autohost - npm Package Compare versions

Comparing version 0.4.4 to 0.4.5

CHANGELOG.md

		## 0.4.x

		### 0.4.5
		Enhancement - getUserString is now shared as an overrideable global config option

		### 0.4.4
		@@ -4,0 +7,0 @@ Bug fix - getRoles was incorrectly being treated as error handling middleware

package.json

		{
		"name": "autohost",
		"version": "0.4.4",
		"version": "0.4.5",
		"description": "Resource driven, transport agnostic host",
		@@ -5,0 +5,0 @@ "main": "src/index.js",

README.md

		@@ -73,2 +73,3 @@ # autohost
		cookie: // session cookie configuration
		getUserString: // method to return a string id for a user

		@@ -171,2 +172,21 @@ logging: {}, // configuration passed to autohost's whistlepunk instance

		### getUserString

		The `getUserString` option expects a method that accepts `user` as its only parameter, and returns a string (used for logging) to identify the user. The default method provided attempts the following steps:

		* return `user.name` if available, otherwise:
		* return `user.username` if available, otherwise:
		* return `user.id` if available, otherwise:
		* return `JSON.stringify( user )`

		Override this method with custom logic if the default does not match your field names on your user object. For instance:

		```js
		{
		getUserString: function ( user ) {
		return user.login;
		}
		}
		```

		### fount
		@@ -173,0 +193,0 @@ [fount](https://github.com/LeanKit-Labs/fount) is a dependency injection library for Node. If the application is using fount, the application's instance can be provided at the end of the init call so that resources will have access to the same fount instance the application is using. The fount instance in use by `autohost` is available via `host.fount`.

src/http/adapter.js

		@@ -53,3 +53,3 @@ var path = require( 'path' );
		log.debug( 'Checking %s\'s permissions for %s',
		getUserString( user ), action
		state.config.getUserString( user ), action
		);
		@@ -105,6 +105,2 @@ state.metrics.authorizationAttempts.record( 1, { name: 'HTTP_AUTHORIZATION_ATTEMPTS' } );

		function getUserString( user ) {
		return user.name ? user.name : JSON.stringify( user );
		}

		function hasPrefix( state, url ) {
		@@ -195,3 +191,3 @@ var prefix = state.http.buildUrl(
		log.debug( 'HTTP activation of action %s (%s %s) for %j granted',
		meta.alias, action.method, meta.url, getUserString( req.user ) );
		meta.alias, action.method, meta.url, state.config.getUserString( req.user ) );
		respond( state, meta, req, res, resource, action );
		@@ -201,3 +197,3 @@ } else {
		log.debug( 'User %s was denied HTTP activation of action %s (%s %s)',
		getUserString( req.user ), meta.alias, action.method, meta.url );
		state.config.getUserString( req.user ), meta.alias, action.method, meta.url );
		if ( !res._headerSent ) {
		@@ -204,0 +200,0 @@ res.status( 403 ).send( 'User lacks sufficient permissions' );

src/http/passport.js

		@@ -46,3 +46,3 @@ var _ = require( 'lodash' );
		timer.record( { name: 'HTTP_AUTHORIZATION_DURATION' } );
		log.debug( 'Failed to get roles for %s with %s', getUserString( req.user ), err.stack );
		log.debug( 'Failed to get roles for %s with %s', state.config.getUserString( req.user ), err.stack );
		// during a socket connection, express is not fully initialized and this call fails ... hard
		@@ -78,3 +78,3 @@ try {
		timer.record( { name: 'WS_AUTHORIZATION_DURATION' } );
		log.debug( 'Failed to get roles for %s with %s', getUserString( user ), err.stack );
		log.debug( 'Failed to get roles for %s with %s', state.config.getUserString( user ), err.stack );
		return [];
		@@ -84,3 +84,3 @@ }
		function onRoles( roles ) {
		log.debug( 'Got roles [ %s ] for %s', roles, getUserString( user ) );
		log.debug( 'Got roles [ %s ] for %s', roles, state.config.getUserString( user ) );
		timer.record( { name: 'WS_AUTHORIZATION_DURATION' } );
		@@ -99,6 +99,2 @@ return roles;

		function getUserString( user ) {
		return user.name \|\| user.username \|\| user.id \|\| JSON.stringify( user );
		}

		function resetUserCount( state ) {
		@@ -145,2 +141,3 @@ userCountCheck = state.authProvider.hasUsers;
		var state = {
		config: config,
		authProvider: authProvider,
		@@ -147,0 +144,0 @@ metrics: metronic(),

src/index.js

		@@ -17,2 +17,7 @@ var _ = require( 'lodash' );
		config = config \|\| {};
		_.defaults( config, {
		getUserString: function( user ) {
		return user.name \|\| user.username \|\| user.id \|\| JSON.stringify( user );
		}
		} );
		authProvider = authProvider \|\| config.authProvider;
		@@ -19,0 +24,0 @@ require( './log' )( config.logging \|\| {} );

src/mock/auth.js

		@@ -56,3 +56,3 @@ // this mock is intended to support tests as well as provide a memory-based implementation
		function getUserString( user ) {
		return user.name ? user.name : JSON.stringify( user );
		return user.name \|\| user.username \|\| user.id \|\| JSON.stringify( user );
		}
		@@ -59,0 +59,0 @@

src/websocket/adapter.js

		@@ -14,3 +14,3 @@ var _ = require( 'lodash' );
		function checkPermissionFor( state, user, context, action ) {
		log.debug( 'Checking %s\'s permissions for %s', getUserString( user ), action );
		log.debug( 'Checking %s\'s permissions for %s', state.config.getUserString( user ), action );
		return state.authProvider.checkPermission( user, action, context )
		@@ -26,6 +26,2 @@ .then( null, function( err ) {

		function getUserString( user ) {
		return user.name ? user.name : JSON.stringify( user );
		}

		function start( state ) {
		@@ -108,3 +104,3 @@ state.socket.start( state.authProvider );
		log.debug( 'WS activation of action %s for %s granted',
		meta.alias, getUserString( client.user ) );
		meta.alias, state.config.getUserString( client.user ) );
		respond( state, meta, resource, action, client, data, message, resourceTimer );
		@@ -114,3 +110,3 @@ } else {
		log.debug( 'User %s was denied WS activation of action %s',
		getUserString( client.user ), meta.alias );
		state.config.getUserString( client.user ), meta.alias );
		client.publish( data.replyTo \|\| meta.topic,
		@@ -117,0 +113,0 @@ 'User lacks sufficient permissions' );

New alerts