OpenSourceArk/Ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Renamed authenticateAdminApiKey to authenticate for admin api key auth

Browse Source 
refs #9865

- the outer authentication layer wants a consistent interface of each authentication package
  - admin.authenticate
  - session.authenticate

- furthermore, there is no need to put the full feature into the exposed function name
This commit is contained in:
kirrg001 2019-01-18 17:30:07 +01:00
parent 462865981e
commit 1b5b95e198
2 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/server/services/auth/api-key/admin.js
View File

@ -18,8 +18,6 @@ const _extractTokenFromHeader = function extractTokenFromHeader(header) {
if (/^Ghost$/i.test(scheme)) {
return token;
}
return;
};
/**
@ -36,7 +34,7 @@ const _extractTokenFromHeader = function extractTokenFromHeader(header) {
* - the "Audience" claim should match the requested API path
* https://tools.ietf.org/html/rfc7519#section-4.1.3
*/
const authenticateAdminApiKey = function authenticateAdminApiKey(req, res, next) {
const authenticate = (req, res, next) => {
// we don't have an Authorization header so allow fallthrough to other
// auth middleware or final "ensure authenticated" check
if (!req.headers || !req.headers.authorization) {
@ -109,5 +107,5 @@ const authenticateAdminApiKey = function authenticateAdminApiKey(req, res, next)
};
module.exports = {
authenticateAdminApiKey
authenticate
};

16
core/test/unit/services/auth/api-key/admin_spec.js
View File

@ -2,7 +2,7 @@ const jwt = require('jsonwebtoken');
const should = require('should');
const sinon = require('sinon');
const Promise = require('bluebird');
const {authenticateAdminApiKey} = require('../../../../../server/services/auth/api-key/admin');
const apiKeyAuth = require('../../../../../server/services/auth/api-key');
const common = require('../../../../../server/lib/common');
const models = require('../../../../../server/models');
const testUtils = require('../../../../utils');
@ -52,7 +52,7 @@ describe('Admin API Key Auth', function () {
};
const res = {};
authenticateAdminApiKey(req, res, (err) => {
apiKeyAuth.admin.authenticate(req, res, (err) => {
should.not.exist(err);
req.api_key.should.eql(this.fakeApiKey);
done();
@ -68,7 +68,7 @@ describe('Admin API Key Auth', function () {
};
const res = {};
authenticateAdminApiKey(req, res, function next(err) {
apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('INVALID_AUTH_HEADER');
@ -86,7 +86,7 @@ describe('Admin API Key Auth', function () {
};
const res = {};
authenticateAdminApiKey(req, res, function next(err) {
apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err);
should.equal(err instanceof common.errors.BadRequestError, true);
err.code.should.eql('INVALID_JWT');
@ -112,7 +112,7 @@ describe('Admin API Key Auth', function () {
};
const res = {};
authenticateAdminApiKey(req, res, function next(err) {
apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('UNKNOWN_ADMIN_API_KEY');
@ -141,7 +141,7 @@ describe('Admin API Key Auth', function () {
};
const res = {};
authenticateAdminApiKey(req, res, function next(err) {
apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('INVALID_JWT');
@ -171,7 +171,7 @@ describe('Admin API Key Auth', function () {
};
const res = {};
authenticateAdminApiKey(req, res, function next(err) {
apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('INVALID_JWT');
@ -201,7 +201,7 @@ describe('Admin API Key Auth', function () {
this.fakeApiKey.type = 'content';
authenticateAdminApiKey(req, res, function next(err) {
apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('INVALID_API_KEY_TYPE');