New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
hapi-auth-jwt2
Advanced tools
hapi-auth-jwt2 - npm Package Compare versions
Comparing version 8.0.1 to 8.1.0
@@ -34,2 +34,12 @@ 'use strict'; | ||
| * isFunction checks if a given value is a function. | ||
| * @param {Object} objectToCheck - the object we want to check its type | ||
| * @returns {String} - returns the string of the object class | ||
| */ | ||
| internals.checkObjectType = function(objectToCheck) { | ||
| const toString = Object.prototype.toString; | ||
| return toString.call(objectToCheck); | ||
| }; | ||
| /** | ||
| * isFunction checks if a given value is a function. | ||
| * @param {Object} functionToCheck - the object we want to confirm is a function | ||
@@ -39,8 +49,6 @@ * @returns {Boolean} - true if the functionToCheck is a function. :-) | ||
| internals.isFunction = function(functionToCheck) { | ||
| let getType = {}; | ||
| return ( | ||
| functionToCheck && | ||
| (getType.toString.call(functionToCheck) === '[object Function]' || | ||
| getType.toString.call(functionToCheck) === '[object AsyncFunction]') | ||
| (internals.checkObjectType(functionToCheck) === '[object Function]' || | ||
| internals.checkObjectType(functionToCheck) === '[object AsyncFunction]') | ||
| ); | ||
@@ -239,6 +247,14 @@ }; | ||
| response: function(request, h) { | ||
| if (options.responseFunc && typeof options.responseFunc === 'function') { | ||
| const responseFunc = options.responseFunc; | ||
| if (responseFunc && typeof responseFunc === 'function') { | ||
| if ( | ||
| internals.checkObjectType(responseFunc) === '[object AsyncFunction]' | ||
| ) { | ||
| return responseFunc(request, h) | ||
| .then(() => h.continue) | ||
| .catch(err => raiseError('boomify', err)); | ||
| } | ||
| try { | ||
| // allow responseFunc to decorate or throw | ||
| options.responseFunc(request, h); | ||
| responseFunc(request, h); | ||
| } catch (err) { | ||
@@ -245,0 +261,0 @@ throw raiseError('boomify', err); |
| { | ||
| "name": "hapi-auth-jwt2", | ||
| "version": "8.0.1", | ||
| "version": "8.1.0", | ||
| "description": "Hapi.js Authentication Plugin/Scheme using JSON Web Tokens (JWT)", | ||
@@ -5,0 +5,0 @@ "main": "lib/index.js", |
@@ -192,3 +192,3 @@ # Hapi Auth using JSON Web Tokens (JWT) | ||
| - `request` - the request object. | ||
| - `reply(err, response)`- is called if an error occurred | ||
| - `h`- the response toolkit. | ||
| - `errorFunc` - (***optional*** *defaults to raising the error requested*) function called when an error has been raised. It provides an extension point to allow the host the ability to customise the error messages returned. Passed in object follows the following schema: | ||
@@ -195,0 +195,0 @@ - `errorContext.errorType` - ***required*** the `Boom` method to call (eg. unauthorized) |
@@ -44,2 +44,11 @@ const Hapi = require('hapi'); | ||
| const responseAsyncFunction = async function(req, h) { | ||
| await new Promise(resolve => setTimeout(() => resolve(), 200)); | ||
| if(req.headers.error === 'true') { | ||
| throw new Error('async failed'); | ||
| } else { | ||
| req.response.header('Authorization', 'from scheme response function'); | ||
| } | ||
| } | ||
| const init = async() => { | ||
@@ -58,2 +67,11 @@ | ||
| server.auth.strategy('asyncJwt', 'jwt', { | ||
| key: secret, | ||
| validate, | ||
| verifyOptions: { | ||
| algorithms: [ 'HS256' ] | ||
| }, // only allow HS256 algorithm | ||
| responseFunc: responseAsyncFunction | ||
| }); | ||
| server.route([ | ||
@@ -94,3 +112,11 @@ { | ||
| } | ||
| } | ||
| }, | ||
| { | ||
| method: 'POST', | ||
| path: '/async', | ||
| handler: sendToken, | ||
| config: { | ||
| auth: 'asyncJwt' | ||
| } | ||
| }, | ||
| ]); | ||
@@ -97,0 +123,0 @@ |
@@ -110,1 +110,32 @@ const test = require('tape'); | ||
| }); | ||
| test("Access restricted content (with VALID Token) and async response function", async function(t) { | ||
| // use the token as the 'authorization' header in requests | ||
| const token = JWT.sign({ id: 123, "name": "Charlie" }, secret); | ||
| const options = { | ||
| method: "POST", | ||
| url: "/async", | ||
| headers: { authorization: "Bearer " + token } | ||
| }; | ||
| const response = await server.inject(options); | ||
| t.equal(response.statusCode, 200, "VALID Token should succeed!"); | ||
| t.equal(response.headers.authorization, 'from scheme response function', 'Valid request should finish by calling async response function'); | ||
| t.end(); | ||
| }); | ||
| test("Testing an error thrown from the scheme\'s async response function", async function(t) { | ||
| // use the token as the 'authorization' header in requests | ||
| const token = JWT.sign({ id: 123, "name": "Charlie" }, secret); | ||
| const options = { | ||
| method: "POST", | ||
| url: "/async", | ||
| headers: { | ||
| authorization: "Bearer " + token, | ||
| error: 'true' | ||
| } | ||
| }; | ||
| const response = await server.inject(options); | ||
| t.equal(response.statusCode, 500, 'A server error happens in the scheme\'s response function'); | ||
| t.end(); | ||
| }); |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by1.83%
136325
- Lines of code
- increased by2.72%
2567
No dependency changes