express-user
Advanced tools
express-user - npm Package Compare versions
Comparing version 0.0.1-alpha.4 to 0.0.1-alpha.5
@@ -5,2 +5,3 @@ //Copyright (c) 2015 Eric Vallee <eric_vallee2003@yahoo.ca> | ||
| var Express = require('express'); | ||
| var AccessControl = require('express-access-control'); | ||
@@ -206,9 +207,9 @@ function ConnectionCheckGenerator(Check) | ||
| Router.patch('/User/Self', ExpressUser.AuthenticateRoute()); | ||
| Router.delete('/User/Self', ExpressUser.AuthenticateRoute()); | ||
| Router.get('/User/Self', ExpressUser.AuthenticateRoute()); | ||
| Router.patch('/User/Self', AccessControl.AuthenticateRoute()); | ||
| Router.delete('/User/Self', AccessControl.AuthenticateRoute()); | ||
| Router.get('/User/Self', AccessControl.AuthenticateRoute()); | ||
| if(Roles&&Roles.Edit) | ||
| { | ||
| Router.patch('/User/:Field/:ID', ExpressUser.AuthenticateRoute(Roles['Edit'])); | ||
| Router.patch('/User/:Field/:ID', AccessControl.AuthenticateRoute(Roles['Edit'])); | ||
| } | ||
@@ -218,3 +219,3 @@ | ||
| { | ||
| Router.delete('/User/:Field/:ID', ExpressUser.AuthenticateRoute(Roles['Delete'])); | ||
| Router.delete('/User/:Field/:ID', AccessControl.AuthenticateRoute(Roles['Delete'])); | ||
| } | ||
@@ -224,3 +225,3 @@ | ||
| { | ||
| Router.get('/User/:Field/:ID', ExpressUser.AuthenticateRoute(Roles['Get'])); | ||
| Router.get('/User/:Field/:ID', AccessControl.AuthenticateRoute(Roles['Get'])); | ||
| } | ||
@@ -230,3 +231,3 @@ | ||
| { | ||
| Validator(Router); | ||
| Validator(Router, Options.Roles); | ||
| } | ||
@@ -238,2 +239,3 @@ | ||
| Router.get('/User/Self', MainRoutes.UserGET(UserStore, GetSerializer)); | ||
| //Router.get('/Users/Count/:Field/:ID', MainRoutes.UserCount(UserStore, CountSerializer)); | ||
@@ -268,39 +270,2 @@ if(Roles&&Roles.Edit) | ||
| ExpressUser.Authenticate = function(Req, Groups, Or) | ||
| { | ||
| var IsOr = Or ? Or : true; | ||
| if(Req.session&&Req.session.User) | ||
| { | ||
| if(Groups) | ||
| { | ||
| var Operator = Or ? 'some' : 'every'; | ||
| return(Groups[Operator](function(Group, GroupIndex, GroupList) { | ||
| return(Req.session.User.Memberships.some(function(Membership, MembershipIndex, MembershipList) { | ||
| return(Membership==Group); | ||
| })); | ||
| })); | ||
| } | ||
| else | ||
| { | ||
| return(true); | ||
| } | ||
| } | ||
| return(false); | ||
| } | ||
| ExpressUser.AuthenticateRoute = function(Groups, Or) | ||
| { | ||
| return(function(Req, Res, Next) { | ||
| if(ExpressUser.Authenticate(Req, Groups, Or)) | ||
| { | ||
| Next(); | ||
| } | ||
| else | ||
| { | ||
| Res.status(401).end(); | ||
| } | ||
| }); | ||
| } | ||
| //Alternative: | ||
@@ -307,0 +272,0 @@ //Augment session-store such that certain fields are read-only (saved on initialization outside of 'Data', not re-saved afterwards). |
| { | ||
| "name": "express-user", | ||
| "version": "0.0.1-alpha.4", | ||
| "version": "0.0.1-alpha.5", | ||
| "description": "Ressource Oriented Express Middleware to Manage Users.", | ||
@@ -27,3 +27,4 @@ "keywords": [ | ||
| "dependencies": { | ||
| "express": "~4.10.6" | ||
| "express": "~4.10.6", | ||
| "express-access-control": "~1.0.0" | ||
| }, | ||
@@ -35,6 +36,6 @@ "devDependencies": { | ||
| "express-session-mongodb": "~1.3.2", | ||
| "user-store": "~1.1.1", | ||
| "user-store": "~1.2.0", | ||
| "body-parser": "~1.10.2", | ||
| "mongodb": "~1.4.29", | ||
| "express-user-local": "0.0.1-alpha.1" | ||
| "express-user-local": "0.0.1-alpha.2" | ||
| }, | ||
@@ -41,0 +42,0 @@ "license": "MIT", |
@@ -32,2 +32,3 @@ Express-User | ||
| - DELETE /Session/Self/User -> Logout | ||
| - GET /Users/Count/:Field/:ID -> Count the number of users with the given field | ||
@@ -194,1 +195,9 @@ 2) Admin URLs: | ||
| Added session sychronization support | ||
| 0.0.1-alpha.5 | ||
| ------------- | ||
| - Moved access control logic into a separate module. | ||
| - Changed the validator API a bit so that the validator can access Roles. | ||
| - Updated user-store dependency to version 1.2.0. | ||
| - Updated dev dependency of express-user-local to 0.0.1-alpha.2 |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.95%
65568
- Number of lines in readme file
- increased by4.66%
202
Worsened metrics
- Dependency count
- increased by100%
2
- Lines of code
- decreased by-6.44%
465
Dependency changes
+ Addedexpress-access-control@1.0.0(transitive)