autohost - npm Package Compare versions

Comparing version 0.2.0-13 to 0.2.0-14

package.json

 {
   "name": "autohost",
-  "version": "0.2.0-13",
+  "version": "0.2.0-14",
   "description": "Resource driven transport agnostic host",
@@ -5,0 +5,0 @@ "main": "src/index.js",

spec/http.spec.js

@@ -12,7 +12,9 @@ var should = require( 'should' ); //jshint ignore:line
 	};
-var authProvider = require( './auth/mock.js' )( config );
-var passport = require( '../src/http/passport.js' )( config, authProvider, metrics );
-var middleware = require( '../src/http/middleware.js' )( config, metrics );
-var http = require( '../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+// var authProvider = require( './auth/mock.js' )( config );
+// var passport = require( '../src/http/passport.js' )( config, authProvider, metrics );
+// var middleware = require( '../src/http/middleware.js' )( config, metrics );
+// var http = require( '../src/http/http.js' )( config, requestor, passport, middleware, metrics );
 
+var authProvider, passport, middleware, http;
+
 describe( 'with http module', function() {
@@ -31,2 +33,7 @@ var middlewareHit = [],
 	before( function() {
+		authProvider = require( './auth/mock.js' )( config );
+		passport = require( '../src/http/passport.js' )( config, authProvider, metrics );
+		middleware = require( '../src/http/middleware.js' )( config, metrics );
+		http = require( '../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+
 		authProvider.users = {};
@@ -132,5 +139,4 @@ passport.resetUserCheck();
 	describe( 'when authenticating with session support', function() {
-		var originalAuthenticate = authProvider.authenticate,
-			counter = 0,
-			codes,
+		var counter = 0,
+			codes, originalAuthenticate,
 			get = function() { 
@@ -148,2 +154,3 @@ return when.promise( function( resolve ) {
 		before( function( done ) {
+			originalAuthenticate = authProvider.authenticate;
 			authProvider.authenticate = function( req, res, next ) {
@@ -175,3 +182,5 @@ counter = counter + 1;
 
-	after( http.stop );
+	after( function() {
+		http.stop();
+	} );
 } );

spec/socketio/invalid-auth.spec.js

@@ -12,9 +12,9 @@ var should = require( 'should' ); //jshint ignore: line
 	};
-var authProvider = require( '../auth/mock.js' )( config );
-var passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
-var middleware = require( '../../src/http/middleware.js' )( config, metrics );
-var http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
-var socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
+// var authProvider = require( '../auth/mock.js' )( config );
+// var passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
+// var middleware = require( '../../src/http/middleware.js' )( config, metrics );
+// var http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+// var socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
 
-authProvider.users[ 'test' ] = { user: 'torpald' };
+var authProvider, passport, middleware, http, socket;
 
@@ -26,2 +26,10 @@ describe( 'with failed socket.io credentials', function() {
 	before( function( done ) {
+		authProvider = require( '../auth/mock.js' )( config );
+		passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
+		middleware = require( '../../src/http/middleware.js' )( config, metrics );
+		http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+		socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
+
+		authProvider.users[ 'test' ] = { user: 'torpald' };
+
 		http.start();
@@ -28,0 +36,0 @@ socket.start( passport );

spec/socketio/skipped-auth.spec.js

@@ -1,20 +0,17 @@
-var should = require( 'should' ),
-	path = require( 'path' ),
-	_ = require( 'lodash' ),
-	requestor = require( 'request' ).defaults( { jar: false } ),
-	metrics = require( 'cluster-metrics' ),
-	debug = require( 'debug' )( 'autohost-spec:skipped-auth' ),
-	when = require( 'when' ),
-	port = 88988,
-	config = {
+var should = require( 'should' );
+var path = require( 'path' );
+var _ = require( 'lodash' );
+var requestor = require( 'request' ).defaults( { jar: false } );
+var metrics = require( 'cluster-metrics' );
+var debug = require( 'debug' )( 'autohost-spec:skipped-auth' );
+var when = require( 'when' );
+var port = 88988;
+var config = {
 		port: port,
 		socketio: true,
 		websocket: true
-	},
-	authProvider = require( '../auth/mock.js' )( config ),
-	passport = require( '../../src/http/passport.js' )( config, authProvider, metrics ),
-	middleware = require( '../../src/http/middleware.js' )( config, metrics ),
-	http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics ),
-	socket = require( '../../src/websocket/socket.js' )( config, http );
+	};
 
+var authProvider, passport, middleware, http, socket;
+
 describe( 'with socketio and no users', function() {
@@ -24,2 +21,8 @@ var client;
 	before( function( done ) {
+		authProvider = require( '../auth/mock.js' )( config );
+		passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
+		middleware = require( '../../src/http/middleware.js' )( config, metrics );
+		http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+		socket = require( '../../src/websocket/socket.js' )( config, http );
+
 		http.start();
@@ -26,0 +29,0 @@ socket.start( passport );

spec/websocket/authenticated.spec.js

@@ -12,10 +12,12 @@ var should = require( 'should' ); //jshint ignore:line
 	};
-var authProvider = require( '../auth/mock.js' )( config );
-var passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
-var middleware = require( '../../src/http/middleware.js' )( config, metrics );
-var http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
-var socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
+// var authProvider = require( '../auth/mock.js' )( config );
+// var passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
+// var middleware = require( '../../src/http/middleware.js' )( config, metrics );
+// var http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+// var socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
 
-authProvider.users[ 'admin' ] = { name: 'admin', password: 'admin' };
+// authProvider.users[ 'admin' ] = { name: 'admin', password: 'admin' };
 
+var authProvider, passport, middleware, http, socket;
+
 describe( 'with websocket and valid credentials', function() {
@@ -26,2 +28,10 @@ var client,
 	before( function( done ) {
+		authProvider = require( '../auth/mock.js' )( config );
+		passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
+		middleware = require( '../../src/http/middleware.js' )( config, metrics );
+		http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+		socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
+
+		authProvider.users[ 'admin' ] = { name: 'admin', password: 'admin' };
+
 		http.start();
@@ -28,0 +38,0 @@ socket.start( passport );

spec/websocket/invalid-auth.spec.js

@@ -11,10 +11,12 @@ var should = require( 'should' ); //jshint ignore:line
 	};
-var authProvider = require( '../auth/mock.js' )( config );
-var passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
-var middleware = require( '../../src/http/middleware.js' )( config, metrics );
-var http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
-var socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
+// var authProvider = require( '../auth/mock.js' )( config );
+// var passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
+// var middleware = require( '../../src/http/middleware.js' )( config, metrics );
+// var http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+// var socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
 
-authProvider.users[ 'test' ] = { user: 'torpald' };
+// authProvider.users[ 'test' ] = { user: 'torpald' };
 
+var authProvider, passport, middleware, http, socket;
+
 describe( 'with websocket and bad credentials', function() {
@@ -25,2 +27,10 @@ var socketErr,
 	before( function( done ) {
+		authProvider = require( '../auth/mock.js' )( config );
+		passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
+		middleware = require( '../../src/http/middleware.js' )( config, metrics );
+		http = require( '../../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+		socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
+
+		authProvider.users[ 'test' ] = { user: 'torpald' };
+
 		http.start();
@@ -27,0 +37,0 @@ socket.start( passport );

spec/websocket/noauth.spec.js

@@ -12,9 +12,6 @@ var should = require( 'should' ); //jshint ignore:line
 	};
-// var authProvider = require( '../auth/mock.js' )( config );
-// var passport = require( '../../src/http/passport.js' )( config, authProvider, metrics );
-var middleware = require( '../../src/http/middleware.js' )( config, metrics );
-var http = require( '../../src/http/http.js' )( config, requestor, undefined, middleware, metrics );
-var socket = require( '../../src/websocket/socket.js' )( config, http, middleware );
 
-describe( 'with websocket', function() {
+var middleware, http, socket;
+
+describe( 'with websocket and no auth strategy', function() {
 	var client,
@@ -24,2 +21,6 @@ clientSocket;
 	before( function( done ) {
+		middleware = require( '../../src/http/middleware.js' )( config, metrics );
+		http = require( '../../src/http/http.js' )( config, requestor, undefined, middleware, metrics );
+		socket = require( '../../src/websocket/socket.js' )( config, http );
+
 		http.start();
@@ -36,3 +37,3 @@ socket.start();
 
-		client.on( 'connect', function( cs ) {
+		client.once( 'connect', function( cs ) {
 			clientSocket = cs;
@@ -39,0 +40,0 @@ done();

spec/ws.adapter.spec.js

@@ -12,8 +12,9 @@ var should = require( 'should' ); //jshint ignore:line
 	};
-var authProvider = require( './auth/mock.js' )( config );
-var passport = require( '../src/http/passport.js' )( config, authProvider, metrics );
-var middleware = require( '../src/http/middleware.js' )( config, metrics );
-var http = require( '../src/http/http.js' )( config, requestor, passport, middleware, metrics );
-var socket = require( '../src/websocket/socket.js' )( config, http, middleware );
-var socketAdapter = require( '../src/websocket/adapter.js' )( config, authProvider, socket, metrics );
+// var authProvider = require( './auth/mock.js' )( config );
+// var passport = require( '../src/http/passport.js' )( config, authProvider, metrics );
+// var middleware = require( '../src/http/middleware.js' )( config, metrics );
+// var http = require( '../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+// var socket = require( '../src/websocket/socket.js' )( config, http, middleware );
+// var socketAdapter = require( '../src/websocket/adapter.js' )( config, authProvider, socket, metrics );
+var authProvider, passport, middleware, http, socket, socketAdapter;
 var actionRoles = function( action, roles ) {
@@ -37,2 +38,9 @@ authProvider.actions[ action ] = { roles: roles };
 	before( function( done ) {
+		authProvider = require( './auth/mock.js' )( config );
+		passport = require( '../src/http/passport.js' )( config, authProvider, metrics );
+		middleware = require( '../src/http/middleware.js' )( config, metrics );
+		http = require( '../src/http/http.js' )( config, requestor, passport, middleware, metrics );
+		socket = require( '../src/websocket/socket.js' )( config, http, middleware );
+		socketAdapter = require( '../src/websocket/adapter.js' )( config, authProvider, socket, metrics );
+
 		authProvider.tokens = { 'blorp': 'userman' };
@@ -39,0 +47,0 @@ authProvider.users = {

src/http/http.js

@@ -12,6 +12,3 @@ var path = require( 'path' );
 var queryparse = qs.parse;
-var middleware = [];
-var routes = [];
-var paths = [];
-var request, config, metrics, middlewareLib;
+var middleware, routes, paths, request, config, metrics, middlewareLib;
 
@@ -74,6 +71,2 @@ var wrapper = {
 
-	if( wrapper.passport ) {
-		wrapper.passport.wireupPassport( wrapper );
-	}
-
 	// apply user-supplied middleware
@@ -142,2 +135,5 @@ _.each( middleware, function( m ) { m( wrapper.app ); } );
 module.exports = function( cfg, req, pass, mw, metric ) {
+	middleware = [];
+	routes = [];
+	paths = [];
 	config = cfg;
@@ -149,5 +145,13 @@ metrics = metric;
 	middlewareLib = mw;
+	
+	// if using an auth strategy, move cookie and session middleware before passport middleware
+	// to take advantage of sessions/cookies and avoid authenticating on every request
+	if( pass ) {
+		middlewareLib.useCookies( registerMiddleware );
+		middlewareLib.useSession( registerMiddleware );
+		wrapper.passport.wireupPassport( wrapper );
+	}
 	// prime middleware with defaults
-	middlewareLib.attach( registerMiddleware );
+	middlewareLib.attach( registerMiddleware, pass !== undefined );
 	return wrapper;
 };

src/http/middleware.js

@@ -1,17 +0,24 @@
-var bodyParser = require( 'body-parser' ),
-	cookies = require('cookie-parser'),
-	multer = require( 'multer' ),
-	sessionLib = require( 'express-session' ),
-	wrapper = {
-		attach: applyMiddelware
-	},
-	config, metrics, session, cookieParser;
+var bodyParser = require( 'body-parser' );
+var cookies = require('cookie-parser');
+var sessionLib = require( 'express-session' );
+var multer = require( 'multer' );
+var wrapper = {
+		attach: applyMiddelware,
+		useCookies: applyCookieMiddleware,
+		useSession: applySessionMiddleware
+	};
+var config, metrics, session, cookieParser;
 
-function applyMiddelware( attach ) {
+function applyCookieMiddleware( attach ) {
+	if( !config.noCookies ) {
+		attach( '/', cookieParser );
+	}
+}
+
+function applyMiddelware( attach, hasAuth ) {
 	// add a timer to track ALL requests
 	attach( '/', requestMetrics );
 
-	// turn on cookies unless turned off by the consumer
-	if( !config.noCookies ) {
-		attach( '/', cookieParser );
+	if( !hasAuth ) {
+		applyCookieMiddleware( attach );
 	}
@@ -29,5 +36,4 @@
 
-	// turn on sessions unless turned off by the consumer
-	if( !config.noSession ) {
-		attach( '/', session );
+	if( !hasAuth ) {
+		applySessionMiddleware( attach );
 	}
@@ -41,2 +47,9 @@
 
+function applySessionMiddleware( attach ) {
+	// turn on sessions unless turned off by the consumer
+	if( !config.noSession ) {
+		attach( '/', session );
+	}
+}
+
 function crossOrigin( req, res, next ) {
@@ -43,0 +56,0 @@ res.header( 'Access-Control-Allow-Origin', '*' );

src/http/passport.js

@@ -1,16 +0,16 @@
-var _ = require( 'lodash' ),
-	when = require( 'when' ),
-	passport = require( 'passport' ),
-	debug = require( 'debug' )( 'autohost:passport' ),
-	noOp = function() { return when( true ); },
-	userCountCheck = noOp,
-	authorizationErrorCount = 'autohost.authorization.errors',
-	authorizationErrorRate = 'autohost.authorization.error.rate',
-	authenticationTimer = 'autohost.authentication.timer',
-	authorizationTimer = 'autohost.authorization.timer',
-	passportInitialize = passport.initialize(),
-	passportSession = passport.session(),
-	authProvider,
-	anonPaths,
-	metrics;
+var _ = require( 'lodash' );
+var when = require( 'when' );
+var passport = require( 'passport' );
+var debug = require( 'debug' )( 'autohost:passport' );
+var noOp = function() { return when( true ); };
+var userCountCheck = noOp;
+var authorizationErrorCount = 'autohost.authorization.errors';
+var authorizationErrorRate = 'autohost.authorization.error.rate';
+var authenticationTimer = 'autohost.authentication.timer';
+var authorizationTimer = 'autohost.authorization.timer';
+var passportInitialize = passport.initialize();
+var passportSession = passport.session();
+var authProvider;
+var anonPaths;
+var metrics;
 
@@ -34,2 +34,14 @@ function addPassport( http ) {
 
+function authConditionally( req, res, next ) {
+	// if previous middleware has said to skip auth OR
+	// a user was attached from a session, skip authenticating
+	if( req.skipAuth || ( req.user && req.user.name ) ) {
+		next();
+	} else {
+		metrics.timer( authenticationTimer ).start();
+		authProvider.authenticate( req, res, next );
+		metrics.timer( authenticationTimer ).record();
+	}
+}
+
 function getAuthMiddleware( uri ) {
@@ -109,14 +121,2 @@ var list = [
 
-function authConditionally( req, res, next ) {
-	// if previous middleware has said to skip auth OR
-	// a user was attached from a session, skip authenticating
-	if( req.skipAuth || ( req.user && req.user.name ) ) {
-		next();
-	} else {
-		metrics.timer( authenticationTimer ).start();
-		authProvider.authenticate( req, res, next );
-		metrics.timer( authenticationTimer ).record();
-	}
-}
-
 function whenNoUsers( req, res, next ) {
@@ -123,0 +123,0 @@ userCountCheck()

src/index.js

@@ -67,3 +67,3 @@ var path = require( 'path' );
 	// API metadata
-	wrapper.http.middleware( '/api', function apiMetadata( req, res, next ) {
+	wrapper.http.middleware( '/api', function( req, res, next ) {
 		if( req.method === 'OPTIONS' || req.method === 'options' ) {
@@ -70,0 +70,0 @@ res.status( 200 ).send( wrapper.meta );

src/websocket/socketio.js

@@ -85,5 +85,2 @@ var _ = require( 'lodash' );
 		.use( '/', function( hreq, hres, next ) {
-			if( !authStrategy ) {
-				hreq.user = 'anonymous';
-			}
 			debug( 'Setting socket.io connection user to %s', hreq.user );
@@ -106,3 +103,3 @@ allowed = hreq.user;
 	io = socketio( http.server, { destroyUpgrade: false } );
-	middleware = authStrategy ? http.getAuthMiddleware() : http.getMiddleware();
+	middleware = http.getAuthMiddleware();
 	io.engine.allowRequest = authSocketIO;
@@ -109,0 +106,0 @@ io.on( 'connection', acceptSocket );

src/websocket/websocket.js

@@ -17,10 +17,10 @@ var authStrategy,
 	debug( 'Processing websocket connection attempt' );
-	var protocol = request.requestedProtocols ? request.requestedProtocols[ 0 ] : undefined;
+
+	var protocol = request.requestedProtocols[ 0 ];
 	var socket = request.accept( protocol, request.origin );
 	
 	// grab user from request
-	var user = request.user || request.httpRequest.user;
 	socket.user = {
-		id: user ? user.name : 'anonymous',
-		name: user ? user.name : 'anonymous'
+		id: request.user.name,
+		name: request.user.name 
 	};
@@ -115,16 +115,22 @@
 	response.assignSocket( request.socket );
-	middleware
-		.handle( request.httpRequest, response, function( err ) {
-			if( !authStrategy ) {
-				acceptSocketRequest( request );
-			}
-			else if( err || !request.httpRequest.user ) {
-				debug( 'Websocket connection rejected: authentication required' );
-				request.reject( 401, 'Authentication Required', { 'WWW-Authenticate': 'Basic' } );
-			} else {
-				debug( 'Websocket connection accepted as user %s', JSON.stringify( request.httpRequest.user ) );
-				request.user = request.httpRequest.user;
-				acceptSocketRequest( request );
-			}
-		} );
+	if( authStrategy ) {
+		middleware
+			.handle( request.httpRequest, response, function( err ) {
+				if( err || !request.httpRequest.user ) {
+					debug( 'Websocket connection rejected: authentication required' );
+					request.reject( 401, 'Authentication Required', { 'WWW-Authenticate': 'Basic' } );
+				} else {
+					debug( 'Websocket connection accepted as user %s', JSON.stringify( request.httpRequest.user ) );
+					request.user = request.httpRequest.user;
+					acceptSocketRequest( request );
+				}
+			} );
+	} else {
+		request.user = {
+			id: 'anonymous',
+			name: 'anonymous',
+			roles: []
+		};
+		acceptSocketRequest( request );
+	}
 }
@@ -131,0 +137,0 @@

No alert changes

Improved metrics

Total package byte prevSize

2441686

increased by0.03%

Worsened metrics

Number of package files

154

decreased by-0.65%

Lines of code

43069

decreased by-0.06%

No dependency changes