		@@ -25,3 +25,9 @@ var feathers = require('feathers');
		// A simple Message service that we can used for testing
		.use('/messages', memory())
		.use('/messages', memory({
		paginate: {
		default: 5,
		max: 25
		}
		}))
		.use('/approved-messages', memory())
		.use('/', feathers.static(__dirname + '/public'))
		@@ -43,5 +49,36 @@ .use(errorHandler());

		var approvedMessageService = app.service('/approved-messages');
		approvedMessageService.create({text: 'A million people walk into a Silicon Valley bar', approved: false, author: 'James'}, {}, function(){});
		approvedMessageService.create({text: 'Nobody buys anything', approved: true, author: 'Todd'}, {}, function(){});
		approvedMessageService.create({text: 'Bar declared massive success', approved: true, author: 'James'}, {}, function(){});


		// Will merge this restriction with the query params
		var restriction = { restrict: {approved: true} };

		approvedMessageService.before({
		all: [
		// Necessary since restrict must always use find and hook id is a string when the memory service expects it as a number
		function(hook) {
		if(hook.id) {
		hook.id = parseInt(hook.id, 10);
		}
		}
		],
		find: [
		authentication.hooks.verifyOrRestrict(restriction),
		authentication.hooks.populateOrRestrict(restriction),
		authentication.hooks.hasRoleOrRestrict(Object.assign({roles: ['admin']}, restriction))
		],
		get: [
		authentication.hooks.verifyOrRestrict(restriction),
		authentication.hooks.populateOrRestrict(restriction),
		authentication.hooks.hasRoleOrRestrict(Object.assign({roles: ['admin']}, restriction))
		]
		})


		var userService = app.service('users');

		// Add a hook to the user service that automatically replaces
		// Add a hook to the user service that automatically replaces
		// the password with a hash of the password before saving it.
		@@ -55,3 +92,4 @@ userService.before({
		email: 'admin@feathersjs.com',
		password: 'admin'
		password: 'admin',
		roles: ['admin']
		};
		@@ -58,0 +96,0 @@

example/client.js

		@@ -22,3 +22,3 @@ // This is what a NodeJS client looks like
		console.log(`Successfully authenticated against ${host}!`, result);


		app.service('messages').find({}).then(function(data){
		@@ -30,4 +30,10 @@ console.log('messages', data);

		app.service('approved-messages').find({}).then(function(data){
		console.log('approvedMessages', data);
		}).catch(function(error){
		console.error('Error finding data', error);
		});

		}).catch(function(error){
		console.error('Error authenticating!', error);
		});

lib/client/index.js

		@@ -48,3 +48,5 @@ 'use strict';

		if (options.type === 'local') {
		if (options.endpoint) {
		endPoint = options.endpoint;
		} else if (options.type === 'local') {
		endPoint = config.localEndpoint;
		@@ -51,0 +53,0 @@ } else if (options.type === 'token') {

lib/hooks/index.js

		@@ -39,2 +39,14 @@ 'use strict';

		var _verifyOrRestrict = require('./verify-or-restrict');

		var _verifyOrRestrict2 = _interopRequireDefault(_verifyOrRestrict);

		var _populateOrRestrict = require('./populate-or-restrict');

		var _populateOrRestrict2 = _interopRequireDefault(_populateOrRestrict);

		var _hasRoleOrRestrict = require('./has-role-or-restrict');

		var _hasRoleOrRestrict2 = _interopRequireDefault(_hasRoleOrRestrict);

		function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
		@@ -50,3 +62,6 @@
		restrictToRoles: _restrictToRoles2.default,
		verifyToken: _verifyToken2.default
		verifyToken: _verifyToken2.default,
		verifyOrRestrict: _verifyOrRestrict2.default,
		populateOrRestrict: _populateOrRestrict2.default,
		hasRoleOrRestrict: _hasRoleOrRestrict2.default
		};
		@@ -53,0 +68,0 @@

lib/hooks/restrict-to-owner.js

		@@ -60,3 +60,10 @@ 'use strict';

		if (field === undefined \|\| field.toString() !== id.toString()) {
		if (Array.isArray(field)) {
		var fieldArray = field.map(function (idValue) {
		return idValue.toString();
		});
		if (fieldArray.length === 0 \|\| fieldArray.indexOf(id.toString()) < 0) {
		reject(new _feathersErrors2.default.Forbidden('You do not have the permissions to access this.'));
		}
		} else if (field === undefined \|\| field.toString() !== id.toString()) {
		reject(new _feathersErrors2.default.Forbidden('You do not have the permissions to access this.'));
		@@ -63,0 +70,0 @@ }

lib/hooks/restrict-to-roles.js

		@@ -82,3 +82,3 @@ 'use strict';

		// Handle nested Sequelize or Mongoose models
		// Handle nested Sequelize or Mongoose models
		if ((0, _lodash2.default)(field)) {
		@@ -85,0 +85,0 @@ field = field[options.idField];

lib/middleware/express.js

		@@ -103,3 +103,3 @@ 'use strict';

		// Check HTTPS and cookie status in production
		// Check HTTPS and cookie status in production
		if (!req.secure && process.env.NODE_ENV === 'production' && options.cookie.secure) {
		@@ -106,0 +106,0 @@ console.warn('WARN: Request isn\'t served through HTTPS: JWT in the cookie is exposed.');

lib/services/token.js

		@@ -87,3 +87,2 @@ 'use strict';
		*/
		// 1 day
		var _verifyToken = function _verifyToken() {
		@@ -90,0 +89,0 @@ var options = arguments.length <= 0 \|\| arguments[0] === undefined ? {} : arguments[0];

package.json

		{
		"name": "feathers-authentication",
		"description": "Add Authentication to your FeathersJS app.",
		"version": "0.7.9",
		"version": "0.7.10",
		"homepage": "https://github.com/feathersjs/feathers-authentication",
		@@ -58,3 +58,2 @@ "main": "lib/",
		"devDependencies": {
		"async": "^1.4.2",
		"babel-cli": "^6.1.18",
		@@ -74,3 +73,3 @@ "babel-core": "^6.1.21",
		"localstorage-memory": "^1.0.2",
		"mocha": "^2.5.0",
		"mocha": "^3.0.0",
		"nsp": "^2.2.0",
		@@ -77,0 +76,0 @@ "passport-facebook": "^2.1.0",

example/public/index.html

Sorry, the diff of this file is not supported yet

feathers-authentication - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics