baucis-decorator-auth
Allows you to specify authentication parameters for properties within any baucis
resource's mongoose
schema and adds authentication routes.
Install
npm install baucis-decorators baucis-decorator-auth --save
Usage
You'll need 5 properties for this. The main one specifies who is currently authenticated to the resource and should contain an auth
field, which contains references to the other 4 properties by the keys password
, enabler
, designator
, and resetter
, as well as a roles
key that should optionally contain different sets of Boolean
values for the access control. It is probably easiest to just check out the example below.
Four endpoints are added, login
, logout
, reset-password
, and set-password
. The password reset functionality is a WIP as it needs to allow for custom emails. Also keep in mind that authentication and access control can work for any resource, not just users.
Following the example below, if some User
has publicViewing
set to false
and POSTs the proper id
(or name
) and viewingPassword
to /api/users/login
, said User
will be able to view the resource. Alternatively, the User
will be able to view the resource if they are in the viewers
list.
Example
controllers/User.js
var baucis = ;var mongoose = ;var Schema = mongooseSchema; var extend = ;var ResourceProps = ;var ResourceController = ; var userUtils = ;var UserProps = ; UserPropsviewing = type: String // should represent sessionId auth: password: 'viewingPassword' enabler: 'publicViewing' designator: 'viewers' resetter: 'resetViewingPassword' roles: enabled: read : true reserved: true; UserPropspublicViewing = type: Boolean default: true; UserPropsviewingPassword = type: String select: false; UserPropsresetViewingPassword = type: String select: false; UserPropsviewers = type: type: ObjectId ref: 'User' ; UserPropsediting = type: String // should represent sessionId auth: password: 'editingPassword' enabler: 'publicEditing' designator: 'editors' resetter: 'resetEditingPassword' roles: enabled: read : true write : true drop : true User: create : true reserved: true; UserPropspublicEditing = type: Boolean default: false; UserPropseditingPassword = type: String select: false; UserPropsresetEditingPassword = type: String select: false; UserPropseditors = type: type: ObjectId ref: 'User' { return userUtils; }; var UserSchema = UserProps;var UserModel = mongoose;var UserController = baucis; var decorators = ; // decorate controllerdecoratorsadd; /** * Expose controller. */moduleexports = UserController;