/sink": "^1.0.13",
+    "@adonisjs/fold": "^4.0.7",
+    "@adonisjs/lucid": "^5.0.3",
+    "@adonisjs/sink": "^1.0.16",
     "cookie": "^0.3.1",
@@ -40,6 +47,6 @@ "coveralls": "^3.0.0",
     "node-req": "^2.1.0",
-    "nyc": "^11.4.1",
+    "nyc": "^11.6.0",
     "semver": "^5.5.0",
-    "sqlite3": "^3.1.13",
-    "standard": "^10.0.3",
+    "sqlite3": "^4.0.0",
+    "standard": "^11.0.1",
     "supertest": "^3.0.0"
@@ -69,3 +76,3 @@ },
     "debug": "^3.1.0",
-    "jsonwebtoken": "^8.1.1",
+    "jsonwebtoken": "^8.2.0",
     "lodash": "^4.17.5",
@@ -72,0 +79,0 @@ "ms": "^2.1.1",

providers/AuthProvider.js

@@ -138,2 +138,13 @@ 'use strict'
     /**
+     * Try adding auth to the websocket context. Since websocket is
+     * optional, we need to wrap binding inside a try catch
+     */
+    try {
+      const WsContext = this.app.use('Adonis/Addons/WsContext')
+      WsContext.getter('auth', function () {
+        return new Auth({ request: this.request, response: this.response, session: this.session }, Config)
+      }, true)
+    } catch (error) {}
+
+    /**
      * Adding `loggedIn` tag to the view, only when view
@@ -140,0 +151,0 @@ * provider is registered

src/Middleware/Auth.js

@@ -12,3 +12,2 @@ 'use strict'
 
-const _ = require('lodash')
 const debug = require('debug')('adonis:auth')
@@ -45,19 +44,5 @@
 
-  /**
-   * Authenticate the user using one of the defined
-   * schemes or the default scheme
-   *
-   * @method handle
-   * @async
-   *
-   * @param {Object}   ctx       Request context
-   * @param {Function} next
-   * @param {Array}    schemes   Schemes for which the user must be validated.
-   *                             If no scheme is defined, then default scheme from config is used.
-   *
-   * @return {void}
-   */
-  async handle ({ auth, view }, next, schemes) {
+  async _authenticate (auth, schemes) {
     let lastError = null
-    schemes = _.castArray(Array.isArray(schemes) && schemes.length ? schemes : this.scheme)
+    schemes = Array.isArray(schemes) && schemes.length ? schemes : [this.scheme]
 
@@ -98,3 +83,21 @@ debug('attempting to authenticate via %j scheme(s)', schemes)
     }
+  }
 
+  /**
+   * Authenticate the user using one of the defined
+   * schemes or the default scheme
+   *
+   * @method handle
+   * @async
+   *
+   * @param {Object}   ctx       Request context
+   * @param {Function} next
+   * @param {Array}    schemes   Schemes for which the user must be validated.
+   *                             If no scheme is defined, then default scheme from config is used.
+   *
+   * @return {void}
+   */
+  async handle ({ auth, view }, next, schemes) {
+    await this._authenticate(auth, schemes)
+
     /**
@@ -118,4 +121,27 @@ * For compatibility with the old API
   }
+
+  /**
+   * Called when authenticating user for websocket request
+   *
+   * @method wsHandle
+   *
+   * @param {Object}   ctx       Request context
+   * @param {Function} next
+   * @param {Array}    schemes   Schemes for which the user must be validated.
+   *                             If no scheme is defined, then default scheme from config is used.
+   *
+   * @return {void}
+   */
+  async wsHandle ({ auth }, next, schemes) {
+    await this._authenticate(auth, schemes)
+
+    /**
+     * For compatibility with the old API
+     */
+    auth.current = auth.authenticatorInstance
+
+    await next()
+  }
 }
 
 module.exports = Auth

src/Middleware/AuthInit.js

@@ -64,4 +64,24 @@ 'use strict'
   }
+
+  /**
+   * Attempt to login the user on each request ( if scheme is session )
+   *
+   * @method wsHandle
+   *
+   * @async
+   *
+   * @param {Object}   ctx - Request context
+   * @param {Function} next
+   *
+   * @return {void}
+   */
+  async wsHandle ({ auth }, next) {
+    if (this.scheme === 'session') {
+      await auth.loginIfCan()
+    }
+
+    await next()
+  }
 }
 
 module.exports = AuthInit

src/Schemes/BasicAuth.js

@@ -53,3 +53,5 @@ 'use strict'
 
-    const credentials = auth(this._ctx.request.request)
+    const authString = this._ctx.request.header('authorization') || this._ctx.request.input('basic')
+    const credentials = auth.parse(authString)
+
     if (!credentials) {
@@ -56,0 +58,0 @@ throw CE.InvalidBasicAuthException.invoke()

src/Serializers/Database.js

@@ -278,4 +278,4 @@ 'use strict'
 
-    const lhs = query.client.formatter().columnize(`${this._config.table}.${this.primaryKey}`)
-    const rhs = query.client.formatter().columnize(`${this.tokensTable}.${this.foreignKey}`)
+    const lhs = query.client.formatter(query).columnize(`${this._config.table}.${this.primaryKey}`)
+    const rhs = query.client.formatter(query).columnize(`${this.tokensTable}.${this.foreignKey}`)
     const tokensTable = this.tokensTable
@@ -282,0 +282,0 @@

src/VowBindings/Request.js

@@ -39,6 +39,6 @@ 'use strict'
     const sessionFn = typeof (requestInstance.session) === 'function'
-    ? requestInstance.session.bind(requestInstance)
-    : function () {
-      throw new Error('Cannot set login session, since session client is not used for the test')
-    }
+      ? requestInstance.session.bind(requestInstance)
+      : function () {
+        throw new Error('Cannot set login session, since session client is not used for the test')
+      }
 
@@ -45,0 +45,0 @@ const headerFn = requestInstance.header.bind(requestInstance)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

108823

increased by2.31%

Lines of code

3207

increased by1.62%

Number of low maintenance alerts

0

decreased by-100%

Number of low supply chain risk alerts

0

decreased by-100%

Dependency changes

• Updatedjsonwebtoken@^8.2.0