X-Git-Url: https://git.r.bdr.sh/rbdr/dasein/blobdiff_plain/287fa13b3e600b2340895a5463a288bf08101bb5..a6ccda0fbc4df683f9568d85eb22b21684d2a0bd:/lib/handlers/auth.js diff --git a/lib/handlers/auth.js b/lib/handlers/auth.js index d16e15d..1db9494 100644 --- a/lib/handlers/auth.js +++ b/lib/handlers/auth.js @@ -1,41 +1,63 @@ 'use strict'; const Co = require('co'); -const TwitterHelper = require('../twitter_helper'); const JsonWebToken = require('jsonwebtoken'); const Pify = require('pify'); +const TwitterHelper = require('../twitter_helper'); const internals = {}; internals.kRedirectUrl = 'https://api.twitter.com/oauth/authenticate?oauth_token='; -internals.kMainLocation = '/'; +internals.kLoginRedirect = '/login'; internals.signJsonWebToken = Pify(JsonWebToken.sign); +/** + * Handles the HTTP requests for auth related operations. + * + * @class AuthHandler + * @param {Dasein.tConfiguration} config The configuration to + * initialize. + */ module.exports = internals.AuthHandler = class AuthHandler { constructor(config) { this._twitterHelper = new TwitterHelper(config.twitter); this._jwtConfig = config.jwt; - this._hostname = config.hostname; } + /** + * Triggers the twitter login flow. Redirects to twitter's oauth + * request page + * + * @function login + * @memberof AuthHandler + * @instance + * @return {generator} a koa compatible handler generator function + */ login() { const twitterHelper = this._twitterHelper; return function *handleLogin() { - if (this.state.user) { - return this.redirect(internals.kMainLocation); - } - const requestToken = yield twitterHelper.getRequestToken(); - this.redirect(`${internals.kRedirectUrl}${requestToken.oAuthToken}`); + const loginUrl = `${internals.kRedirectUrl}${requestToken.oAuthToken}`; + + this.body = { loginUrl }; }; } + /** + * Handles twitter's callback. Fetches the oAuth Verifier, attempts to + * obtain a user object and responds with the JWT + * + * @function callback + * @memberof AuthHandler + * @instance + * @return {generator} a koa compatible handler generator function + */ callback() { const self = this; @@ -46,8 +68,8 @@ module.exports = internals.AuthHandler = class AuthHandler { return this.throw(401); } - const oAuthToken = this.request.query.oauth_token; - const oAuthVerifier = this.request.query.oauth_verifier; + const oAuthToken = this.request.body.oAuthToken; + const oAuthVerifier = this.request.body.oAuthVerifier; let user; try { @@ -59,25 +81,23 @@ module.exports = internals.AuthHandler = class AuthHandler { return this.throw(401); } - yield self._setJWT(user, this); - - this.redirect(internals.kMainLocation); - }; - } - - logout() { + const expiresAt = Date.now() + self._jwtConfig.duration * 1000; - const self = this; + const token = yield self._getToken(user); - return function * () { + const response = { + expiresAt, + user, + token + }; - this.cookies.set(self._jwtConfig.cookieName, null); - this.redirect(internals.kMainLocation); + this.body = response; }; } - // Sets a JSON Web Token Cookie - _setJWT(payload, context) { + // Generates a JSON Web Token + + _getToken(payload) { const self = this; @@ -87,12 +107,7 @@ module.exports = internals.AuthHandler = class AuthHandler { expiresIn: self._jwtConfig.duration }); - context.cookies.set(self._jwtConfig.cookieName, token, { - maxAge: self._jwtConfig.duration * 1000, - signed: true, - domain: self._hostname, - overwrite: true - }); + return token; }); } };