@nymdev/express-nymag-user
Advanced tools
@nymdev/express-nymag-user - npm Package Compare versions
Comparing version 0.0.4 to 1.0.0
58
index.js
@@ -8,12 +8,2 @@ 'use strict'; | ||
| function getDefaultBlockDomains() { | ||
| const blockDomains = process.env.BLOCK_DOMAINS; | ||
| if (_.isString(blockDomains) && blockDomains.length) { | ||
| return _.map(blockDomains.split(','), _.trim); | ||
| } else { | ||
| return []; | ||
| } | ||
| } | ||
| /** | ||
@@ -30,32 +20,16 @@ * @param {string} target | ||
| /** | ||
| * @param {string} host | ||
| * @param {object} options | ||
| * @param {[string]} [options.blockDomains] | ||
| * @returns {boolean} | ||
| */ | ||
| function isOnBlockList(host, options) { | ||
| const blockDomains = _.get(options, 'blockDomains', getDefaultBlockDomains()); | ||
| if (!_.isArray(blockDomains)) { | ||
| throw new Error('blockDomains must be Array'); | ||
| } | ||
| return _.any(blockDomains, contains(host)); | ||
| } | ||
| /** | ||
| * Should we block this domain? | ||
| * Should we block this request? | ||
| * @param {*} req | ||
| * @param {object} options | ||
| * @param {function} [options.isProtected] | ||
| * @param {[string]} [options.blockDomains] | ||
| * @returns {boolean} | ||
| */ | ||
| function shouldBlock(req, options) { | ||
| const host = req.get('host') || '', | ||
| isProtected = _.get(options, 'isProtected'), | ||
| const isProtected = _.get(options, 'isProtected'), | ||
| hasDefinedProtectedLogic = _.isFunction(isProtected), | ||
| hasCookiesEnabled = !!req.cookies; | ||
| return hasCookiesEnabled && hasDefinedProtectedLogic && isOnBlockList(host, options) && isProtected(req); | ||
| return hasCookiesEnabled && | ||
| hasDefinedProtectedLogic && | ||
| isProtected(req); | ||
| } | ||
@@ -72,5 +46,3 @@ | ||
| return options.redirectTo(originalUrl); | ||
| } else { | ||
| return '/'; | ||
| } | ||
| } | ||
| } | ||
@@ -107,2 +79,12 @@ | ||
| function redirect(req,res, options) { | ||
| var authUrl = getAuthServerUrl(options, getOriginalUrl(req)); | ||
| if (authUrl) { | ||
| res.redirect(authUrl); | ||
| } else { | ||
| res.status(403) | ||
| .send('Forbidden: Protected resource with no authentication service defined.') | ||
| } | ||
| } | ||
| /** | ||
@@ -119,5 +101,9 @@ * @param {object} options | ||
| req.user = user; | ||
| next(); | ||
| if (shouldBlock(req, options)) { | ||
| redirect(req, res, options); | ||
| } else { | ||
| next(); | ||
| } | ||
| } else { | ||
| res.redirect(getAuthServerUrl(options, getOriginalUrl(req))); | ||
| redirect(req, res, options); | ||
| } | ||
@@ -124,0 +110,0 @@ } else { |
| { | ||
| "name": "@nymdev/express-nymag-user", | ||
| "version": "0.0.4", | ||
| "version": "1.0.0", | ||
| "description": "Handles in-house user identification as middleware for express via a cookie", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Number of low quality alerts
- decreased by-100%
0
- Number of low supply chain risk alerts
- decreased by-25%
3
Worsened metrics
- Total package byte prevSize
- decreased by-3.65%
10406
- Lines of code
- decreased by-4.1%
234
No dependency changes