Fixing Local Auth guard & test

avoidwork · Aug 27, 2014 · 46ca355 · 46ca355
1 parent 4b67d75
commit 46ca355
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 13 deletions.
diff --git a/lib/tenso.js b/lib/tenso.js
@@ -46,7 +46,7 @@ var turtleio = require( "turtle.io" ),
     REGEX_GETREWRITE = /HEAD|OPTIONS/i,
     REGEX_BODY       = /POST|PUT|PATCH/i,
     REGEX_FORMENC    = /application\/x-www-form-urlencoded/,
-	REGEX_BODY_SPLIT = /&|=/;
+    REGEX_BODY_SPLIT = /&|=/;
 
 /**
  * Tenso
@@ -186,7 +186,7 @@ function auth ( obj, config ) {
 	    stateful  = ( async || config.auth.local.enabled || config.security.csrf ),
 	    authMap   = {},
 	    authUris  = [],
-	    sesh, fnCookie, fnSesh, luscaCsrf, luscaCsp, luscaXframe, luscaP3p, luscaHsts, luscaXssProtection, protection, passportAuth, passportInit, passportSession;
+	    keys, sesh, fnCookie, fnSesh, luscaCsrf, luscaCsp, luscaXframe, luscaP3p, luscaHsts, luscaXssProtection, protection, passportAuth, passportInit, passportSession;
 
 	function asyncFlag () {
 		arguments[0].protectAsync = true;
@@ -254,6 +254,11 @@ function auth ( obj, config ) {
 		authUris = array.keys( authMap );
 	}
 
+	if ( config.auth.local.enabled ) {
+		authUris.push( "/" );
+		authUris.push( "/login" );
+	}
+
 	if ( stateful ) {
 		sesh = {
 			secret: config.session.secret || uuid(),
@@ -321,7 +326,11 @@ function auth ( obj, config ) {
 		} );
 
 		if ( authUris.length > 0 ) {
-			config.routes.get["/auth"] = authMap;
+			keys = array.keys( authMap ).length > 0;
+
+			if ( keys ) {
+				config.routes.get["/auth"] = authMap;
+			}
 
 			( function () {
 				var regex = "(?!/auth/(";
@@ -335,7 +344,7 @@ function auth ( obj, config ) {
 				obj.server.use( regex, guard ).blacklist( guard );
 			} )();
 
-			config.routes.get["/login"]  = ( config.auth.local.enabled || config.auth.saml.enabled ) ? {login_uri: "/auth", instruction: "POST username/password to authenticate"} : {login_uri: "/auth"};
+			config.routes.get["/login"]  = ( config.auth.local.enabled || config.auth.saml.enabled ) ? ( keys ? {login_uri: "/auth", instruction: "POST username/password to authenticate"} : {instruction: "POST username/password to authenticate"} ) : {login_uri: "/auth"};
 		}
 		else if ( config.auth.local.enabled || config.auth.saml.enabled ) {
 			config.routes.get["/login"]  = {instruction: "POST username/password to authenticate"};

diff --git a/src/auth.js b/src/auth.js
@@ -15,7 +15,7 @@ function auth ( obj, config ) {
 	    stateful  = ( async || config.auth.local.enabled || config.security.csrf ),
 	    authMap   = {},
 	    authUris  = [],
-	    sesh, fnCookie, fnSesh, luscaCsrf, luscaCsp, luscaXframe, luscaP3p, luscaHsts, luscaXssProtection, protection, passportAuth, passportInit, passportSession;
+	    keys, sesh, fnCookie, fnSesh, luscaCsrf, luscaCsp, luscaXframe, luscaP3p, luscaHsts, luscaXssProtection, protection, passportAuth, passportInit, passportSession;
 
 	function asyncFlag () {
 		arguments[0].protectAsync = true;
@@ -83,6 +83,11 @@ function auth ( obj, config ) {
 		authUris = array.keys( authMap );
 	}
 
+	if ( config.auth.local.enabled ) {
+		authUris.push( "/" );
+		authUris.push( "/login" );
+	}
+
 	if ( stateful ) {
 		sesh = {
 			secret: config.session.secret || uuid(),
@@ -150,7 +155,11 @@ function auth ( obj, config ) {
 		} );
 
 		if ( authUris.length > 0 ) {
-			config.routes.get["/auth"] = authMap;
+			keys = array.keys( authMap ).length > 0;
+
+			if ( keys ) {
+				config.routes.get["/auth"] = authMap;
+			}
 
 			( function () {
 				var regex = "(?!/auth/(";
@@ -164,7 +173,7 @@ function auth ( obj, config ) {
 				obj.server.use( regex, guard ).blacklist( guard );
 			} )();
 
-			config.routes.get["/login"]  = ( config.auth.local.enabled || config.auth.saml.enabled ) ? {login_uri: "/auth", instruction: "POST username/password to authenticate"} : {login_uri: "/auth"};
+			config.routes.get["/login"]  = ( config.auth.local.enabled || config.auth.saml.enabled ) ? ( keys ? {login_uri: "/auth", instruction: "POST username/password to authenticate"} : {instruction: "POST username/password to authenticate"} ) : {login_uri: "/auth"};
 		}
 		else if ( config.auth.local.enabled || config.auth.saml.enabled ) {
 			config.routes.get["/login"]  = {instruction: "POST username/password to authenticate"};

diff --git a/src/intro.js b/src/intro.js
@@ -36,4 +36,4 @@ var turtleio = require( "turtle.io" ),
     REGEX_GETREWRITE = /HEAD|OPTIONS/i,
     REGEX_BODY       = /POST|PUT|PATCH/i,
     REGEX_FORMENC    = /application\/x-www-form-urlencoded/,
-	REGEX_BODY_SPLIT = /&|=/;
+    REGEX_BODY_SPLIT = /&|=/;
diff --git a/test/tenso_test.js b/test/tenso_test.js
@@ -367,12 +367,10 @@ describe("Local", function () {
 
 	describe("GET /uuid (invalid)", function () {
 		it("returns an 'unauthorized' error", function (done) {
-			api( port )
+			api( port, true )
 				.get("/uuid")
-				.expectStatus(401)
-				.expectValue("data", null)
-				.expectValue("error", "Unauthorized")
-				.expectValue("status", 401)
+				.expectStatus(302)
+				.expectHeader("Location", "/login")
 				.end(function(err) {
 					if (err) throw err;
 					done();