passport - npm Package Compare versions

Comparing version 0.1.10 to 0.1.11

lib/passport/index.js

@@ -23,2 +23,3 @@ /**
   this._deserializers = [];
+  this._infoTransformers = [];
   
@@ -293,2 +294,81 @@ this._userProperty = 'user';
 /**
+ * Registers a function used to transform auth info.
+ *
+ * In some circumstances authorization details are contained in authentication
+ * credentials or loaded as part of verification.
+ *
+ * For example, when using bearer tokens for API authentication, the tokens may
+ * encode (either directly or indirectly in a database), details such as scope
+ * of access or the client to which the token was issued.
+ *
+ * Such authorization details should be enforced separately from authentication.
+ * Because Passport deals only with the latter, this is the responsiblity of
+ * middleware or routes further along the chain.  However, it is not optimal to
+ * decode the same data or execute the same database query later.  To avoid
+ * this, Passport accepts optional `info` along with the authenticated `user`
+ * in a strategy's `success()` action.  This info is set at `req.authInfo`,
+ * where said later middlware or routes can access it.
+ *
+ * Optionally, applications can register transforms to proccess this info,
+ * which take effect prior to `req.authInfo` being set.  This is useful, for
+ * example, when the info contains a client ID.  The transform can load the
+ * client from the database and include the instance in the transformed info,
+ * allowing the full set of client properties to be convieniently accessed.
+ *
+ * If no transforms are registered, `info` supplied by the strategy will be left
+ * unmodified.
+ *
+ * Examples:
+ *
+ *     passport.transformAuthInfo(function(info, done) {
+ *       Client.findById(info.clientID, function (err, client) {
+ *         info.client = client;
+ *         done(err, info);
+ *       });
+ *     });
+ *
+ * @api public
+ */
+Passport.prototype.transformAuthInfo = function(fn, done) {
+  if (typeof fn === 'function') {
+    return this._infoTransformers.push(fn);
+  }
+  
+  // private implementation that traverses the chain of transformers,
+  // attempting to transform auth info
+  var info = fn;
+  
+  var stack = this._infoTransformers;
+  (function pass(i, err, tinfo) {
+    // transformers use 'pass' as an error to skip processing
+    if ('pass' === err) {
+      err = undefined;
+    }
+    // an error or transformed info was obtained, done
+    if (err || tinfo) { return done(err, tinfo); }
+    
+    var layer = stack[i];
+    if (!layer) {
+      // if no transformers are registered (or they all pass), the default
+      // behavior is to use the un-transformed info as-is
+      return done(null, info);
+    }
+    
+    try {
+      var arity = layer.length;
+      if (arity == 1) {
+        // sync
+        var t = layer(info);
+        pass(i + 1, null, t);
+      } else {
+        // async
+        layer(info, function(e, t) { pass(i + 1, e, t); } )
+      }
+    } catch(e) {
+      return done(e);
+    }
+  })(0);
+}
+
+/**
  * Return strategy with given `name`. 
@@ -295,0 +375,0 @@ *

lib/passport/middleware/authenticate.js

@@ -96,6 +96,26 @@ /**
         if (err) { return next(err); }
-        if (options.successRedirect) {
-          return res.redirect(options.successRedirect);
+        if (options.authInfo || options.authInfo === undefined) {
+          passport.transformAuthInfo(info, function(err, tinfo) {
+            if (err) { return next(err); }
+            req.authInfo = tinfo;
+            complete();
+          });
+        } else {
+          complete();
         }
-        next();
+        
+        function complete() {
+          if (options.successReturnToOrRedirect) {
+            var url = options.successReturnToOrRedirect;
+            if (req.session && req.session.returnTo) {
+              url = req.session.returnTo;
+              delete req.session.returnTo;
+            }
+            return res.redirect(url);
+          }
+          if (options.successRedirect) {
+            return res.redirect(options.successRedirect);
+          }
+          next();
+        }
       });
@@ -102,0 +122,0 @@ }

package.json

 {
   "name": "passport",
-  "version": "0.1.10",
+  "version": "0.1.11",
   "description": "Simple, unobtrusive authentication for Node.js.",
@@ -5,0 +5,0 @@ "author": { "name": "Jared Hanson", "email": "jaredhanson@gmail.com", "url": "http://www.jaredhanson.net/" },

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

28074

increased by14.03%

Lines of code

851

increased by12.42%

No dependency changes