Next up is JWT, and finish local tests
This commit is contained in:
thosakwe
parent
9ca503df9c
commit
30d5293612
5 changed files with 45 additions and 8 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -85,3 +85,4 @@ fabric.properties
|
||||||
|
|
||||||
# Don't commit pubspec lock file
|
# Don't commit pubspec lock file
|
||||||
# (Library packages only! Remove pattern if developing an application package)
|
# (Library packages only! Remove pattern if developing an application package)
|
||||||
|
.idea
|
||||||
|
|
@ -14,6 +14,8 @@ part 'middleware/serialization.dart';
|
||||||
|
|
||||||
part 'strategies/local.dart';
|
part 'strategies/local.dart';
|
||||||
|
|
||||||
|
part 'strategies/token.dart';
|
||||||
|
|
||||||
part 'strategies/oauth2.dart';
|
part 'strategies/oauth2.dart';
|
||||||
|
|
||||||
_validateString(String str) {
|
_validateString(String str) {
|
||||||
|
|
|
||||||
|
|
@ -3,11 +3,30 @@ part of angel_auth;
|
||||||
/// Restricts access to a resource via authentication.
|
/// Restricts access to a resource via authentication.
|
||||||
Future<bool> requireAuth(RequestContext req, ResponseContext res,
|
Future<bool> requireAuth(RequestContext req, ResponseContext res,
|
||||||
{bool throws: true}) async {
|
{bool throws: true}) async {
|
||||||
if (req.session.containsKey('userId'))
|
reject() {
|
||||||
return true;
|
if (throws) {
|
||||||
else if (throws) {
|
|
||||||
res.status(HttpStatus.UNAUTHORIZED);
|
res.status(HttpStatus.UNAUTHORIZED);
|
||||||
throw new AngelHttpException.Forbidden();
|
throw new AngelHttpException.Forbidden();
|
||||||
|
} else
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
else return false;
|
|
||||||
|
if (req.session.containsKey('userId'))
|
||||||
|
return true;
|
||||||
|
else if (req.headers.value("Authorization") != null) {
|
||||||
|
var jwt = req.headers
|
||||||
|
.value("Authorization")
|
||||||
|
.replaceAll(new RegExp(r"^Bearer", caseSensitive: false), "")
|
||||||
|
.trim();
|
||||||
|
|
||||||
|
var split = jwt.split(".");
|
||||||
|
if (split.length != 3) return reject();
|
||||||
|
|
||||||
|
Map header = JSON.decode(UTF8.decode(BASE64URL.decode(split[0])));
|
||||||
|
|
||||||
|
if (header['typ'] != "JWT" || header['alg'] != "HS256") return reject();
|
||||||
|
|
||||||
|
Map payload = JSON.decode(UTF8.decode(BASE64URL.decode(split[1])));
|
||||||
|
} else
|
||||||
|
return reject();
|
||||||
}
|
}
|
||||||
15
lib/strategies/token.dart
Normal file
15
lib/strategies/token.dart
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
part of angel_auth;
|
||||||
|
|
||||||
|
class JwtAuthStrategy extends AuthStrategy {
|
||||||
|
|
||||||
|
@override
|
||||||
|
Future authenticate(RequestContext req, ResponseContext res,
|
||||||
|
[AngelAuthOptions options]) {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@override
|
||||||
|
Future<bool> canLogout(RequestContext req, ResponseContext res) {
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -4,8 +4,8 @@ version: 1.0.0-dev+5
|
||||||
author: Tobe O <thosakwe@gmail.com>
|
author: Tobe O <thosakwe@gmail.com>
|
||||||
homepage: https://github.com/angel-dart/angel_auth
|
homepage: https://github.com/angel-dart/angel_auth
|
||||||
dependencies:
|
dependencies:
|
||||||
angel_framework: ">=0.0.0-dev < 0.1.0"
|
angel_framework: ">=1.0.0-dev <2.0.0"
|
||||||
crypto: ">= 1.1.1 < 2.0.0"
|
crypto: ">=2.0.0 <3.0.0"
|
||||||
oauth2: ">= 1.0.2 < 2.0.0"
|
oauth2: ">= 1.0.2 < 2.0.0"
|
||||||
dev_dependencies:
|
dev_dependencies:
|
||||||
http: ">= 0.11.3 < 0.12.0"
|
http: ">= 0.11.3 < 0.12.0"
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue