oauth20-provider
Advanced tools
oauth20-provider - npm Package Compare versions
Comparing version 0.3.1 to 0.3.3
@@ -42,2 +42,14 @@ var | ||
| /** | ||
| * Fetches accessToken object by userId-clientId pair | ||
| * Should be implemented with server logic | ||
| * | ||
| * @param userId {String} Unique identifier | ||
| * @param clientId {String} Unique identifier | ||
| * @param cb {Function} Function callback ->(error, object) | ||
| */ | ||
| module.exports.fetchByUserIdClientId = function(userId, clientId, cb) { | ||
| throw new error.serverError('accessToken model method "fetchByUserIdClientId" is not implemented'); | ||
| }; | ||
| /** | ||
| * Generates token | ||
@@ -44,0 +56,0 @@ */ |
@@ -11,3 +11,3 @@ var | ||
| req.oauth2.logger.debug('Response: ', data); | ||
| }; | ||
| } | ||
@@ -19,3 +19,3 @@ function redirect(req, res, redirectUri) { | ||
| req.oauth2.logger.debug('Redirect to: ', redirectUri); | ||
| }; | ||
| } | ||
@@ -32,6 +32,8 @@ module.exports.error = function(req, res, err, redirectUri) { | ||
| if (redirectUri) { | ||
| redirectUri += '?' + query.stringify({ | ||
| var obj = { | ||
| error: err.code, | ||
| error_description: err.message | ||
| }); | ||
| }; | ||
| if (req.query.state) obj.state = req.query.state; | ||
| redirectUri += '?' + query.stringify(obj); | ||
| redirect(req, res, redirectUri); | ||
@@ -49,2 +51,3 @@ } | ||
| redirectUri += (redirectUri.indexOf('?') == -1 ? '?' : '&'); | ||
| if (req.query.state) obj.state = req.query.state; | ||
| redirectUri += query.stringify(obj); | ||
@@ -51,0 +54,0 @@ redirect(req, res, redirectUri); |
| { | ||
| "name": "oauth20-provider", | ||
| "version": "0.3.1", | ||
| "version": "0.3.3", | ||
| "description": "OAuth 2.0 provider toolkit for nodeJS", | ||
@@ -5,0 +5,0 @@ "keywords": ["oauth", "oauth2", "provider", "server", "connect", "express", "middleware", "http", "api", "rest"], |
@@ -102,6 +102,10 @@ node-oauth20-provider | ||
| ```js | ||
| function isAuthorized(req, res, next) { | ||
| if (req.session.authorized) return next(); | ||
| res.redirect('/login?' + query.stringify({backUrl: req.url})); | ||
| } | ||
| function isUserAuthorized(req, res, next) { | ||
| if (req.session.authorized) next(); | ||
| else { | ||
| var params = req.query; | ||
| params.backUrl = req.path; | ||
| res.redirect('/login?' + query.stringify(params)); | ||
| } | ||
| }; | ||
| ``` | ||
@@ -120,3 +124,2 @@ | ||
| - Add refresh token TTL | ||
| - Implement proper "state" support | ||
| - Implement proper "TTL" support for accessToken and scope objects | ||
@@ -123,0 +126,0 @@ - Add MAC token type |
@@ -30,3 +30,7 @@ var TYPE = 'memory'; // Pg, redis, mongodb also available for example | ||
| if (req.session.authorized) next(); | ||
| else res.redirect('/login?' + query.stringify({ backUrl: req.url })); | ||
| else { | ||
| var params = req.query; | ||
| params.backUrl = req.path; | ||
| res.redirect('/login?' + query.stringify(params)); | ||
| } | ||
| }; | ||
@@ -49,4 +53,6 @@ | ||
| server.post('/login', function(req, res, next) { | ||
| var backUrl = req.query.backUrl ? req.query.backUrl : '/', | ||
| loginUrl = '/login?' + query.stringify({backUrl: backUrl}); | ||
| var backUrl = req.query.backUrl ? req.query.backUrl : '/'; | ||
| delete(req.query.backUrl); | ||
| backUrl += backUrl.indexOf('?') > -1 ? '&' : '?'; | ||
| backUrl += query.stringify(req.query); | ||
@@ -59,3 +65,3 @@ // Already logged in | ||
| if (err) next(err); | ||
| else if (!user || !model.oauth2.user.checkPassword(user, req.body.password)) res.redirect(loginUrl); | ||
| else if (!user || !model.oauth2.user.checkPassword(user, req.body.password)) res.redirect(req.url); | ||
| else { | ||
@@ -69,3 +75,3 @@ req.session.user = user; | ||
| // Please login | ||
| else res.redirect('/login?' + query.stringify({backUrl: backUrl})); | ||
| else res.redirect(req.url); | ||
| }); | ||
@@ -98,2 +104,2 @@ | ||
| start(); | ||
| }; | ||
| } |
@@ -7,3 +7,3 @@ var oauth20 = require('./../../lib'); | ||
| var model = require('./model')[type].oauth2; | ||
| var model = require('./model/' + type).oauth2; | ||
| if (!model) | ||
@@ -10,0 +10,0 @@ throw new Error('Unknown model type: ' + type); |
Sorry, the diff of this file is not supported yet
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by4.07%
136663
- Lines of code
- increased by0.77%
2100
- Number of lines in readme file
- increased by2.19%
140
Worsened metrics
- Number of package files
- decreased by-1.32%
75
- Number of low supply chain risk alerts
- increased by100%
2