hapi-auth-cookie - npm Package Compare versions

Comparing version 8.1.0 to 9.0.0

lib/index.js

		@@ -35,3 +35,2 @@ 'use strict';
		appendNext: Joi.alternatives(Joi.string(), Joi.boolean()).default(false),
		redirectOnTry: Joi.boolean().default(true),
		validateFunc: Joi.func(),
		@@ -201,8 +200,2 @@ requestDecoratorName: Joi.string().default('cookieAuth'),

		if (settings.redirectOnTry === false && // Defaults to true
		request.auth.mode === 'try') {

		return h.unauthenticated(err);
		}

		let redirectTo = settings.redirectTo;
		@@ -217,3 +210,3 @@ if (request.route.settings.plugins['hapi-auth-cookie'] &&

		if (!uri) {
		if (!uri \|\| request.auth.mode !== 'required') {
		return h.unauthenticated(err);
		@@ -220,0 +213,0 @@ }

package.json

		{
		"name": "hapi-auth-cookie",
		"description": "Cookie authentication plugin",
		"version": "8.1.0",
		"version": "9.0.0",
		"repository": "git://github.com/hapijs/hapi-auth-cookie",
		@@ -6,0 +6,0 @@ "main": "lib/index.js",

README.md

		@@ -36,6 +36,5 @@ ### hapi-auth-cookie
		- `isHttpOnly` - if `false`, the cookie will not include the 'HttpOnly' flag. Defaults to `true`.
		- `redirectTo` - optional login URI or function `function(request)` that returns a URI to redirect unauthenticated requests to. Note that using
		`redirectTo` with authentication mode `'try'` will cause the protected endpoint to always
		redirect, voiding `'try'` mode. To set an individual route to use or disable redirections, use
		the route `plugins` config (`{ options: { plugins: { 'hapi-auth-cookie': { redirectTo: false } } } }`).
		- `redirectTo` - optional login URI or function `function(request)` that returns a URI to redirect unauthenticated requests to. Note that it will only
		trigger when the authentication mode is `'required'`. To enable or disable redirections for a specific route,
		set the route `plugins` config (`{ options: { plugins: { 'hapi-auth-cookie': { redirectTo: false } } } }`).
		Defaults to no redirection.
		@@ -45,4 +44,2 @@ - `appendNext` - if `true` and `redirectTo` is `true`, appends the current request path to the
		a different parameter name. Defaults to `false`.
		- `redirectOnTry` - if `false` and route authentication mode is `'try'`, authentication errors will
		not trigger a redirection. Defaults to `true`;
		- `async validateFunc` - an optional session validation function used to validate the content of the
		@@ -49,0 +46,0 @@ session cookie on each request. Used to verify that the internal session state is still valid

test/index.js

		@@ -406,5 +406,5 @@ 'use strict';
		return {
		authenticate: (request, reply) => {
		authenticate: (request, h) => {

		return reply.authenticated({ credentials: { user: 'bogus-user' } });
		return h.authenticated({ credentials: { user: 'bogus-user' } });
		}
		@@ -435,6 +435,6 @@ };
		config: {
		handler: function (request, reply) {
		handler: function (request, h) {

		request.cookieAuth.set({ user: request.params.user });
		return reply.response(request.params.user);
		return h.response(request.params.user);
		}
		@@ -448,5 +448,5 @@ }
		auth: { mode: 'required', strategies: ['first', 'second'] },
		handler: function (request, reply) {
		handler: function (request, h) {

		return reply.response('valid-resource');
		return h.response('valid-resource');
		}
		@@ -1247,3 +1247,3 @@ }

		it('skips when redirectOnTry is false in try mode', async () => {
		it('sends to login page (uri with query)', async () => {

		@@ -1256,17 +1256,11 @@ const server = Hapi.server();
		ttl: 60 * 1000,
		redirectOnTry: false,
		redirectTo: 'http://example.com/login',
		redirectTo: 'http://example.com/login?mode=1',
		appendNext: true
		});
		server.auth.default({
		mode: 'try',
		strategy: 'default'
		});
		server.auth.default('default');

		server.route({
		method: 'GET',
		path: '/',
		handler: function (request, h) {
		method: 'GET', path: '/', handler: function () {

		return h.response(request.auth.isAuthenticated);
		return 'never';
		}
		@@ -1277,7 +1271,7 @@ });

		expect(res.statusCode).to.equal(200);
		expect(res.result).to.equal(false);
		expect(res.statusCode).to.equal(302);
		expect(res.headers.location).to.equal('http://example.com/login?mode=1&next=%2F');
		});

		it('sends to login page (uri with query)', async () => {
		it('sends to login page and does not append the next query when appendNext is false', async () => {

		@@ -1291,3 +1285,3 @@ const server = Hapi.server();
		redirectTo: 'http://example.com/login?mode=1',
		appendNext: true
		appendNext: false
		});
		@@ -1297,5 +1291,5 @@ server.auth.default('default');
		server.route({
		method: 'GET', path: '/', handler: function (request, reply) {
		method: 'GET', path: '/', handler: function (request, h) {

		return reply('never');
		return h.response('never');
		}
		@@ -1307,6 +1301,6 @@ });
		expect(res.statusCode).to.equal(302);
		expect(res.headers.location).to.equal('http://example.com/login?mode=1&next=%2F');
		expect(res.headers.location).to.equal('http://example.com/login?mode=1');
		});

		it('sends to login page and does not append the next query when appendNext is false', async () => {
		it('appends the custom query when appendNext is string', async () => {

		@@ -1320,3 +1314,3 @@ const server = Hapi.server();
		redirectTo: 'http://example.com/login?mode=1',
		appendNext: false
		appendNext: 'done'
		});
		@@ -1335,6 +1329,6 @@ server.auth.default('default');
		expect(res.statusCode).to.equal(302);
		expect(res.headers.location).to.equal('http://example.com/login?mode=1');
		expect(res.headers.location).to.equal('http://example.com/login?mode=1&done=%2F');
		});

		it('appends the custom query when appendNext is string', async () => {
		it('redirect for required mode', async () => {

		@@ -1347,4 +1341,4 @@ const server = Hapi.server();
		ttl: 60 * 1000,
		redirectTo: 'http://example.com/login?mode=1',
		appendNext: 'done'
		redirectTo: 'http://example.com/login',
		appendNext: true
		});
		@@ -1354,5 +1348,5 @@ server.auth.default('default');
		server.route({
		method: 'GET', path: '/', handler: function (request, h) {
		method: 'GET', path: '/', config: { auth: { mode: 'required' } }, handler: function (request, h) {

		return h.response('never');
		return h.response('required');
		}
		@@ -1364,6 +1358,6 @@ });
		expect(res.statusCode).to.equal(302);
		expect(res.headers.location).to.equal('http://example.com/login?mode=1&done=%2F');
		expect(res.headers.location).to.equal('http://example.com/login?next=%2F');
		});

		it('redirect on try', async () => {
		it('skips redirect for try mode', async () => {

		@@ -1390,4 +1384,29 @@ const server = Hapi.server();

		expect(res.statusCode).to.equal(302);
		expect(res.statusCode).to.equal(200);
		});

		it('skips redirect for optional mode', async () => {

		const server = Hapi.server();
		await server.register(require('../'));

		server.auth.strategy('default', 'cookie', {
		password: 'password-should-be-32-characters',
		ttl: 60 * 1000,
		redirectTo: 'http://example.com/login',
		appendNext: true
		});
		server.auth.default('default');

		server.route({
		method: 'GET', path: '/', config: { auth: { mode: 'optional' } }, handler: function (request, h) {

		return h.response('optional');
		}
		});

		const res = await server.inject('/');

		expect(res.statusCode).to.equal(200);
		});
		});
		@@ -1394,0 +1413,0 @@

hapi-auth-cookie - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics