45 строки
1.3 KiB
JavaScript
45 строки
1.3 KiB
JavaScript
var Hapi = require('hapi');
|
|
var verify = require('picl-server/lib/verify.js');
|
|
var config = require('./config.js');
|
|
var users = require('./users.js');
|
|
|
|
// fake auth just returns the email address
|
|
exports.email = function(email, next) {
|
|
next(email);
|
|
};
|
|
|
|
// verify an assertion and return the email address
|
|
exports.verify = function(assertion, email, next) {
|
|
if (email && config.get('enable_email_auth')) {
|
|
next(email);
|
|
} else {
|
|
verify(assertion, config.get('audience'), config.get('verifier_url'),
|
|
function(err, result) {
|
|
// In Hapi, the convention is to return a single result
|
|
// that may be a Hapi.Error or a valid result, instead
|
|
// of returning a separate error parameter ala node.js
|
|
if (err) next(Hapi.Error.badRequest(err));
|
|
else next(result.email || result['unverified-email']);
|
|
}, true);
|
|
}
|
|
};
|
|
|
|
// retrieve the userId associated with an email address
|
|
// TODO add heavy cacheing of this. Changing email should be rare.
|
|
exports.userId = function(email, next) {
|
|
if (!email) next(Hapi.Error.badRequest('MissingEmail'));
|
|
users.getId(email, function(err, userId) {
|
|
if (err) next(err);
|
|
else next(userId);
|
|
});
|
|
};
|
|
|
|
// retrieve the meta data for a user
|
|
exports.user = function(userId, next) {
|
|
users.getUser(userId, function(err, user) {
|
|
if (err) next(err);
|
|
else next(user);
|
|
});
|
|
};
|
|
|