Comparing version 0.1.10 to 0.1.11
@@ -23,2 +23,3 @@ /** | ||
this._deserializers = []; | ||
this._infoTransformers = []; | ||
@@ -293,2 +294,81 @@ this._userProperty = 'user'; | ||
/** | ||
* Registers a function used to transform auth info. | ||
* | ||
* In some circumstances authorization details are contained in authentication | ||
* credentials or loaded as part of verification. | ||
* | ||
* For example, when using bearer tokens for API authentication, the tokens may | ||
* encode (either directly or indirectly in a database), details such as scope | ||
* of access or the client to which the token was issued. | ||
* | ||
* Such authorization details should be enforced separately from authentication. | ||
* Because Passport deals only with the latter, this is the responsiblity of | ||
* middleware or routes further along the chain. However, it is not optimal to | ||
* decode the same data or execute the same database query later. To avoid | ||
* this, Passport accepts optional `info` along with the authenticated `user` | ||
* in a strategy's `success()` action. This info is set at `req.authInfo`, | ||
* where said later middlware or routes can access it. | ||
* | ||
* Optionally, applications can register transforms to proccess this info, | ||
* which take effect prior to `req.authInfo` being set. This is useful, for | ||
* example, when the info contains a client ID. The transform can load the | ||
* client from the database and include the instance in the transformed info, | ||
* allowing the full set of client properties to be convieniently accessed. | ||
* | ||
* If no transforms are registered, `info` supplied by the strategy will be left | ||
* unmodified. | ||
* | ||
* Examples: | ||
* | ||
* passport.transformAuthInfo(function(info, done) { | ||
* Client.findById(info.clientID, function (err, client) { | ||
* info.client = client; | ||
* done(err, info); | ||
* }); | ||
* }); | ||
* | ||
* @api public | ||
*/ | ||
Passport.prototype.transformAuthInfo = function(fn, done) { | ||
if (typeof fn === 'function') { | ||
return this._infoTransformers.push(fn); | ||
} | ||
// private implementation that traverses the chain of transformers, | ||
// attempting to transform auth info | ||
var info = fn; | ||
var stack = this._infoTransformers; | ||
(function pass(i, err, tinfo) { | ||
// transformers use 'pass' as an error to skip processing | ||
if ('pass' === err) { | ||
err = undefined; | ||
} | ||
// an error or transformed info was obtained, done | ||
if (err || tinfo) { return done(err, tinfo); } | ||
var layer = stack[i]; | ||
if (!layer) { | ||
// if no transformers are registered (or they all pass), the default | ||
// behavior is to use the un-transformed info as-is | ||
return done(null, info); | ||
} | ||
try { | ||
var arity = layer.length; | ||
if (arity == 1) { | ||
// sync | ||
var t = layer(info); | ||
pass(i + 1, null, t); | ||
} else { | ||
// async | ||
layer(info, function(e, t) { pass(i + 1, e, t); } ) | ||
} | ||
} catch(e) { | ||
return done(e); | ||
} | ||
})(0); | ||
} | ||
/** | ||
* Return strategy with given `name`. | ||
@@ -295,0 +375,0 @@ * |
@@ -96,6 +96,26 @@ /** | ||
if (err) { return next(err); } | ||
if (options.successRedirect) { | ||
return res.redirect(options.successRedirect); | ||
if (options.authInfo || options.authInfo === undefined) { | ||
passport.transformAuthInfo(info, function(err, tinfo) { | ||
if (err) { return next(err); } | ||
req.authInfo = tinfo; | ||
complete(); | ||
}); | ||
} else { | ||
complete(); | ||
} | ||
next(); | ||
function complete() { | ||
if (options.successReturnToOrRedirect) { | ||
var url = options.successReturnToOrRedirect; | ||
if (req.session && req.session.returnTo) { | ||
url = req.session.returnTo; | ||
delete req.session.returnTo; | ||
} | ||
return res.redirect(url); | ||
} | ||
if (options.successRedirect) { | ||
return res.redirect(options.successRedirect); | ||
} | ||
next(); | ||
} | ||
}); | ||
@@ -102,0 +122,0 @@ } |
{ | ||
"name": "passport", | ||
"version": "0.1.10", | ||
"version": "0.1.11", | ||
"description": "Simple, unobtrusive authentication for Node.js.", | ||
@@ -5,0 +5,0 @@ "author": { "name": "Jared Hanson", "email": "jaredhanson@gmail.com", "url": "http://www.jaredhanson.net/" }, |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
28074
851