http-permission-injection - npm Package Compare versions

Comparing version 1.1.5 to 1.1.6

index.js

		@@ -49,47 +49,56 @@ // Request module, used to perform remote api requests.
		injectPermissions: function(event){
		var cookie_prefix = this.cookie_prefix;
		if(!this.use_global_cookie_prefix){
		cookie_prefix = event.cookie_prefix;
		}

		if (cryptr == null){
		cryptr = new Cryptr(this.cookie_encryption_key);
		}
		// If 'user_secure_username_cookie' is set to true, get the username from a secure cookie.
		if(this.user_secure_username_cookie){
		try {
		var cookies = cookie.parse(event.request.headers.cookie);
		event.username = cryptr.decrypt(cookies[cookie_prefix + "username"]);
		}catch (err){
		try{
		var cookie_prefix = this.cookie_prefix;
		if(!this.use_global_cookie_prefix){
		cookie_prefix = event.cookie_prefix;
		}
		if(event.username){
		// Username is there
		}else{
		denied(event);
		}
		}
		var user_data = [];
		if (this.use_global_user_data) {
		user_data = this.user_data;
		}else{
		user_data = event.user_data;
		}
		var verified_user_object = null;
		if (typeof user_data == "string") {
		user_data = JSON.parse(user_data);
		}
		for (var i = 0; i < user_data.length; i++) {
		if(user_data[i].username == event.username.toLowerCase()){
		verified_user_object = user_data[i];
		break;

		if (cryptr == null){
		cryptr = new Cryptr(this.cookie_encryption_key);
		}
		}
		if(verified_user_object != null){
		if (typeof user_data == "object") {
		user_data = JSON.stringify(user_data);
		// If 'user_secure_username_cookie' is set to true, get the username from a secure cookie.
		if(this.user_secure_username_cookie){
		try {
		var cookies = cookie.parse(event.request.headers.cookie);
		event.username = cryptr.decrypt(cookies[cookie_prefix + "username"]);
		}catch (err){
		denied(event);
		}
		}
		event.permission_cookie = cryptr.encrypt(JSON.stringify(verified_user_object));
		event.cookie_expiry_minutes = this.cookie_expiry_minutes;
		event.cookie_prefix = cookie_prefix;
		event.cookie_path = this.cookie_path;
		approved(event);
		}else {
		var user_data = [];
		if (this.use_global_user_data) {
		user_data = this.user_data;
		}else{
		user_data = event.user_data;
		}
		var verified_user_object = null;
		if (typeof user_data == "string") {
		user_data = JSON.parse(user_data);
		}
		for (var i = 0; i < user_data.length; i++) {
		if(user_data[i].username == event.username.toLowerCase()){
		verified_user_object = user_data[i];
		break;
		}
		}
		if(verified_user_object != null){
		if (typeof user_data == "object") {
		user_data = JSON.stringify(user_data);
		}
		event.permission_cookie = cryptr.encrypt(JSON.stringify(verified_user_object));
		event.cookie_expiry_minutes = this.cookie_expiry_minutes;
		event.cookie_prefix = cookie_prefix;
		event.cookie_path = this.cookie_path;
		approved(event);
		}else {
		denied(event);
		}
		}catch (err){
		denied(event);
		}
		}
		},
		@@ -136,3 +145,3 @@
		function denied (event){
		event.response.writeHead(401, {
		event.response.writeHead(302, {
		'Content-Type': 'text/plain',
		@@ -139,0 +148,0 @@ "Location": event.denied_url

package.json

		{
		"name": "http-permission-injection",
		"version": "1.1.5",
		"version": "1.1.6",
		"description": "Inject and verify a users permissions coming form an http request, using local or remote resources for verification.",
		@@ -5,0 +5,0 @@ "main": "index.js",

README.md

		@@ -8,2 +8,4 @@ ## Introduction
		## Changelog
		#### v 1.1.6
		- Changed Access denied return code from 401 to 302.
		#### v 1.1.5
		@@ -10,0 +12,0 @@ - Minor bug fix.

http-permission-injection - npm Package Compare versions

Improved metrics