		@@ -22,5 +22,2 @@ 'use strict';

		// from mongoose-session
		var SessionModel = mongoose.model('Session');

		/**
		@@ -34,2 +31,4 @@ * Adds authentication to a resource based on certain properties.
		// TODO: auth list should depend on sockets

		this.use(requestHandler.call(this, getUserLevel));

		@@ -98,2 +97,35 @@ this.post('/login', requestHandler.call(this, login));
		/**
		* Get the `userLevel` and stores it on the `req` object.
		*
		* @param {Object} req
		* @param {Function} callback
		* @api public
		*/
		exports.getUserLevel = getUserLevel;
		function getUserLevel (req, callback) {
		if (req.userLevel !== undefined \|\| !req.session \|\| !req.session.userId) {
		callback();
		return;
		}

		mongoose.model('User')
		.findOne({_id: req.session.userId})
		.select('level')
		.exec(function (err, doc) {
		if (err) {
		callback(baucis.Error.Misconfigured({message: err}));
		return;
		}

		if (doc && doc.level !== undefined) {
		req.userLevel = doc.userLevel;
		} else {
		unsetUserId(req.session);
		}

		callback();
		});
		}

		/**
		* Sets the user ID for the session.
		@@ -110,6 +142,4 @@ *
		session.set('userId', userDoc.id);
		session.set('userLevel', userDoc.get('level'));
		} else {
		session.userId = userDoc.id;
		session.userLevel = userDoc.get('level');
		}
		@@ -130,6 +160,4 @@ session.save();
		session.set('userId', undefined);
		session.set('userLevel', undefined);
		} else {
		session.userId = undefined;
		session.userLevel = undefined;
		}
		@@ -570,3 +598,3 @@ session.save();
		function permitUserLevel (req, props, callback) {
		var userLevel = req.session.userLevel \|\| 0;
		var userLevel = req.userLevel \|\| 0;
		var err = null;
		@@ -733,12 +761,2 @@
		if (access.drop === true) {
		SessionModel.find(
		{"session.userId": doc.id},
		function (err, sessions) {
		if (!err && sessions) {
		sessions.forEach(function (session) {
		unsetUserId(session);
		});
		}
		}
		);
		callback();
		@@ -1022,4 +1040,4 @@ } else {
		function isAdmin (req) {
		var userLevel = req.session && req.session.userLevel \|\| 0;
		var userLevel = req.userLevel \|\| 0;
		return userLevel > 9000;
		}

package.json

		{
		"name": "baucis-decorator-auth",
		"version": "1.0.1",
		"version": "1.0.2",
		"description": "Allows you to specify authentication parameters for properties within any `baucis` resource's `mongoose` schema and adds authentication routes.",
		@@ -5,0 +5,0 @@ "main": "index.js",

README.md

		@@ -10,3 +10,3 @@ # baucis-decorator-auth
		## Usage
		You'll need 5 properties for this and you may also need to use `mongoose-session` as your session store. The main one specifies who is currently authenticated to the resource and should contain an `auth` field, which contains references to the other 4 properties by the keys `password`, `enabler`, `designator`, and `resetter`, as well as a `roles` key that should optionally contain different sets of `Boolean` values for the access control. It is probably easiest to just check out the example below.
		You'll need 5 properties for this. The main one specifies who is currently authenticated to the resource and should contain an `auth` field, which contains references to the other 4 properties by the keys `password`, `enabler`, `designator`, and `resetter`, as well as a `roles` key that should optionally contain different sets of `Boolean` values for the access control. It is probably easiest to just check out the example below.

		@@ -13,0 +13,0 @@ Four endpoints are added, `login`, `logout`, `reset-password`, and `set-password`. The password reset functionality is a WIP as it needs to allow for custom emails. Also keep in mind that authentication and access control can work for any resource, not just users.

baucis-decorator-auth - npm Package Compare versions

Improved metrics