diff --git a/README.md b/README.md index c2499db5..db79da6e 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # angel_auth -![version 1.1.0-dev+11](https://img.shields.io/badge/version-1.1.0--dev+11-red.svg) +![version 1.1.0-dev+12](https://img.shields.io/badge/version-1.1.0--dev+12-red.svg) ![build status](https://travis-ci.org/angel-dart/auth.svg?branch=master) A complete authentication plugin for Angel. Inspired by Passport. @@ -9,4 +9,4 @@ A complete authentication plugin for Angel. Inspired by Passport. [Click here](https://github.com/angel-dart/auth/wiki). # Supported Strategies -* Local (with and without Basic Auth) \ No newline at end of file +* Local (with and without Basic Auth) diff --git a/lib/src/plugin.dart b/lib/src/plugin.dart index 94c49775..1f4e9040 100644 --- a/lib/src/plugin.dart +++ b/lib/src/plugin.dart @@ -92,8 +92,8 @@ class AngelAuth extends AngelPlugin { if (enforceIp) { if (debug) { - print( - 'Token IP: ${token.ipAddress}. Current request sent from: ${req.ip}'); + print('Token IP: ${token.ipAddress}. Current request sent from: ${req + .ip}'); } if (req.ip != null && req.ip != token.ipAddress) @@ -140,8 +140,9 @@ class AngelAuth extends AngelPlugin { // Allow Basic auth to fall through if (_rgxBearer.hasMatch(authHeader)) return authHeader.replaceAll(_rgxBearer, "").trim(); - } else if (req.cookies.any((cookie) => cookie.name == "token")) { - print('Request has "token" cookie...'); + } else if (allowCookie && + req.cookies.any((cookie) => cookie.name == "token")) { + if (debug) print('Request has "token" cookie...'); return req.cookies.firstWhere((cookie) => cookie.name == "token").value; } else if (allowTokenInQuery && req.query['token'] is String) { return req.query['token']; @@ -168,7 +169,8 @@ class AngelAuth extends AngelPlugin { if (enforceIp) { if (debug) print( - 'Token IP: ${token.ipAddress}. Current request sent from: ${req.ip}'); + 'Token IP: ${token.ipAddress}. Current request sent from: ${req + .ip}'); if (req.ip != token.ipAddress) throw new AngelHttpException.Forbidden( @@ -177,8 +179,8 @@ class AngelAuth extends AngelPlugin { if (token.lifeSpan > -1) { if (debug) { - print( - 'Checking if token has expired... Life span is ${token.lifeSpan}'); + print('Checking if token has expired... Life span is ${token + .lifeSpan}'); } token.issuedAt.add(new Duration(milliseconds: token.lifeSpan)); @@ -199,8 +201,11 @@ class AngelAuth extends AngelPlugin { print('Final, valid token: ${token.toJson()}'); } - res.cookies.add(new Cookie('token', token.serialize(_hs256))); - return token.toJson(); + if (allowCookie) + res.cookies.add(new Cookie('token', token.serialize(_hs256))); + + final data = await deserializer(token.userId); + return {'data': data, 'token': token.serialize(_hs256)}; } } catch (e, st) { if (debug) { diff --git a/pubspec.yaml b/pubspec.yaml index 5aa79fc2..65aaf892 100644 --- a/pubspec.yaml +++ b/pubspec.yaml @@ -1,6 +1,6 @@ name: angel_auth description: A complete authentication plugin for Angel. -version: 1.0.0-dev+11 +version: 1.0.0-dev+12 author: Tobe O homepage: https://github.com/angel-dart/angel_auth dependencies: @@ -9,4 +9,4 @@ dependencies: oauth2: ">= 1.0.2 < 2.0.0" dev_dependencies: http: ">= 0.11.3 < 0.12.0" - test: ">= 0.12.13 < 0.13.0" \ No newline at end of file + test: ">= 0.12.13 < 0.13.0"