mirror of
https://github.com/node-red/node-red.git
synced 2025-03-01 10:36:34 +00:00
Increase unit test coverage of auth code
This commit is contained in:
Nick O'Leary
@@ -16,10 +16,11 @@
|
||||
|
||||
var BearerStrategy = require('passport-http-bearer').Strategy;
|
||||
var ClientPasswordStrategy = require('passport-oauth2-client-password').Strategy;
|
||||
var passport = require("passport");
|
||||
|
||||
var passport = require("passport");
|
||||
var crypto = require("crypto");
|
||||
var util = require("util");
|
||||
|
||||
var Tokens = require("./tokens");
|
||||
var Users = require("./users");
|
||||
var Clients = require("./clients");
|
||||
@@ -53,28 +54,52 @@ var clientPasswordStrategy = function(clientId, clientSecret, done) {
|
||||
}
|
||||
clientPasswordStrategy.ClientPasswordStrategy = new ClientPasswordStrategy(clientPasswordStrategy);
|
||||
|
||||
var passwordTokenExchange = function(client, username, password, scope, done) {
|
||||
Users.authenticate(username,password).then(function(user) {
|
||||
if (user) {
|
||||
Tokens.create(username,client.id,scope).then(function(token) {
|
||||
done(null,token);
|
||||
});
|
||||
} else {
|
||||
done(null,false);
|
||||
}
|
||||
});
|
||||
}
|
||||
var loginAttempts = [];
|
||||
var loginSignUpWindow = 36000000; // 10 minutes
|
||||
|
||||
|
||||
var passwordTokenExchange = function(client, username, password, scope, done) {
|
||||
var now = Date.now();
|
||||
loginAttempts = loginAttempts.filter(function(logEntry) {
|
||||
return logEntry.time + loginSignUpWindow > now;
|
||||
});
|
||||
loginAttempts.push({time:now, user:username});
|
||||
var attemptCount = 0;
|
||||
loginAttempts.forEach(function(logEntry) {
|
||||
if (logEntry.user == username) {
|
||||
attemptCount++;
|
||||
}
|
||||
});
|
||||
if (attemptCount > 5) {
|
||||
// TODO: audit log
|
||||
done(new Error("Too many login attempts. Wait 10 minutes and try again"),false);
|
||||
return;
|
||||
}
|
||||
|
||||
Users.authenticate(username,password).then(function(user) {
|
||||
if (user) {
|
||||
loginAttempts = loginAttempts.filter(function(logEntry) {
|
||||
return logEntry.user !== username;
|
||||
});
|
||||
Tokens.create(username,client.id,scope).then(function(tokens) {
|
||||
// TODO: audit log
|
||||
done(null,tokens.accessToken);
|
||||
});
|
||||
} else {
|
||||
// TODO: audit log
|
||||
done(null,false);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function AnonymousStrategy() {
|
||||
passport.Strategy.call(this);
|
||||
this.name = 'anon';
|
||||
}
|
||||
util.inherits(AnonymousStrategy, passport.Strategy);
|
||||
AnonymousStrategy.prototype.authenticate = function(req) {
|
||||
var authorization = req.headers['authorization'];
|
||||
var self = this;
|
||||
Users.anonymous().then(function(anon) {
|
||||
Users.default().then(function(anon) {
|
||||
if (anon) {
|
||||
self.success(anon);
|
||||
} else {
|
||||
|
||||
Reference in New Issue
Block a user