Skip to content

Commit

Permalink
Stragglers
Browse files Browse the repository at this point in the history
  • Loading branch information
@avoidwork
avoidwork committed Aug 19, 2014
1 parent 33b41b6 commit 42c6332
Show file tree
Hide file tree
Showing 8 changed files with 59 additions and 86 deletions.
3 changes: 2 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
# Change Log

## 0.4.4
- Fixed blacklisting of middleware within `auth()`
- Fixed blacklisting of middleware within `auth()`, & `bootstrap()`
- Fixed `keymaster()` for `HEAD` & `OPTIONS` requests
- Upgraded turtle.io to 3.0.14
- Set session cookie flag to avoid warning messages during tests

## 0.4.3
- Upgrading turtle.io to 3.0.13 & blacklisting all authentication middleware
Expand Down
2 changes: 1 addition & 1 deletion doc/global.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1826,7 +1826,7 @@ <h5>Returns:</h5>

<span class="jsdoc-message">
Documentation generated by <a href="https://github.com/jsdoc3/jsdoc">JSDoc 3.2.2</a>
on 2014-08-18T20:02:15-04:00 using the <a
on 2014-08-19T19:31:08-04:00 using the <a
href="https://github.com/terryweiss/docstrap">DocStrap template</a>.
</span>
</footer>
Expand Down
2 changes: 1 addition & 1 deletion doc/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -380,7 +380,7 @@ <h2>License</h2>

<span class="jsdoc-message">
Documentation generated by <a href="https://github.com/jsdoc3/jsdoc">JSDoc 3.2.2</a>
on 2014-08-18T20:02:15-04:00 using the <a
on 2014-08-19T19:31:08-04:00 using the <a
href="https://github.com/terryweiss/docstrap">DocStrap template</a>.
</span>
</footer>
Expand Down
4 changes: 2 additions & 2 deletions doc/module-tenso.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,7 @@ <h2>
<dt class="tag-version">Version:</dt>
<dd class="tag-version">
<ul class="dummy">
<li>0.4.3</li>
<li>0.4.4</li>
</ul>
</dd>

Expand Down Expand Up @@ -218,7 +218,7 @@ <h2>

<span class="jsdoc-message">
Documentation generated by <a href="https://github.com/jsdoc3/jsdoc">JSDoc 3.2.2</a>
on 2014-08-18T20:02:15-04:00 using the <a
on 2014-08-19T19:31:08-04:00 using the <a
href="https://github.com/terryweiss/docstrap">DocStrap template</a>.
</span>
</footer>
Expand Down
2 changes: 1 addition & 1 deletion doc/modules.list.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -188,7 +188,7 @@ <h2>

<span class="jsdoc-message">
Documentation generated by <a href="https://github.com/jsdoc3/jsdoc">JSDoc 3.2.2</a>
on 2014-08-18T20:02:15-04:00 using the <a
on 2014-08-19T19:31:08-04:00 using the <a
href="https://github.com/terryweiss/docstrap">DocStrap template</a>.
</span>
</footer>
Expand Down
66 changes: 26 additions & 40 deletions lib/tenso.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,20 @@ function auth ( obj, config ) {
realm = proto + "://" + ( config.hostname === "localhost" ? "127.0.0.1" : config.hostname ) + ( config.port !== 80 && config.port !== 443 ? ":" + config.port : "" ),
sesh, fnCookie, fnSesh, luscaCsrf, luscaCsp, luscaXframe, luscaP3p, luscaHsts, luscaXssProtection, protection, passportAuth, passportInit, passportSession;

function asyncFlag () {
arguments[0].protectAsync = true;
arguments[2]();
}

function guard ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}
else {
res.redirect( "/login" );
}
}

config.auth.protect = ( config.auth.protect || [] ).map( function ( i ) {
return new RegExp( "^" + i !== "/login" ? i.replace( /\.\*/g, "*" ).replace( /\*/g, ".*" ) : "$", "i" );
} );
Expand All @@ -186,7 +200,8 @@ function auth ( obj, config ) {
sesh = {
secret: config.session.secret || uuid(),
saveUninitialized: true,
rolling: true
rolling: true,
resave: true
};

if ( config.session.store === "redis" ) {
Expand Down Expand Up @@ -336,14 +351,10 @@ function auth ( obj, config ) {
};
}
else if ( config.auth.facebook.enabled || config.auth.google.enabled || config.auth.local.enabled || config.auth.linkedin.enabled || config.auth.twitter.enabled ) {
obj.server.use( function asyncFlag () {
arguments[0].protectAsync = true;
arguments[2]();
} );

passportInit = passport.initialize();
passportSession = passport.session();

obj.server.use( asyncFlag ).blacklist( asyncFlag );
obj.server.use( passportInit ).blacklist( passportInit );
obj.server.use( passportSession ).blacklist( passportSession );

Expand Down Expand Up @@ -381,14 +392,7 @@ function auth ( obj, config ) {

obj.server.use( "/auth/facebook", passport.authenticate( "facebook" ) );
obj.server.use( "/auth/facebook/callback", passport.authenticate( "facebook", {successRedirect: "/", failureRedirect: "/login"} ) );
obj.server.use( "(?!/auth/facebook).*$", function ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}
else {
res.redirect( "/login" );
}
} );
obj.server.use( "(?!/auth/facebook).*$", guard ).blacklist( guard );
}
else if ( config.auth.google.enabled ) {
config.auth.protect.push( new RegExp( "^/auth/google", "i" ) );
Expand All @@ -415,14 +419,7 @@ function auth ( obj, config ) {

obj.server.use( "/auth/google", passport.authenticate( "google" ) );
obj.server.use( "/auth/google/callback", passport.authenticate( "google", {failureRedirect: "/login"} ) );
obj.server.use( "(?!/auth/google).*$", function ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}
else {
res.redirect( "/login" );
}
} );
obj.server.use( "(?!/auth/google).*$", guard ).blacklist( guard );
}
else if ( config.auth.linkedin.enabled ) {
config.auth.protect.push( new RegExp( "^/auth/linkedin", "i" ) );
Expand All @@ -448,14 +445,7 @@ function auth ( obj, config ) {
obj.server.get( "/auth/linkedin/callback", function () {
arguments[1].redirect( "/" );
} );
obj.server.use( "(?!/auth/linkedin).*", function ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}
else {
res.redirect( "/login" );
}
} );
obj.server.use( "(?!/auth/linkedin).*", guard ).blacklist( guard );

config.routes.get["/auth"] = {auth_uri: "/auth/linkedin"};
}
Expand All @@ -479,13 +469,7 @@ function auth ( obj, config ) {

obj.server.get( "/auth/twitter", passport.authenticate( "twitter" ) );
obj.server.get( "/auth/twitter/callback", passport.authenticate( "twitter", {successRedirect: "/", failureRedirect: "/login"} ) );
obj.server.use( "(?!/auth/twitter).*", function ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}

res.redirect( "/login" );
} );
obj.server.use( "(?!/auth/twitter).*", guard ).blacklist( guard );

config.routes.get["/auth"] = {auth_uri: "/auth/twitter"};
config.routes.get["/auth/twitter"] = {callback_uri: "/auth/twitter/callback"};
Expand Down Expand Up @@ -516,11 +500,13 @@ function auth ( obj, config ) {
* @return {Object} Tenso instance
*/
function bootstrap ( obj, config ) {
function rateLimit ( req, res, next ) {
rate( obj, req, res, next );
}

// Early middleware hook for rate limiting
if ( config.rate.enabled ) {
obj.server.use( function ( req, res, next ) {
rate( obj, req, res, next );
} );
obj.server.use( rateLimit ).blacklist( rateLimit );
}

// Bootstrapping configuration
Expand Down
58 changes: 21 additions & 37 deletions src/auth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,20 @@ function auth ( obj, config ) {
realm = proto + "://" + ( config.hostname === "localhost" ? "127.0.0.1" : config.hostname ) + ( config.port !== 80 && config.port !== 443 ? ":" + config.port : "" ),
sesh, fnCookie, fnSesh, luscaCsrf, luscaCsp, luscaXframe, luscaP3p, luscaHsts, luscaXssProtection, protection, passportAuth, passportInit, passportSession;

function asyncFlag () {
arguments[0].protectAsync = true;
arguments[2]();
}

function guard ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}
else {
res.redirect( "/login" );
}
}

config.auth.protect = ( config.auth.protect || [] ).map( function ( i ) {
return new RegExp( "^" + i !== "/login" ? i.replace( /\.\*/g, "*" ).replace( /\*/g, ".*" ) : "$", "i" );
} );
Expand All @@ -20,7 +34,8 @@ function auth ( obj, config ) {
sesh = {
secret: config.session.secret || uuid(),
saveUninitialized: true,
rolling: true
rolling: true,
resave: true
};

if ( config.session.store === "redis" ) {
Expand Down Expand Up @@ -170,14 +185,10 @@ function auth ( obj, config ) {
};
}
else if ( config.auth.facebook.enabled || config.auth.google.enabled || config.auth.local.enabled || config.auth.linkedin.enabled || config.auth.twitter.enabled ) {
obj.server.use( function asyncFlag () {
arguments[0].protectAsync = true;
arguments[2]();
} );

passportInit = passport.initialize();
passportSession = passport.session();

obj.server.use( asyncFlag ).blacklist( asyncFlag );
obj.server.use( passportInit ).blacklist( passportInit );
obj.server.use( passportSession ).blacklist( passportSession );

Expand Down Expand Up @@ -215,14 +226,7 @@ function auth ( obj, config ) {

obj.server.use( "/auth/facebook", passport.authenticate( "facebook" ) );
obj.server.use( "/auth/facebook/callback", passport.authenticate( "facebook", {successRedirect: "/", failureRedirect: "/login"} ) );
obj.server.use( "(?!/auth/facebook).*$", function ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}
else {
res.redirect( "/login" );
}
} );
obj.server.use( "(?!/auth/facebook).*$", guard ).blacklist( guard );
}
else if ( config.auth.google.enabled ) {
config.auth.protect.push( new RegExp( "^/auth/google", "i" ) );
Expand All @@ -249,14 +253,7 @@ function auth ( obj, config ) {

obj.server.use( "/auth/google", passport.authenticate( "google" ) );
obj.server.use( "/auth/google/callback", passport.authenticate( "google", {failureRedirect: "/login"} ) );
obj.server.use( "(?!/auth/google).*$", function ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}
else {
res.redirect( "/login" );
}
} );
obj.server.use( "(?!/auth/google).*$", guard ).blacklist( guard );
}
else if ( config.auth.linkedin.enabled ) {
config.auth.protect.push( new RegExp( "^/auth/linkedin", "i" ) );
Expand All @@ -282,14 +279,7 @@ function auth ( obj, config ) {
obj.server.get( "/auth/linkedin/callback", function () {
arguments[1].redirect( "/" );
} );
obj.server.use( "(?!/auth/linkedin).*", function ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}
else {
res.redirect( "/login" );
}
} );
obj.server.use( "(?!/auth/linkedin).*", guard ).blacklist( guard );

config.routes.get["/auth"] = {auth_uri: "/auth/linkedin"};
}
Expand All @@ -313,13 +303,7 @@ function auth ( obj, config ) {

obj.server.get( "/auth/twitter", passport.authenticate( "twitter" ) );
obj.server.get( "/auth/twitter/callback", passport.authenticate( "twitter", {successRedirect: "/", failureRedirect: "/login"} ) );
obj.server.use( "(?!/auth/twitter).*", function ( req, res, next ) {
if ( req.isAuthenticated() ) {
return next();
}

res.redirect( "/login" );
} );
obj.server.use( "(?!/auth/twitter).*", guard ).blacklist( guard );

config.routes.get["/auth"] = {auth_uri: "/auth/twitter"};
config.routes.get["/auth/twitter"] = {callback_uri: "/auth/twitter/callback"};
Expand Down
8 changes: 5 additions & 3 deletions src/bootstrap.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,13 @@
* @return {Object} Tenso instance
*/
function bootstrap ( obj, config ) {
function rateLimit ( req, res, next ) {
rate( obj, req, res, next );
}

// Early middleware hook for rate limiting
if ( config.rate.enabled ) {
obj.server.use( function ( req, res, next ) {
rate( obj, req, res, next );
} );
obj.server.use( rateLimit ).blacklist( rateLimit );
}

// Bootstrapping configuration
Expand Down

0 comments on commit 42c6332

Please sign in to comment.