-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathkey.js
53 lines (45 loc) · 1.58 KB
/
key.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
'use strict';
const passport = require('passport'),
APIKeyStrategy = require('passport-http-header-token').Strategy,
{ getAuthUrl, getPathOrBase, generateStrategyName } = require('../utils');
/**
* api key callback, checks to see if api key provided matches env variable
* @param {string} apikey
* @param {function} done
*/
function apiCallback(apikey, done) {
if (apikey === process.env.CLAY_ACCESS_KEY) {
// If we're using an API Key then we're assuming the user is
// has admin privileges by defining the auth level in the next line
done(null, { provider: 'apikey', auth: 'admin' });
} else {
done(null, false, { message: 'Unknown apikey: ' + apikey });
}
}
/**
* api key strategy
* matches against the CLAY_ACCESS_KEY env variable
* @param {object} site
*/
function createAPIKeyStrategy() {
passport.use('apikey', new APIKeyStrategy({}, apiCallback));
}
/**
* add authorization routes to the router
* @param {express.Router} router
* @param {object} site
* @param {object} provider
*/
function addAuthRoutes(router, site, provider) {
const strategy = generateStrategyName(provider, site);
router.get(`/_auth/${provider}`, passport.authenticate(strategy));
router.get(`/_auth/${provider}/callback`, passport.authenticate(strategy, {
failureRedirect: `${getAuthUrl(site)}/login`,
failureFlash: true,
successReturnToOrRedirect: getPathOrBase(site)
})); // redirect to previous page or site root
}
module.exports = createAPIKeyStrategy;
module.exports.addAuthRoutes = addAuthRoutes;
// For testing purposes
module.exports.apiCallback = apiCallback;