feathers-authentication - npm Package Compare versions

Comparing version 0.2.4 to 0.3.1

lib/public/auth-fail.html

lib/client/index.js

		@@ -129,5 +129,3 @@ 'use strict';
		var defaults = {
		usernameField: 'email',
		passwordField: 'password',
		userEndpoint: '/users',
		// userEndpoint: '/users',
		localEndpoint: '/auth/local',
		@@ -134,0 +132,0 @@ tokenEndpoint: '/auth/token'

lib/hooks/populate-user.js

		@@ -21,3 +21,3 @@ 'use strict';
		// If it's an after hook grab the id from the result
		if (hook.result) {
		if (hook.type === 'after') {
		id = hook.result[options.idField];
		@@ -61,5 +61,5 @@ }
		passwordField: 'password',
		idField: 'id'
		idField: '_id'
		};

		module.exports = exports['default'];

lib/hooks/to-lower-case.js

		@@ -6,3 +6,3 @@ 'use strict';
		});
		exports.default = toLowercase;
		exports.default = toLowerCase;

		@@ -14,3 +14,3 @@ /**
		*/
		function toLowercase() {
		function toLowerCase() {
		var options = arguments.length <= 0 \|\| arguments[0] === undefined ? {} : arguments[0];
		@@ -25,3 +25,3 @@
		function convert(obj) {
		if (obj[fieldName] && obj[fieldName].toLowercase) {
		if (obj[fieldName] && obj[fieldName].toLowerCase) {
		obj[fieldName] = obj[fieldName].toLowerCase();
		@@ -28,0 +28,0 @@ }

lib/hooks/verify-token.js

		@@ -12,7 +12,2 @@ 'use strict';

		if (!secret) {
		console.log('no secret', options);
		throw new Error('You need to pass `options.secret` to the verifyToken() hook.');
		}

		return function (hook) {
		@@ -25,2 +20,13 @@ var token = hook.params.token;

		if (!secret) {
		// Try to get the secret from the app config
		var authOptions = hook.app.get('auth');

		if (authOptions && authOptions.token && authOptions.token.secret) {
		secret = authOptions.token.secret;
		} else {
		throw new Error('You need to pass `options.secret` to the verifyToken() hook or set `auth.token.secret` it in your config.');
		}
		}

		return new Promise(function (resolve, reject) {
		@@ -27,0 +33,0 @@ _jsonwebtoken2.default.verify(token, secret, options, function (error, payload) {

108

lib/index.js

		@@ -6,2 +6,5 @@ 'use strict';
		});

		var _typeof = typeof Symbol === "function" && typeof Symbol.iterator === "symbol" ? function (obj) { return typeof obj; } : function (obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol ? "symbol" : typeof obj; };

		exports.default = auth;
		@@ -49,2 +52,6 @@

		function isObject(item) {
		return (typeof item === 'undefined' ? 'undefined' : _typeof(item)) === 'object' && !Array.isArray(item) && item !== null;
		}

		var debug = (0, _debug2.default)('feathers-authentication:main');
		@@ -56,3 +63,18 @@ var PROVIDERS = {

		function auth(providers) {
		// Options that apply to any provider
		var defaults = {
		setUpSuccessRedirect: true,
		setUpFailureRedirect: true,
		successRedirect: '/auth/success',
		failureRedirect: '/auth/failure',
		tokenEndpoint: '/auth/token',
		localEndpoint: '/auth/local',
		userEndpoint: '/users',
		header: 'authorization',
		cookie: 'feathers-jwt'
		};

		function auth() {
		var config = arguments.length <= 0 \|\| arguments[0] === undefined ? {} : arguments[0];

		return function () {
		@@ -62,17 +84,7 @@ var app = this;

		// REST middleware
		if (app.rest) {
		debug('registering REST authentication middleware');
		// Make the Passport user available for REST services.
		// app.use( middleware.exposeAuthenticatedUser() );
		// Get the token and expose it to REST services.
		// TODO (EK): Maybe make header key configurable
		app.use(middleware.normalizeAuthToken());
		}

		// NOTE (EK): Currently we require token based auth so
		// if the developer didn't provide a config for our token
		// provider then we'll set up a sane default for them.
		if (providers.token === undefined) {
		providers.token = {
		if (!config.token) {
		config.token = {
		secret: _crypto2.default.randomBytes(64).toString('base64')
		@@ -84,8 +96,22 @@ };
		// for them with the default options.
		if (providers.local === undefined) {
		providers.local = {};
		if (config.local === undefined) {
		config.local = {};
		}

		var authOptions = Object.assign({ successRedirect: '/auth/success' }, providers.local, providers.token);
		// Merge and flatten options
		var authOptions = Object.assign({}, app.get('auth'), defaults, config);

		// Set the options on the app
		app.set('auth', authOptions);

		// REST middleware
		if (app.rest) {
		debug('registering REST authentication middleware');
		// Make the Passport user available for REST services.
		// app.use( middleware.exposeAuthenticatedUser() );
		// Get the token and expose it to REST services.
		// TODO (EK): Maybe make header key configurable
		app.use(middleware.normalizeAuthToken(authOptions));
		}

		app.use(_passport2.default.initialize());
		@@ -112,9 +138,30 @@
		// Merge all of our options and configure the appropriate service
		Object.keys(providers).forEach(function (key) {
		Object.keys(config).forEach(function (key) {

		// Because we are iterating through all the keys we might
		// be dealing with a confir param and not a provider config
		// If that's the case we don't need to merge params and we
		// shouldn't try to set up a service for this key.
		if (!isObject(config[key])) {
		return;
		}

		// Check to see if the key is a local or token provider
		var provider = PROVIDERS[key];
		var providerOptions = providers[key];
		var providerOptions = config[key];

		// If they passed a custom success redirect then we'll
		// leave it to the developer to set up their own route.
		if (providerOptions.successRedirect) {
		authOptions.setUpSuccessRedirect = false;
		}

		// If they passed a custom failure redirect then we'll
		// leave it to the developer to set up their own route.
		if (providerOptions.failureRedirect) {
		authOptions.setUpFailureRedirect = false;
		}

		// If it's not one of our own providers then determine whether it is oauth1 or oauth2
		if (!provider) {
		if (!provider && isObject(providerOptions)) {
		// Check to see if it is an oauth2 provider
		@@ -127,8 +174,8 @@ if (providerOptions.clientID && providerOptions.clientSecret) {
		throw new Error('Sorry we don\'t support OAuth1 providers right now. Try using a ' + key + ' OAuth2 provider.');
		} else if (!provider) {
		throw new Error('Invalid \'' + key + '\' provider configuration.\nYou need to provide your \'clientID\' and \'clientSecret\' if using an OAuth2 provider or your \'consumerKey\' and \'consumerSecret\' if using an OAuth1 provider.');
		}

		providerOptions = Object.assign({ provider: key, endPoint: '/auth/' + key }, providerOptions);
		}

		var options = Object.assign({ provider: key, endPoint: '/auth/' + key }, providerOptions, authOptions);
		var options = Object.assign({}, authOptions, providerOptions);

		@@ -138,8 +185,15 @@ app.configure(provider(options));

		// TODO (EK): We might want to also support a failRedirect for HTML
		// Don't register this route handler if a custom success redirect is passed in
		if (authOptions.setUpSuccessRedirect) {
		app.get(authOptions.successRedirect, function (req, res) {
		res.sendFile(_path2.default.resolve(__dirname, 'public', 'auth-success.html'));
		});
		}

		// TODO (EK): Don't register this route handler if a custom success redirect is passed in
		app.get(authOptions.successRedirect, function (req, res) {
		res.sendFile(_path2.default.resolve(__dirname, 'public', 'auth-success.html'));
		});
		// Don't register this route handler if a custom failure redirect is passed in
		if (authOptions.setUpFailureRedirect) {
		app.get(authOptions.failureRedirect, function (req, res) {
		res.sendFile(_path2.default.resolve(__dirname, 'public', 'auth-fail.html'));
		});
		}
		};
		@@ -146,0 +200,0 @@ }

lib/middleware/index.js

		@@ -19,9 +19,3 @@ 'use strict';
		var debug = (0, _debug2.default)('feathers-authentication:middleware');
		var FIVE_SECONDS = 5000;
		var TEN_HOURS = 36000;
		var defaults = {
		timeout: FIVE_SECONDS,
		tokenEndpoint: '/auth/token',
		localEndpoint: '/auth/local'
		};

		@@ -52,9 +46,12 @@ // Usually this is a big no no but passport requires the

		var defaults = {
		header: 'authorization',
		cookie: 'feathers-jwt'
		};
		debug('Setting up normalizeAuthToken middleware with options:', options);

		options = Object.assign({}, defaults, options);
		if (!options.header) {
		throw new Error('\'header\' must be provided to normalizeAuthToken() middleware');
		}

		if (!options.cookie) {
		throw new Error('\'cookie\' must be provided to normalizeAuthToken() middleware');
		}

		return function (req, res, next) {
		@@ -96,2 +93,12 @@ var token = req.headers[options.header];

		debug('Setting up successfulLogin middleware with options:', options);

		if (!options.cookie) {
		throw new Error('\'cookie\' must be provided to successfulLogin() middleware');
		}

		if (!options.successRedirect) {
		throw new Error('\'successRedirect\' must be provided to successfulLogin() middleware');
		}

		return function (req, res, next) {
		@@ -107,3 +114,3 @@ // NOTE (EK): If we are not dealing with a browser or it was an
		// clear any previous JWT cookie
		res.clearCookie('feathers-jwt');
		res.clearCookie(options.cookie);

		@@ -115,3 +122,3 @@ // Set a our JWT in a cookie.

		res.cookie('feathers-jwt', res.data.token, { expires: expiration });
		res.cookie(options.cookie, res.data.token, { expires: expiration });

		@@ -126,3 +133,3 @@ // Redirect to our success route

		options = Object.assign({}, defaults, options);
		options = Object.assign({}, options);

		@@ -187,3 +194,3 @@ debug('Setting up Socket.io authentication middleware with options:', options);

		options = Object.assign({}, defaults, options);
		options = Object.assign({}, options);

		@@ -190,0 +197,0 @@ debug('Setting up Primus authentication middleware with options:', options);

lib/services/local/index.js

		@@ -56,8 +56,4 @@ 'use strict';
		var defaults = {
		userEndpoint: '/users',
		usernameField: 'email',
		passwordField: 'password',
		userProperty: _passport2.default._userProperty \|\| 'user',
		localEndpoint: '/auth/local',
		tokenEndpoint: '/auth/token'
		passwordField: 'password'
		};
		@@ -64,0 +60,0 @@

lib/services/oauth2/index.js

		@@ -65,7 +65,5 @@ 'use strict';
		var debug = (0, _debug2.default)('feathers-authentication:oauth2');

		// Provider specific config
		var defaults = {
		successRedirect: '/auth/success',
		passwordField: 'password',
		userEndpoint: '/users',
		tokenEndpoint: '/auth/token',
		passReqToCallback: true,
		@@ -72,0 +70,0 @@ callbackSuffix: 'callback',

lib/services/token/index.js

		@@ -60,6 +60,6 @@ 'use strict';
		var debug = (0, _debug2.default)('feathers-authentication:token');

		// Provider specific config
		var defaults = {
		userEndpoint: '/users',
		passwordField: 'password',
		tokenEndpoint: '/auth/token',
		issuer: 'feathers',
		@@ -66,0 +66,0 @@ algorithms: ['HS256'],

package.json

		{
		"name": "feathers-authentication",
		"description": "Add Authentication to your FeathersJS app.",
		"version": "0.2.4",
		"version": "0.3.1",
		"homepage": "https://github.com/feathersjs/feathers-authentication",
		@@ -6,0 +6,0 @@ "main": "lib/",

README.md

		@@ -115,2 +115,6 @@ # feathers-authentication

		### 0.3.1

		- Fix `toLowerCase` hook ([#74](https://github.com/feathersjs/feathers-authentication/issues/74))

		### 0.2.2
		@@ -117,0 +121,0 @@

feathers-authentication - npm Package Compare versions

Fixed alerts

Improved metrics