Merge branch 'release/1.0.0'

[rbdr/dasein] / lib / handlers / auth.js

diff --git a/lib/handlers/auth.js b/lib/handlers/auth.js
index d16e15de24b17a3dfe2ce998bd05a0f80f5d69d6..1db9494dbd5f972039b9ae5ba380fa2e061511d5 100644 (file)
--- a/lib/handlers/auth.js
+++ b/lib/handlers/auth.js
@@ -1,41 +1,63 @@
 'use strict';
 
 const Co = require('co');
-const TwitterHelper = require('../twitter_helper');
 const JsonWebToken = require('jsonwebtoken');
 const Pify = require('pify');
+const TwitterHelper = require('../twitter_helper');
 
 const internals = {};
 
 internals.kRedirectUrl = 'https://api.twitter.com/oauth/authenticate?oauth_token=';
-internals.kMainLocation = '/';
+internals.kLoginRedirect = '/login';
 
 internals.signJsonWebToken = Pify(JsonWebToken.sign);
 
+/**
+ * Handles the HTTP requests for auth related operations.
+ *
+ * @class AuthHandler
+ * @param {Dasein.tConfiguration} config The configuration to
+ * initialize.
+ */
 module.exports = internals.AuthHandler = class AuthHandler {
 
   constructor(config) {
 
     this._twitterHelper = new TwitterHelper(config.twitter);
     this._jwtConfig = config.jwt;
-    this._hostname = config.hostname;
   }
 
+  /**
+   * Triggers the twitter login flow. Redirects to twitter's oauth
+   * request page
+   *
+   * @function login
+   * @memberof AuthHandler
+   * @instance
+   * @return {generator} a koa compatible handler generator function
+   */
   login() {
 
     const twitterHelper = this._twitterHelper;
 
     return function *handleLogin() {
 
-      if (this.state.user) {
-        return this.redirect(internals.kMainLocation);
-      }
-
       const requestToken = yield twitterHelper.getRequestToken();
-      this.redirect(`${internals.kRedirectUrl}${requestToken.oAuthToken}`);
+      const loginUrl = `${internals.kRedirectUrl}${requestToken.oAuthToken}`;
+
+      this.body = { loginUrl };
     };
   }
 
+  /**
+   * Handles twitter's callback. Fetches the oAuth Verifier, attempts to
+   * obtain a user object and responds with the JWT
+   *
+   * @function callback
+   * @memberof AuthHandler
+   * @instance
+   * @return {generator} a koa compatible handler generator function
+   */
   callback() {
 
     const self = this;
@@ -46,8 +68,8 @@ module.exports = internals.AuthHandler = class AuthHandler {
         return this.throw(401);
       }
 
-      const oAuthToken = this.request.query.oauth_token;
-      const oAuthVerifier = this.request.query.oauth_verifier;
+      const oAuthToken = this.request.body.oAuthToken;
+      const oAuthVerifier = this.request.body.oAuthVerifier;
       let user;
 
       try {
@@ -59,25 +81,23 @@ module.exports = internals.AuthHandler = class AuthHandler {
         return this.throw(401);
       }
 
-      yield self._setJWT(user, this);
-
-      this.redirect(internals.kMainLocation);
-    };
-  }
-
-  logout() {
+      const expiresAt = Date.now() + self._jwtConfig.duration * 1000;
 
-    const self = this;
+      const token = yield self._getToken(user);
 
-    return function * () {
+      const response = {
+        expiresAt,
+        user,
+        token
+      };
 
-      this.cookies.set(self._jwtConfig.cookieName, null);
-      this.redirect(internals.kMainLocation);
+      this.body = response;
     };
   }
 
-  // Sets a JSON Web Token Cookie
-  _setJWT(payload, context) {
+  // Generates a JSON Web Token
+
+  _getToken(payload) {
 
     const self = this;
 
@@ -87,12 +107,7 @@ module.exports = internals.AuthHandler = class AuthHandler {
         expiresIn: self._jwtConfig.duration
       });
 
-      context.cookies.set(self._jwtConfig.cookieName, token, {
-        maxAge: self._jwtConfig.duration * 1000,
-        signed: true,
-        domain: self._hostname,
-        overwrite: true
-      });
+      return token;
     });
   }
 };