hapi-auth-cookie
Advanced tools
Comparing version 7.0.0 to 7.1.0
@@ -37,3 +37,3 @@ 'use strict'; | ||
redirectTo: Joi.alternatives(Joi.string(), Joi.func()).allow(false), | ||
appendNext: Joi.alternatives(Joi.string(), Joi.boolean()).default(false), | ||
appendNext: Joi.alternatives(Joi.string(), Joi.boolean(), Joi.object({ raw: Joi.boolean(), name: Joi.string() })).default(false), | ||
redirectOnTry: Joi.boolean().default(true), | ||
@@ -75,2 +75,7 @@ validateFunc: Joi.func(), | ||
if (typeof settings.appendNext === 'object') { | ||
settings.appendNextRaw = settings.appendNext.raw; | ||
settings.appendNext = settings.appendNext.name || 'next'; | ||
} | ||
server.state(settings.cookie, cookieOptions); | ||
@@ -215,3 +220,8 @@ | ||
uri += settings.appendNext + '=' + encodeURIComponent(request.url.path); | ||
if (settings.appendNextRaw) { | ||
uri += settings.appendNext + '=' + encodeURIComponent(request.raw.req.url); | ||
} | ||
else { | ||
uri += settings.appendNext + '=' + encodeURIComponent(request.url.path); | ||
} | ||
} | ||
@@ -218,0 +228,0 @@ |
{ | ||
"name": "hapi-auth-cookie", | ||
"description": "Cookie authentication plugin", | ||
"version": "7.0.0", | ||
"version": "7.1.0", | ||
"repository": "git://github.com/hapijs/hapi-auth-cookie", | ||
@@ -6,0 +6,0 @@ "main": "lib/index.js", |
@@ -41,5 +41,10 @@ ### hapi-auth-cookie | ||
Defaults to no redirection. | ||
- `appendNext` - if `true` and `redirectTo` is `true`, appends the current request path to the | ||
query component of the `redirectTo` URI using the parameter name `'next'`. Set to a string to use | ||
a different parameter name. Defaults to `false`. | ||
- `appendNext` - if `redirectTo` is `true`, can be a boolean, string, or object. Defaults to `false`. | ||
- if set to `true`, a string, or an object, appends the current request path to the query component | ||
of the `redirectTo` URI | ||
- set to a string value or set the `name` property in an object to define the parameter name. | ||
defaults to `'next'` | ||
- set the `raw` property of the object to `true` to determine the current request path based on | ||
the raw node.js request object received from the HTTP server callback instead of the processed | ||
hapi request object | ||
- `redirectOnTry` - if `false` and route authentication mode is `'try'`, authentication errors will | ||
@@ -46,0 +51,0 @@ not trigger a redirection. Requires **hapi** version 6.2.0 or newer. Defaults to `true`; |
@@ -1572,2 +1572,110 @@ 'use strict'; | ||
it('uses the updated path by default when onRequest re-routes', (done) => { | ||
const server = new Hapi.Server(); | ||
server.connection(); | ||
server.register(require('../'), (err) => { | ||
expect(err).to.not.exist(); | ||
server.auth.strategy('default', 'cookie', true, { | ||
password: 'password-should-be-32-characters', | ||
ttl: 60 * 1000, | ||
redirectTo: 'http://example.com/login?mode=1', | ||
appendNext: true | ||
}); | ||
server.route({ | ||
method: 'GET', path: '/', handler: function (request, reply) { | ||
return reply('never'); | ||
} | ||
}); | ||
server.ext('onRequest', (request, reply) => { | ||
request.setUrl('/'); | ||
reply.continue(); | ||
}); | ||
server.inject('/foo?bar=baz', (res) => { | ||
expect(res.statusCode).to.equal(302); | ||
expect(res.headers.location).to.equal('http://example.com/login?mode=1&next=%2F'); | ||
done(); | ||
}); | ||
}); | ||
}); | ||
it('retains the original path for appendNext when onRequest re-routes when raw is set to true', (done) => { | ||
const server = new Hapi.Server(); | ||
server.connection(); | ||
server.register(require('../'), (err) => { | ||
expect(err).to.not.exist(); | ||
server.auth.strategy('default', 'cookie', true, { | ||
password: 'password-should-be-32-characters', | ||
ttl: 60 * 1000, | ||
redirectTo: 'http://example.com/login?mode=1', | ||
appendNext: { raw: true } | ||
}); | ||
server.route({ | ||
method: 'GET', path: '/', handler: function (request, reply) { | ||
return reply('never'); | ||
} | ||
}); | ||
server.ext('onRequest', (request, reply) => { | ||
request.setUrl('/'); | ||
reply.continue(); | ||
}); | ||
server.inject('/foo?bar=baz', (res) => { | ||
expect(res.statusCode).to.equal(302); | ||
expect(res.headers.location).to.equal('http://example.com/login?mode=1&next=%2Ffoo%3Fbar%3Dbaz'); | ||
done(); | ||
}); | ||
}); | ||
}); | ||
it('sets the appendNext parameter to the value defined within the object', (done) => { | ||
const server = new Hapi.Server(); | ||
server.connection(); | ||
server.register(require('../'), (err) => { | ||
expect(err).to.not.exist(); | ||
server.auth.strategy('default', 'cookie', true, { | ||
password: 'password-should-be-32-characters', | ||
ttl: 60 * 1000, | ||
redirectTo: 'http://example.com/login?mode=1', | ||
appendNext: { name: 'return_to' } | ||
}); | ||
server.route({ | ||
method: 'GET', path: '/foo', handler: function (request, reply) { | ||
return reply('never'); | ||
} | ||
}); | ||
server.inject('/foo?bar=baz', (res) => { | ||
expect(res.statusCode).to.equal(302); | ||
expect(res.headers.location).to.equal('http://example.com/login?mode=1&return_to=%2Ffoo%3Fbar%3Dbaz'); | ||
done(); | ||
}); | ||
}); | ||
}); | ||
it('appends the custom query when appendNext is string', (done) => { | ||
@@ -1574,0 +1682,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
84152
1632
210
0
8