TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-04 08:54:36 +03:00
Code Issues Projects Releases Wiki Activity

Renamed authenticateAdminApiKey to authenticate for admin api key auth

Browse Source 
refs #9865

- the outer authentication layer wants a consistent interface of each authentication package
  - admin.authenticate
  - session.authenticate

- furthermore, there is no need to put the full feature into the exposed function name
This commit is contained in:
kirrg001 2019-01-18 17:30:07 +01:00
parent 462865981e
commit 1b5b95e198
2 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/server/services/auth/api-key/admin.js
View File

@ -18,8 +18,6 @@ const _extractTokenFromHeader = function extractTokenFromHeader(header) {
if (/^Ghost$/i.test(scheme)) { if (/^Ghost$/i.test(scheme)) {
return token; return token;
} }
return;
}; };
/** /**
@ -36,7 +34,7 @@ const _extractTokenFromHeader = function extractTokenFromHeader(header) {
* - the "Audience" claim should match the requested API path * - the "Audience" claim should match the requested API path
* https://tools.ietf.org/html/rfc7519#section-4.1.3 * https://tools.ietf.org/html/rfc7519#section-4.1.3
*/ */
const authenticateAdminApiKey = function authenticateAdminApiKey(req, res, next) { const authenticate = (req, res, next) => {
// we don't have an Authorization header so allow fallthrough to other // we don't have an Authorization header so allow fallthrough to other
// auth middleware or final "ensure authenticated" check // auth middleware or final "ensure authenticated" check
if (!req.headers || !req.headers.authorization) { if (!req.headers || !req.headers.authorization) {
@ -109,5 +107,5 @@ const authenticateAdminApiKey = function authenticateAdminApiKey(req, res, next)
}; };
module.exports = { module.exports = {
authenticateAdminApiKey authenticate
}; };

16
core/test/unit/services/auth/api-key/admin_spec.js
View File

@ -2,7 +2,7 @@ const jwt = require('jsonwebtoken');
const should = require('should'); const should = require('should');
const sinon = require('sinon'); const sinon = require('sinon');
const Promise = require('bluebird'); const Promise = require('bluebird');
const {authenticateAdminApiKey} = require('../../../../../server/services/auth/api-key/admin'); const apiKeyAuth = require('../../../../../server/services/auth/api-key');
const common = require('../../../../../server/lib/common'); const common = require('../../../../../server/lib/common');
const models = require('../../../../../server/models'); const models = require('../../../../../server/models');
const testUtils = require('../../../../utils'); const testUtils = require('../../../../utils');
@ -52,7 +52,7 @@ describe('Admin API Key Auth', function () {
}; };
const res = {}; const res = {};
authenticateAdminApiKey(req, res, (err) => { apiKeyAuth.admin.authenticate(req, res, (err) => {
should.not.exist(err); should.not.exist(err);
req.api_key.should.eql(this.fakeApiKey); req.api_key.should.eql(this.fakeApiKey);
done(); done();
@ -68,7 +68,7 @@ describe('Admin API Key Auth', function () {
}; };
const res = {}; const res = {};
authenticateAdminApiKey(req, res, function next(err) { apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err); should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true); should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('INVALID_AUTH_HEADER'); err.code.should.eql('INVALID_AUTH_HEADER');
@ -86,7 +86,7 @@ describe('Admin API Key Auth', function () {
}; };
const res = {}; const res = {};
authenticateAdminApiKey(req, res, function next(err) { apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err); should.exist(err);
should.equal(err instanceof common.errors.BadRequestError, true); should.equal(err instanceof common.errors.BadRequestError, true);
err.code.should.eql('INVALID_JWT'); err.code.should.eql('INVALID_JWT');
@ -112,7 +112,7 @@ describe('Admin API Key Auth', function () {
}; };
const res = {}; const res = {};
authenticateAdminApiKey(req, res, function next(err) { apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err); should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true); should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('UNKNOWN_ADMIN_API_KEY'); err.code.should.eql('UNKNOWN_ADMIN_API_KEY');
@ -141,7 +141,7 @@ describe('Admin API Key Auth', function () {
}; };
const res = {}; const res = {};
authenticateAdminApiKey(req, res, function next(err) { apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err); should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true); should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('INVALID_JWT'); err.code.should.eql('INVALID_JWT');
@ -171,7 +171,7 @@ describe('Admin API Key Auth', function () {
}; };
const res = {}; const res = {};
authenticateAdminApiKey(req, res, function next(err) { apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err); should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true); should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('INVALID_JWT'); err.code.should.eql('INVALID_JWT');
@ -201,7 +201,7 @@ describe('Admin API Key Auth', function () {
this.fakeApiKey.type = 'content'; this.fakeApiKey.type = 'content';
authenticateAdminApiKey(req, res, function next(err) { apiKeyAuth.admin.authenticate(req, res, function next(err) {
should.exist(err); should.exist(err);
should.equal(err instanceof common.errors.UnauthorizedError, true); should.equal(err instanceof common.errors.UnauthorizedError, true);
err.code.should.eql('INVALID_API_KEY_TYPE'); err.code.should.eql('INVALID_API_KEY_TYPE');