diff --git a/controllers/registry/user.js b/controllers/registry/user.js index 15a84004e..48b32f71c 100644 --- a/controllers/registry/user.js +++ b/controllers/registry/user.js @@ -47,110 +47,109 @@ exports.show = function *(next) { // type: 'user', // roles: [], // date: '2013-12-04T12:56:13.714Z' } } -exports.add = function (req, res, next) { - var name = req.params.name; - var body = req.body || {}; +exports.add = function *() { + var name = this.params.name; + var body = this.request.body || {}; var user = { name: body.name, salt: body.salt, password_sha: body.password_sha, email: body.email, - ip: req.socket && req.socket.remoteAddress || '0.0.0.0', + ip: this.ip || '0.0.0.0', // roles: body.roles || [], }; + if (!user.name || !user.salt || !user.password_sha || !user.email) { - return res.json(422, { + this.status = 422; + this.body = { error: 'paramError', reason: 'params missing' - }); + }; + return; } debug('add user: %j', user); - var ep = eventproxy.create(); - ep.fail(next); - - User.get(name, ep.doneLater(function (row) { - if (row) { - return res.json(409, { - error: 'conflict', - reason: 'Document update conflict.' - }); - } - User.add(user, ep.done('add')); - })); - - ep.once('add', function (result) { - res.setHeader('etag', '"' + result.rev + '"'); - // location: 'http://registry.npmjs.org/_users/org.couchdb.user:cnpmjstest1', - res.json(201, { - ok: true, - id: 'org.couchdb.user:' + name, - rev: result.rev - }); - }); + + var existUser = yield User.get(name); + if (existUser) { + this.status = 409; + this.body = { + error: 'conflict', + reason: 'Document update conflict.' + }; + return; + } + + var result = yield User.add(user); + this.etag = '"' + result.rev + '"'; + this.status = 201; + this.body = { + ok: true, + id: 'org.couchdb.user:' + name, + rev: result.rev + }; }; -exports.authSession = function (req, res, next) { +exports.authSession = function *() { // body: {"name":"foo","password":"****"} - var body = req.body || {}; + var body = this.request.body || {}; var name = body.name; var password = body.password; - User.auth(name, password, function (err, user) { - debug('authSession %s: %j', name, user); - if (err) { - return next(err); - } - if (!user) { - return res.json(401, {ok: false, name: null, roles: []}); - } - - req.session.name = user.name; - res.json(200, {ok: true, name: user.name, roles: []}); - }); + var user = yield User.auth(name, password); + debug('authSession %s: %j', name, user); + + if (!user) { + this.status = 401; + this.body = {ok: false, name: null, roles: []}; + return; + } + + this.session.name = user.name; + this.body = {ok: true, name: user.name, roles: []}; }; -exports.update = function (req, res, next) { - var name = req.params.name; - var rev = req.params.rev; +exports.update = function *(next) { + var name = this.params.name; + var rev = this.params.rev; if (!name || !rev) { - return next(); + return yield next; } - debug('update: %s, rev: %s, session.name: %s', name, rev, req.session.name); + debug('update: %s, rev: %s, session.name: %s', name, rev, this.session.name); - if (name !== req.session.name) { + if (name !== this.session.name) { // must authSession first - res.statusCode = 401; - return res.json({ + this.status = 401; + this.body = { error: 'unauthorized', reason: 'Name is incorrect.' - }); + }; + return; } - var body = req.body || {}; + var body = this.request.body || {}; var user = { name: body.name, salt: body.salt, password_sha: body.password_sha, email: body.email, - ip: req.socket && req.socket.remoteAddress || '0.0.0.0', + ip: this.ip || '0.0.0.0', rev: body.rev || body._rev, // roles: body.roles || [], }; - User.update(user, function (err, result) { - if (err) { - return next(err); - } - //check rev error - if (!result) { - return res.json(409, { - error: 'conflict', - reason: 'Document update conflict.' - }); - } - res.json(201, { - ok: true, - id: 'org.couchdb.user:' + user.name, - rev: result.rev - }); - }); + var result = yield User.update(user); + if (!result) { + this.status = 409; + this.body = { + error: 'conflict', + reason: 'Document update conflict.' + }; + return; + } + + this.status = 201; + this.body = { + ok: true, + id: 'org.couchdb.user:' + user.name, + rev: result.rev + }; }; diff --git a/middleware/auth.js b/middleware/auth.js index 160e6cdf8..abfc2d7a9 100644 --- a/middleware/auth.js +++ b/middleware/auth.js @@ -20,50 +20,40 @@ var config = require('../config'); var common = require('../lib/common'); module.exports = function (options) { - return function auth(req, res, next) { - if (!req.session) { - // redis crash - req.session = {}; - return next(); - } - req.session.onlySync = config.enablePrivate ? true : false; - if (req.session.name) { - req.session.isAdmin = common.isAdmin(req.session.name); + return function *auth(next) { + this.session.onlySync = config.enablePrivate ? true : false; + if (this.session.name) { + this.session.isAdmin = common.isAdmin(this.session.name); debug('auth exists user: %s, onlySync: %s, isAdmin: %s, headers: %j', - req.session.name, req.session.onlySync, req.session.isAdmin, req.headers); - return next(); + this.session.name, this.session.onlySync, this.session.isAdmin, this.header); + return yield next; } - var authorization = (req.headers.authorization || '').split(' ')[1] || ''; + var authorization = (this.get('authorization') || '').split(' ')[1] || ''; authorization = authorization.trim(); if (!authorization) { - return next(); + return yield next; } authorization = new Buffer(authorization, 'base64').toString().split(':'); if (authorization.length !== 2) { - return next(); + return yield next; } var username = authorization[0]; var password = authorization[1]; - User.auth(username, password, function (err, row) { - if (err) { - return next(err); - } - - if (!row) { - debug('auth fail user: %j, headers: %j', row, req.headers); - req.session.name = null; - req.session.isAdmin = false; - return next(); - } + var user = yield User.auth(username, password); + if (!user) { + debug('auth fail user: %j, headers: %j', user, this.header); + this.session.name = null; + this.session.isAdmin = false; + return yield next; + } - req.session.name = row.name; - req.session.isAdmin = common.isAdmin(req.session.name); - debug('auth pass user: %j, onlySync: %s, isAdmin: %s, headers: %j', - row, req.session.onlySync, req.session.isAdmin, req.headers); - next(); - }); + this.session.name = user.name; + this.session.isAdmin = common.isAdmin(this.session.name); + debug('auth pass user: %j, onlySync: %s, isAdmin: %s, headers: %j', + user, this.session.onlySync, this.session.isAdmin, this.header); + yield next; }; }; diff --git a/middleware/login.js b/middleware/login.js index c8da8fe5c..a66f03a9c 100644 --- a/middleware/login.js +++ b/middleware/login.js @@ -1,4 +1,4 @@ -/*! +/**! * cnpmjs.org - middleware/login.js * * Copyright(c) cnpmjs.org and other contributors. @@ -14,12 +14,15 @@ * Module dependencies. */ -module.exports = function login(req, res, next) { - if (!req.session.name) { - return res.json(401, { +module.exports = function *login(next) { + if (!this.session.name) { + this.status = 401; + this.body = { error: 'unauthorized', reason: 'Login first.' - }); + }; + return; } - next(); + + yield next; }; diff --git a/package.json b/package.json index c4e730205..c942f349a 100644 --- a/package.json +++ b/package.json @@ -11,10 +11,7 @@ }, "config": { "blanket": { - "pattern": "//^((?!(node_modules|test|common)).)*$/", - "data-cover-flags": { - "debug": false - } + "pattern": "//^((?!(node_modules|test|common)).)*$/" }, "travis-cov": { "threshold": 90 @@ -64,7 +61,7 @@ "blanket": "*", "contributors": "*", "coveralls": "*", - "mm": "0.1.8", + "mm": "0.2.0", "mocha": "*", "mocha-lcov-reporter": "*", "pedding": "0.0.3", diff --git a/routes/registry.js b/routes/registry.js index 73cdb2b80..065ecddd4 100644 --- a/routes/registry.js +++ b/routes/registry.js @@ -63,14 +63,13 @@ function routes(app) { // app.put('/:name/-rev/:rev', [login, publishable], mod.removeWithVersions); // app.delete('/:name/-rev/:rev', [login, publishable], mod.removeAll); - // // try to create a new user - // // https://registry.npmjs.org/-/user/org.couchdb.user:fengmk2 + // try to create a new user + // https://registry.npmjs.org/-/user/org.couchdb.user:fengmk2 app.put('/-/user/org.couchdb.user::name', user.add); app.get('/-/user/org.couchdb.user::name', user.show); - // app.put('/-/user/org.couchdb.user::name/-rev/:rev', [login], user.update); - - // // _session - // app.post('/_session', user.authSession); + app.put('/-/user/org.couchdb.user::name/-rev/:rev', login, user.update); + // _session + app.post('/_session', user.authSession); } module.exports = routes; diff --git a/servers/registry.js b/servers/registry.js index 44758a454..a7c460b03 100644 --- a/servers/registry.js +++ b/servers/registry.js @@ -44,7 +44,7 @@ app.use(rewrite('/favicon.ico', '/public/favicon.ico')); app.keys = ['todokey', config.sessionSecret]; app.use(session); app.use(bodyParser()); -// app.use(auth()); +app.use(auth()); /** * Routes