Authentication middleware
Work in progress!
The user model
Discriminating the user model, the preferred approach, assigns a kind
property to all documents. I recommend using the decorator functions in this module to get/set properties in the base as well.
Schema
Property | Type | Description | Default |
---|---|---|---|
active | boolean |
System-generated to keep track of "deleted" users | true |
email* | string |
Self-explanatory | null |
firstName* | string |
Self-explanatory | null |
frozen | boolean |
Somewhat of an alias for active, only setting it does not affect other properties | false |
lang | string |
The preferred locale (en-CA or fr-CA ). |
en-CA |
lastName* | string |
Self-explanatory | null |
loginAttempts | number |
Used to block excessive login attempts (< 5) | 0 |
password | password |
Used to authenticate | null |
secret* | string |
Used to read and write JWT tokens. Nullifying this would destroy all active sessions | null |
verified | boolean |
Represents the validity of an email address. Login attempts are blocked without verification | false |
Methods
Name | Description | Return |
---|---|---|
await Model.findByEmail(string) |
Lookup active users by email address | object |
await Model.findUnverifiedByEmail(string) |
Lookup unverified users by email | object |
await Model.findVerifiedByEmail(string) |
Lookup verified users by email | object |
await Model.findVerifiedById(string) |
Lookup verified users by id | object |
await doc.setSecret() |
Generate secret token | object |
await doc.verifyPassword(string, boolean) |
Compare string against stored password. Throws error if second parameter is true | boolean |
await doc.deactivate() |
Deletes a user for most intents-and-purposes | object |
doc.isBlocked |
Is the user allowed to login? | boolean |
doc.hasExpired |
Has more than 24 hours elapsed since requesting verification? | boolean |
doc.isPermitted |
Does the user have all the necessary properties to login? | boolean |