const common = require('./common');
const Enum = require('./enum');
const Manager = require('./manager');
-const SessionManager = require('./session-manager');
-const Authenticator = require('./authenticator');
+const { Authenticator, SessionManager } = require('@squeep/authentication-module');
const path = require('path');
const _fileScope = common.fileScope(__filename);
this.setResponseType(responseTypes, req, res, ctx);
+ await this.authenticator.sessionOptional(req, res, ctx, this.loginPath);
+
await this.manager.getRoot(req, res, ctx);
}
this.setResponseType(this.responseTypes, req, res, ctx);
- await this.authenticator.required(req, res, ctx, this.loginPath);
+ await this.authenticator.sessionRequired(req, res, ctx, this.loginPath);
await this.manager.getAdminOverview(res, ctx);
}
this.setResponseType(this.responseTypes, req, res, ctx);
- await this.authenticator.required(req, res, ctx, this.loginPath);
+ await this.authenticator.sessionRequired(req, res, ctx, this.loginPath);
await this.manager.getTopicDetails(res, ctx);
}
/**
- * Same as super.ingestBody, but if no body was sent, do not parse (and
+ * Similar to super.ingestBody, but if no body was sent, do not parse (and
* thus avoid possible unsupported media type error).
+ * Also removes raw body from context, to simplify scrubbing sensitive data from logs.
* @param {http.ClientRequest} req
* @param {http.ServerResponse} res
* @param {Object} ctx
const contentType = Dingus.getRequestContentType(req);
if (ctx.rawBody) {
this.parseBody(contentType, ctx);
+ delete ctx.rawBody;
}
}
this.setResponseType(this.responseTypes, req, res, ctx);
- await this.authenticator.requiredLocal(req, res, ctx, this.loginPath);
+ await this.authenticator.apiRequiredLocal(req, res, ctx);
await this.maybeIngestBody(req, res, ctx);
ctx.method = req.method;
this.setResponseType(this.responseTypes, req, res, ctx);
- await this.authenticator.requiredLocal(req, res, ctx, this.loginPath);
+ await this.authenticator.apiRequiredLocal(req, res, ctx);
await this.maybeIngestBody(req, res, ctx);
ctx.method = req.method;
this.setResponseType(this.responseTypes, req, res, ctx);
- await this.authenticator.requiredLocal(req, res, ctx, this.loginPath);
+ await this.authenticator.apiRequiredLocal(req, res, ctx);
await this.manager.processTasks(res, ctx);
}
/**
+ * Delegate login to authentication module.
* @param {http.ClientRequest} req
* @param {http.ServerResponse} res
* @param {Object} ctx
/**
+ * Delegate login to authentication module.
* @param {http.ClientRequest} req
* @param {http.ServerResponse} res
* @param {Object} ctx
this.setResponseType(this.responseTypes, req, res, ctx);
+ await this.authenticator.sessionOptionalLocal(req, res, ctx);
+
await this.maybeIngestBody(req, res, ctx);
await this.sessionManager.postAdminLogin(res, ctx);
/**
+ * Delegate login to authentication module.
* @param {http.ClientRequest} req
* @param {http.ServerResponse} res
* @param {Object} ctx
this.setResponseType(this.responseTypes, req, res, ctx);
+ await this.authenticator.sessionOptionalLocal(req, res, ctx);
+
await this.sessionManager.getAdminLogout(res, ctx);
}
/**
+ * Delegate login to authentication module.
* @param {http.ClientRequest} req
* @param {http.ServerResponse} res
* @param {Object} ctx
projects / websub-hub / blobdiff