mirror of https://gitee.com/bigwinds/arangodb
De-IIFE users and simple-auth.
This commit is contained in:
parent
d715ba6707
commit
178839ef0d
|
@ -1,28 +1,26 @@
|
|||
/*global applicationContext */
|
||||
(function () {
|
||||
'use strict';
|
||||
var crypto = require('org/arangodb/crypto'),
|
||||
cfg = applicationContext.configuration;
|
||||
'use strict';
|
||||
var crypto = require('org/arangodb/crypto'),
|
||||
cfg = applicationContext.configuration;
|
||||
|
||||
function verifyPassword(authData, password) {
|
||||
if (!authData) {
|
||||
authData = {};
|
||||
}
|
||||
var hashMethod = authData.method || cfg.hashMethod,
|
||||
salt = authData.salt || '',
|
||||
storedHash = authData.hash || '',
|
||||
generatedHash = crypto[hashMethod](salt + password);
|
||||
// non-lazy comparison to avoid timing attacks
|
||||
return crypto.constantEquals(storedHash, generatedHash);
|
||||
function verifyPassword(authData, password) {
|
||||
if (!authData) {
|
||||
authData = {};
|
||||
}
|
||||
var hashMethod = authData.method || cfg.hashMethod,
|
||||
salt = authData.salt || '',
|
||||
storedHash = authData.hash || '',
|
||||
generatedHash = crypto[hashMethod](salt + password);
|
||||
// non-lazy comparison to avoid timing attacks
|
||||
return crypto.constantEquals(storedHash, generatedHash);
|
||||
}
|
||||
|
||||
function hashPassword(password) {
|
||||
var hashMethod = cfg.hashMethod,
|
||||
salt = crypto.genRandomAlphaNumbers(cfg.saltLength),
|
||||
hash = crypto[hashMethod](salt + password);
|
||||
return {method: hashMethod, salt: salt, hash: hash};
|
||||
}
|
||||
function hashPassword(password) {
|
||||
var hashMethod = cfg.hashMethod,
|
||||
salt = crypto.genRandomAlphaNumbers(cfg.saltLength),
|
||||
hash = crypto[hashMethod](salt + password);
|
||||
return {method: hashMethod, salt: salt, hash: hash};
|
||||
}
|
||||
|
||||
exports.verifyPassword = verifyPassword;
|
||||
exports.hashPassword = hashPassword;
|
||||
}());
|
||||
exports.verifyPassword = verifyPassword;
|
||||
exports.hashPassword = hashPassword;
|
||||
|
|
|
@ -1,153 +1,152 @@
|
|||
/*global applicationContext */
|
||||
(function () {
|
||||
'use strict';
|
||||
var _ = require('underscore'),
|
||||
joi = require('joi'),
|
||||
arangodb = require('org/arangodb'),
|
||||
db = arangodb.db,
|
||||
Foxx = require('org/arangodb/foxx'),
|
||||
errors = require('./errors'),
|
||||
User = Foxx.Model.extend({
|
||||
schema: {
|
||||
user: joi.string().required(),
|
||||
authData: joi.object().required(),
|
||||
userData: joi.object().required()
|
||||
}
|
||||
}),
|
||||
users;
|
||||
'use strict';
|
||||
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
users = new Foxx.Repository(
|
||||
db._collection('_users'),
|
||||
{model: User}
|
||||
);
|
||||
} else {
|
||||
users = new Foxx.Repository(
|
||||
applicationContext.collection('users'),
|
||||
{model: User}
|
||||
);
|
||||
}
|
||||
var _ = require('underscore'),
|
||||
joi = require('joi'),
|
||||
arangodb = require('org/arangodb'),
|
||||
db = arangodb.db,
|
||||
Foxx = require('org/arangodb/foxx'),
|
||||
errors = require('./errors'),
|
||||
User = Foxx.Model.extend({
|
||||
schema: {
|
||||
user: joi.string().required(),
|
||||
authData: joi.object().required(),
|
||||
userData: joi.object().required()
|
||||
}
|
||||
}),
|
||||
users;
|
||||
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
users = new Foxx.Repository(
|
||||
db._collection('_users'),
|
||||
{model: User}
|
||||
);
|
||||
} else {
|
||||
users = new Foxx.Repository(
|
||||
applicationContext.collection('users'),
|
||||
{model: User}
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
function resolve(username) {
|
||||
var user = users.firstExample({user: username});
|
||||
if (!user.get('_key')) {
|
||||
return null;
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
function listUsers() {
|
||||
return users.collection.all().toArray().map(function (user) {
|
||||
return user.user;
|
||||
}).filter(Boolean);
|
||||
}
|
||||
|
||||
function createUser(username, userData, authData) {
|
||||
if (!userData) {
|
||||
userData = {};
|
||||
}
|
||||
if (!authData) {
|
||||
authData = {};
|
||||
}
|
||||
if (
|
||||
applicationContext.mount.indexOf('/_system/') === 0
|
||||
&& !authData.hasOwnProperty('active')
|
||||
) {
|
||||
authData.active = true;
|
||||
}
|
||||
|
||||
if (!username) {
|
||||
throw new Error('Must provide username!');
|
||||
}
|
||||
var user;
|
||||
db._executeTransaction({
|
||||
collections: {
|
||||
read: [users.collection.name()],
|
||||
write: [users.collection.name()]
|
||||
},
|
||||
action: function () {
|
||||
if (resolve(username)) {
|
||||
throw new errors.UsernameNotAvailable(username);
|
||||
}
|
||||
user = new User({
|
||||
user: username,
|
||||
userData: userData,
|
||||
authData: authData
|
||||
});
|
||||
users.save(user);
|
||||
}
|
||||
});
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
require('org/arangodb/users').reload();
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
function getUser(uid) {
|
||||
var user;
|
||||
try {
|
||||
user = users.byId(uid);
|
||||
} catch (err) {
|
||||
if (
|
||||
err instanceof arangodb.ArangoError
|
||||
&& err.errorNum === arangodb.ERROR_ARANGO_DOCUMENT_NOT_FOUND
|
||||
) {
|
||||
throw new errors.UserNotFound(uid);
|
||||
}
|
||||
throw err;
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
function deleteUser(uid) {
|
||||
try {
|
||||
users.removeById(uid);
|
||||
} catch (err) {
|
||||
if (
|
||||
err instanceof arangodb.ArangoError
|
||||
&& err.errorNum === arangodb.ERROR_ARANGO_DOCUMENT_NOT_FOUND
|
||||
) {
|
||||
throw new errors.UserNotFound(uid);
|
||||
}
|
||||
throw err;
|
||||
}
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
require('org/arangodb/users').reload();
|
||||
}
|
||||
function resolve(username) {
|
||||
var user = users.firstExample({user: username});
|
||||
if (!user.get('_key')) {
|
||||
return null;
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
_.extend(User.prototype, {
|
||||
save: function () {
|
||||
var user = this;
|
||||
users.replace(user);
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
require('org/arangodb/users').reload();
|
||||
}
|
||||
return user;
|
||||
function listUsers() {
|
||||
return users.collection.all().toArray().map(function (user) {
|
||||
return user.user;
|
||||
}).filter(Boolean);
|
||||
}
|
||||
|
||||
function createUser(username, userData, authData) {
|
||||
if (!userData) {
|
||||
userData = {};
|
||||
}
|
||||
if (!authData) {
|
||||
authData = {};
|
||||
}
|
||||
if (
|
||||
applicationContext.mount.indexOf('/_system/') === 0
|
||||
&& !authData.hasOwnProperty('active')
|
||||
) {
|
||||
authData.active = true;
|
||||
}
|
||||
|
||||
if (!username) {
|
||||
throw new Error('Must provide username!');
|
||||
}
|
||||
var user;
|
||||
db._executeTransaction({
|
||||
collections: {
|
||||
read: [users.collection.name()],
|
||||
write: [users.collection.name()]
|
||||
},
|
||||
delete: function () {
|
||||
try {
|
||||
deleteUser(this.get('_key'));
|
||||
} catch (e) {
|
||||
if (e instanceof errors.UserNotFound) {
|
||||
return false;
|
||||
}
|
||||
throw e;
|
||||
action: function () {
|
||||
if (resolve(username)) {
|
||||
throw new errors.UsernameNotAvailable(username);
|
||||
}
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
require('org/arangodb/users').reload();
|
||||
}
|
||||
return true;
|
||||
user = new User({
|
||||
user: username,
|
||||
userData: userData,
|
||||
authData: authData
|
||||
});
|
||||
users.save(user);
|
||||
}
|
||||
});
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
require('org/arangodb/users').reload();
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
exports.resolve = resolve;
|
||||
exports.list = listUsers;
|
||||
exports.create = createUser;
|
||||
exports.get = getUser;
|
||||
exports.delete = deleteUser;
|
||||
exports.errors = errors;
|
||||
exports.repository = users;
|
||||
}());
|
||||
function getUser(uid) {
|
||||
var user;
|
||||
try {
|
||||
user = users.byId(uid);
|
||||
} catch (err) {
|
||||
if (
|
||||
err instanceof arangodb.ArangoError
|
||||
&& err.errorNum === arangodb.ERROR_ARANGO_DOCUMENT_NOT_FOUND
|
||||
) {
|
||||
throw new errors.UserNotFound(uid);
|
||||
}
|
||||
throw err;
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
function deleteUser(uid) {
|
||||
try {
|
||||
users.removeById(uid);
|
||||
} catch (err) {
|
||||
if (
|
||||
err instanceof arangodb.ArangoError
|
||||
&& err.errorNum === arangodb.ERROR_ARANGO_DOCUMENT_NOT_FOUND
|
||||
) {
|
||||
throw new errors.UserNotFound(uid);
|
||||
}
|
||||
throw err;
|
||||
}
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
require('org/arangodb/users').reload();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
_.extend(User.prototype, {
|
||||
save: function () {
|
||||
var user = this;
|
||||
users.replace(user);
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
require('org/arangodb/users').reload();
|
||||
}
|
||||
return user;
|
||||
},
|
||||
delete: function () {
|
||||
try {
|
||||
deleteUser(this.get('_key'));
|
||||
} catch (e) {
|
||||
if (e instanceof errors.UserNotFound) {
|
||||
return false;
|
||||
}
|
||||
throw e;
|
||||
}
|
||||
if (applicationContext.mount.indexOf('/_system/') === 0) {
|
||||
require('org/arangodb/users').reload();
|
||||
}
|
||||
return true;
|
||||
}
|
||||
});
|
||||
|
||||
exports.resolve = resolve;
|
||||
exports.list = listUsers;
|
||||
exports.create = createUser;
|
||||
exports.get = getUser;
|
||||
exports.delete = deleteUser;
|
||||
exports.errors = errors;
|
||||
exports.repository = users;
|
||||
|
|
Loading…
Reference in New Issue