Exemple #1
0
 messages.forEach(function(message) {
   var validation = validate('message.bedrock-messages', message);
   if(validation.valid) {
     results.validMessages.push(message);
   } else {
     // var validationError = validation.error;
     // validationError.errors = validation.errors;
     var invalidMessage = {
       message: message,
       validationErrors: validation.errors
     };
     results.invalidMessages.push(invalidMessage);
   }
 });
Exemple #2
0
 bedrock.jsonld.frame(req.body, CREDENTIAL_FRAME, (err, framed) => {
   if(err) {
     // if error was a JSON-LD syntax error and the context is an
     // exact match, try to return a more useful validation error
     // instead
     if(err.details && err.details.cause &&
       err.details.cause.name === 'jsonld.SyntaxError' &&
       _compareContext(req.body)) {
       return validate('credential', req.body, function(vErr) {
         if(vErr) {
           return callback(vErr);
         }
         callback(err);
       });
     }
     return callback(err);
   }
   var g = bedrock.jsonld.getValues(framed, '@graph');
   if(g.length === 0) {
     return callback(new BedrockError(
       'Credential not found.',
       'AddCredentialFailed', {
         httpStatusCode: 400,
         'public': true
       }, err));
   }
   if(g.length > 1) {
     return callback(new BedrockError(
       'Multiple credentials found.',
       'AddCredentialFailed', {
         httpStatusCode: 400,
         'public': true
       }, err));
   }
   callback(null, g[0]);
 });
Exemple #3
0
 validated: ['compacted', function(callback, results) {
   validate('credential', results.compacted, callback);
 }],
Exemple #4
0
bedrock.events.on('bedrock-express.configure.routes', function(app) {
  app.post(routes.login,
    validate('services.session.postLogin'),
    function(req, res, next) {
      auth.login(req, res, next, function(err, user, choice) {
        if(err) {
          return next(err);
        }
        var out = {};
        // multiple identities matched credentials
        if(!user) {
          out.email = choice.email;
          out.identities = choice.identities;
        } else {
          out.identity = user.identity;
        }
        res.json(out);
      });
    });
  docs.annotate.post(routes.login, {
    description: 'Perform a login by posting a username and password.',
    schema: 'services.session.postLogin',
    responses: {
      200: 'The login was successful.',
      400: 'The login was unsuccessful.'
    }
  });

  app.post(routes.reset,
    validate('services.session.postPasswordReset'),
    function(req, res, next) {
      // either an identity slug or email address
      var identifier = req.body.sysIdentifier;
      async.waterfall([
        function(callback) {
          auth.resolveIdentityIdentifier(identifier, callback);
        },
        function(identityIds, callback) {
          // try to set password for all identities until one is successful
          var success = 0;
          async.until(function() {return success !== 0;}, function(callback) {
            if(identityIds.length === 0) {
              success = -1;
              return callback();
            }
            var next = identityIds.shift();
            var identity = bedrock.util.clone(req.body);
            identity.id = next;
            auth.setPassword({id: next}, identity, function(err) {
              if(!err) {
                success = 1;
              }
              callback();
            });
          }, function() {
            callback(null, success === 1);
          });
        },
        function(success, callback) {
          if(!success) {
            return callback(new BedrockError(
              'The password reset failed for the given identity.',
              'PasswordResetFailed', {
                sysIdentifier: req.body.sysIdentifier,
                httpStatusCode: 403,
                'public': true}));
          }
          callback();
        }
      ], function(err) {
        if(err) {
          return next(err);
        }
        res.sendStatus(204);
      });
    });
  docs.annotate.post(routes.reset, {
    description: 'Resets a password given an email address and passcode.',
    schema: 'services.session.postPasswordReset',
    responses: {
      204: 'The password reset was successful.',
      403: 'The password reset failed.'
    }
  });

  app.post(routes.passcode,
    validate('services.session.postPasscode'),
    function(req, res, next) {
      var identifier = req.body.sysIdentifier;
      async.waterfall([
        function(callback) {
          auth.resolveIdentityIdentifier(identifier, callback);
        },
        function(identityIds, callback) {
          // identity not found
          if(identityIds.length === 0) {
            return callback(new BedrockError(
              'The given email address is not registered.',
              'NotFound', {
                sysIdentifier: req.body.sysIdentifier,
                httpStatusCode: 404,
                'public': true
              }));
          }
          // look up identities
          var query = {id: {$in: []}};
          identityIds.forEach(function(identityId) {
            query.id.$in.push(database.hash(identityId));
          });
          brIdentity.getAll(
            null, query, {identity: true}, function(err, records) {
              if(err) {
                return callback(err);
              }
              // send passcode for every identity match
              var identities = [];
              records.forEach(function(record) {
                identities.push(record.identity);
              });
              // determine passcode usage based on query param
              var usage = 'reset';
              if(req.query.usage === 'verify') {
                usage = 'verify';
              } else if(req.query.usage === 'reset') {
                usage = 'reset';
              }
              auth.sendPasscodes(identities, usage, callback);
            });
        }
      ], function(err) {
        if(err) {
          return next(err);
        }
        res.sendStatus(204);
      });
    });
  docs.annotate.post(routes.passcode, {
    description: 'Send a password reset passcode to the email associated ' +
      'with the given system identifier.',
    schema: 'services.session.postPasscode',
    responses: {
      204: 'The passcode was successfully transmitted to the registered ' +
        'email address.',
      404: 'The given system identifier does not exist in the system.'
    }
  });
});  // end routes