2011-12-27 02:16:41 +08:00
|
|
|
/**
|
|
|
|
* this module allows to auth user using an pregenerated api key
|
|
|
|
*/
|
2014-08-05 22:20:06 +08:00
|
|
|
function ApikeyAuth(req) {
|
|
|
|
this.req = req;
|
2013-12-18 18:57:46 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
module.exports = ApikeyAuth;
|
|
|
|
|
2014-08-05 22:20:06 +08:00
|
|
|
ApikeyAuth.prototype.verifyCredentials = function(options, callback) {
|
|
|
|
verifyRequest(this.req, options.apiKey, callback);
|
|
|
|
};
|
|
|
|
|
|
|
|
ApikeyAuth.prototype.hasCredentials = function() {
|
2015-05-13 00:00:30 +08:00
|
|
|
return !!(this.req.query.api_key || this.req.query.map_key ||
|
|
|
|
(this.req.body && this.req.body.api_key) || (this.req.body && this.req.body.map_key));
|
2014-08-05 22:20:06 +08:00
|
|
|
};
|
|
|
|
|
2017-11-25 00:57:54 +08:00
|
|
|
ApikeyAuth.prototype.getCredentials = function() {
|
|
|
|
if (this.req.query.api_key) {
|
|
|
|
return this.req.query.api_key;
|
|
|
|
}
|
|
|
|
if (this.req.query.map_key) {
|
|
|
|
return this.req.query.map_key;
|
|
|
|
}
|
|
|
|
if (this.req.body && this.req.body.api_key) {
|
|
|
|
return this.req.body.api_key;
|
|
|
|
}
|
|
|
|
if (this.req.body && this.req.body.map_key) {
|
|
|
|
return this.req.body.map_key;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2013-12-18 18:57:46 +08:00
|
|
|
/**
|
|
|
|
* Get id of authorized user
|
|
|
|
*
|
2014-08-05 08:29:07 +08:00
|
|
|
* @param {Object} req - standard req object. Importantly contains table and host information
|
|
|
|
* @param {String} requiredApi - the API associated to the user, req must contain it
|
|
|
|
* @param {Function} callback - err, boolean (whether the request is authenticated or not)
|
2013-12-18 18:57:46 +08:00
|
|
|
*/
|
2014-08-05 22:20:06 +08:00
|
|
|
function verifyRequest(req, requiredApi, callback) {
|
2014-08-05 08:29:07 +08:00
|
|
|
|
|
|
|
var valid = false;
|
|
|
|
|
|
|
|
if ( requiredApi ) {
|
2015-05-13 00:00:30 +08:00
|
|
|
if ( requiredApi === req.query.map_key ) {
|
2014-08-05 08:29:07 +08:00
|
|
|
valid = true;
|
2015-05-13 00:00:30 +08:00
|
|
|
} else if ( requiredApi === req.query.api_key ) {
|
2014-08-05 08:29:07 +08:00
|
|
|
valid = true;
|
|
|
|
// check also in request body
|
2015-05-13 00:00:30 +08:00
|
|
|
} else if ( req.body && req.body.map_key && requiredApi === req.body.map_key ) {
|
2014-08-05 08:29:07 +08:00
|
|
|
valid = true;
|
2015-05-13 00:00:30 +08:00
|
|
|
} else if ( req.body && req.body.api_key && requiredApi === req.body.api_key ) {
|
2014-08-05 08:29:07 +08:00
|
|
|
valid = true;
|
2013-12-18 18:57:46 +08:00
|
|
|
}
|
2014-08-05 08:29:07 +08:00
|
|
|
}
|
2013-12-18 18:57:46 +08:00
|
|
|
|
2014-08-05 08:29:07 +08:00
|
|
|
callback(null, valid);
|
2014-08-05 22:20:06 +08:00
|
|
|
}
|