Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added local functions to dbauth #73

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

added local functions to dbauth #73

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e29ea89
added local functions to dbauth
gregvis May 27, 2016
efbf0fd
added mocha test for superlogin.removeExpiredKeys
gregvis May 30, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 28 additions & 21 deletions lib/dbauth/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,22 +17,27 @@ module.exports = function (config, userDB, couchAuthDB) {
var CouchAdapter = require('./couchdb');
adapter = new CouchAdapter(couchAuthDB);
}

this.storeKey = function (username, key, password, expires, roles) {
function storeKey(username, key, password, expires, roles) {
return adapter.storeKey(username, key, password, expires, roles);
};

this.removeKeys = function(keys) {
}
function removeKeys(keys) {
return adapter.removeKeys(keys);
};

this.authorizeKeys = function (user_id, db, keys, permissions, roles) {
}
function authorizeKeys(user_id, db, keys, permissions, roles) {
return adapter.authorizeKeys(user_id, db, keys, permissions, roles);
};

this.deauthorizeKeys = function (db, keys) {
}
function deauthorizeKeys(db, keys) {
return adapter.deauthorizeKeys(db, keys);
};
}

this.storeKey = storeKey;
this.removeKeys = removeKeys;
this.authorizeKeys = authorizeKeys;
this.deauthorizeKeys = deauthorizeKeys;

this.authorizeUserSessions = function(user_id, personalDBs, sessionKeys, roles) {
var self = this;
Expand Down Expand Up @@ -92,7 +97,7 @@ module.exports = function (config, userDB, couchAuthDB) {
}
}
if (keysToAuthorize.length > 0) {
promises.push(self.authorizeKeys(userDoc._id, newDB, keysToAuthorize, permissions, userDoc.roles));
promises.push(authorizeKeys(userDoc._id, newDB, keysToAuthorize, permissions, userDoc.roles));
}
return BPromise.all(promises);
})
Expand All @@ -102,7 +107,6 @@ module.exports = function (config, userDB, couchAuthDB) {
};

this.removeExpiredKeys = function () {
var self = this;
var keysByUser = {};
var userDocs = {};
var expiredKeys = [];
Expand All @@ -126,13 +130,13 @@ module.exports = function (config, userDB, couchAuthDB) {
});
}
});
return self.removeKeys(expiredKeys);
return removeKeys(expiredKeys);
})
.then(function() {
// - deauthorize keys for each personal database of each user
var deauthorize = [];
Object.keys(keysByUser).forEach(function(user) {
deauthorize.push(self.deauthorizeUser(userDocs[user], keysByUser[user]));
deauthorize.push(deauthorizeUser(userDocs[user], keysByUser[user]));
});
return BPromise.all(deauthorize);
})
Expand All @@ -148,9 +152,8 @@ module.exports = function (config, userDB, couchAuthDB) {
return BPromise.resolve(expiredKeys);
});
};

this.deauthorizeUser = function(userDoc, keys) {
var self = this;

function deauthorizeUser(userDoc, keys) {
var promises = [];
// If keys is not specified we will deauthorize all of the users sessions
if(!keys) {
Expand All @@ -160,13 +163,17 @@ module.exports = function (config, userDB, couchAuthDB) {
if(userDoc.personalDBs && typeof userDoc.personalDBs === 'object') {
Object.keys(userDoc.personalDBs).forEach(function(personalDB) {
var db = new PouchDB(util.getDBURL(config.getItem('dbServer')) + '/' + personalDB);
promises.push(self.deauthorizeKeys(db, keys));
promises.push(deauthorizeKeys(db, keys));
});
return BPromise.all(promises);
} else {
return BPromise.resolve(false);
}
};
}

this.deauthorizeUser = deauthorizeUser;



this.getDesignDoc = function(docName) {
if(!docName) {
Expand Down
111 changes: 109 additions & 2 deletions test/test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ global.Promise = BPromise;
var PouchDB = require('pouchdb');
var seed = require('pouchdb-seed-design');
var util = require('../lib/util.js');
var DBAuth = require('../lib/dbauth');
var Configure = require('../lib/configure');

describe('SuperLogin', function() {

Expand All @@ -22,6 +24,7 @@ describe('SuperLogin', function() {
var accessPass;
var expireCompare;
var resetToken = null;
var dbAuth;

var config = require('./test.config');
var server = 'http://localhost:5000';
Expand All @@ -42,13 +45,16 @@ describe('SuperLogin', function() {
password: '1s3cret',
confirmPassword: '1s3cret'
};



before(function() {
userDB = new PouchDB(dbUrl + "/sl_test-users");
keysDB = new PouchDB(dbUrl + "/sl_test-keys");
dbAuth = new DBAuth(new Configure(config), userDB, keysDB);
app = require('./test-server')(config);
app.superlogin.onCreate(function(userDoc, provider) {
userDoc.profile = {name: userDoc.name};
userDoc.profile = {name: userDoc.name};
return BPromise.resolve(userDoc);
});

Expand Down Expand Up @@ -445,9 +451,110 @@ describe('SuperLogin', function() {
})
.then(function(result) {
expect(result.status).to.equal(401);
expect(result.message.search('Your account is currently locked')).to.equal(0);
expect(result.message.search('Your account is currently locked')).to.equal(0);
return BPromise.resolve();
});
});

it('should delete all expired keys', function() {
var now = Date.now();
var db1, db2;
var user1 = {
_id: 'testuser1',
session: {
oldkey1: {expires: now + 50000},
goodkey1: {expires: now + 50000}
},
personalDBs: {'test_expiretest$testuser1': {
permissions: null,
name: 'expiretest'
}}
};

var user2 = {
_id: 'testuser2',
session: {
oldkey2: {expires: now + 50000},
goodkey2: {expires: now + 50000}
},
personalDBs: {'test_expiretest$testuser2': {
permissions: null,
name: 'expiretest'
}}
};

return previous
.then(function() {
var promises = [];
// Save the users
promises.push(userDB.bulkDocs([user1, user2]));
// Add their personal dbs
promises.push(dbAuth.addUserDB(user1, 'expiretest'));
promises.push(dbAuth.addUserDB(user2, 'expiretest'));
// Store the keys
promises.push(dbAuth.storeKey('testuser1', 'oldkey1', 'password', user1.session.oldkey1.expires));
promises.push(dbAuth.storeKey('testuser1', 'goodkey1', 'password', user1.session.goodkey1.expires));
promises.push(dbAuth.storeKey('testuser2', 'oldkey2', 'password', user2.session.oldkey2.expires));
promises.push(dbAuth.storeKey('testuser2', 'goodkey2', 'password', user2.session.goodkey2.expires));
return BPromise.all(promises);
})
.then(function() {
// Now we will expire the keys
var promises = [];
promises.push(userDB.get('testuser1'));
promises.push(userDB.get('testuser2'));
return BPromise.all(promises);
})
.then(function(docs) {
docs[0].session.oldkey1.expires = 100;
docs[1].session.oldkey2.expires = 100;
return userDB.bulkDocs(docs);
})
.then(function() {
// Now we will remove the expired keys
return app.superlogin.removeExpiredKeys();
})
.then(function() {
// Fetch the user docs to inspect them
db1 = new PouchDB(dbUrl + "/test_expiretest$testuser1");
db2 = new PouchDB(dbUrl + "/test_expiretest$testuser2");
var promises = [];
promises.push(userDB.get('testuser1'));
promises.push(userDB.get('testuser2'));
promises.push(keysDB.get('org.couchdb.user:goodkey1'));
promises.push(keysDB.get('org.couchdb.user:goodkey2'));
promises.push(db1.get('_security'));
promises.push(db2.get('_security'));
return BPromise.all(promises);
})
.then(function(docs) {
// Sessions for old keys should have been deleted, unexpired keys should be there
expect(docs[0].session.oldkey1).to.be.an('undefined');
expect(docs[0].session.goodkey1.expires).to.be.a('number');
expect(docs[1].session.oldkey2).to.be.an('undefined');
expect(docs[1].session.goodkey2.expires).to.be.a('number');
// The unexpired keys should still be in the keys database
expect(docs[2].user_id).to.equal('testuser1');
expect(docs[3].user_id).to.equal('testuser2');
// The security document for each personal db should contain exactly the good keys
expect(docs[4].members.names.length).to.equal(1);
expect(docs[4].members.names[0]).to.equal('goodkey1');
expect(docs[5].members.names.length).to.equal(1);
expect(docs[5].members.names[0]).to.equal('goodkey2');
// Now we'll make sure the expired keys have been deleted from the users database
var promises = [];
promises.push(keysDB.get('org.couchdb.user:oldkey1'));
promises.push(keysDB.get('org.couchdb.user:oldkey2'));
return BPromise.settle(promises);
})
.then(function(results) {
/* jshint -W030 */
expect(results[0].isRejected()).to.be.true;
expect(results[1].isRejected()).to.be.true;
/* jshint +W030 */
// Finally clean up
return BPromise.all([db1.destroy(), db2.destroy()]);
});
});

});