OpenVeo Core server

API Docs for: 7.0.0
Show:

authenticationController

Extends Controller
Defined in: app/server/controllers/AuthenticationController.js:92
Module: core-controllers

Summary

Defines a controller to handlerequests relative to back end authentication.

Constructor

authenticationController

Defined in app/server/controllers/AuthenticationController.js:92

Syntax

authenticationController

()

Summary

Methods

authenticateExternalAction

Defined in app/server/controllers/AuthenticationController.js:164

Syntax

authenticateExternalAction

(
  • request
  • response
  • next
)
static async

Summary

Handles user authentication using external providers (which require a redirection on third party site).

Parameters:

  • request Request

    ExpressJS HTTP Request

    • params Object

      Request's parameters

      • type String
        The authentication provider to use
  • response Response

    ExpressJS HTTP Response

  • next Function

    Function to defer execution to the next registered middleware

authenticateInternalAction

Defined in app/server/controllers/AuthenticationController.js:106

Syntax

authenticateInternalAction

(
  • request
  • response
  • next
)
static async

Summary

Handles user authentication using internal providers (which do not require a redirection to a third party site).

Parameters:

  • request Request

    ExpressJS HTTP Request

  • response Response

    ExpressJS HTTP Response

  • next Function

    Function to defer execution to the next registered middleware

getPermissionByUrl

Defined in app/server/controllers/AuthenticationController.js:15

Syntax

getPermissionByUrl

(
  • permissions
  • url
  • httpMethod
)
String private static

Summary

Retrieves, recursively, the permission corresponding to the couple url / http method.

Parameters:

  • permissions Array

    The list of permissions

  • url String

    An url

  • httpMethod String

    The http method (POST, GET, PUT, DELETE)

Returns:

String:

The permission id if found, null otherwise

Example:

var permissions = [
  {
    label: 'Permissions group',
    permissions: [
      {
        id: 'perm-1',
        name: 'Name of the permission',
        description: 'Description of the permission',
        paths: [ 'get /publishVideo' ]
      }
    ]
  }
];
getPermissionByUrl(permissions, '/publishVideo', 'GET'); // "perm-1"
getPermissionByUrl(permissions, '/video', 'GET'); // null

getPermissionsAction

Defined in app/server/controllers/AuthenticationController.js:297

Syntax

getPermissionsAction

(
  • request
  • response
  • next
)

Summary

Gets the tree of groups / permissions and return it as a JSON object.

Parameters:

  • request Request

    ExpressJS HTTP Request

  • response Response

    ExpressJS HTTP Response

  • next Function

    Function to defer execution to the next registered middleware

isUserProfileUrl

Defined in app/server/controllers/AuthenticationController.js:72

Syntax

isUserProfileUrl

(
  • request
)
Boolean private

Summary

Checks if asked page is the user profile.

All users must have access to its profile.

Parameters:

  • request Object

    The express request object handled by the server

    • user Object

      The connected user

      • id String
        The connected user id
      • locked Boolean
        true if user is locked, false otherwise
    • method String

      Request's HTTP method

    • path String

      Request's path

Returns:

Boolean:

true if the page is the user profile page, false otherwise

logoutAction

Defined in app/server/controllers/AuthenticationController.js:212

Syntax

logoutAction

(
  • request
  • response
  • next
)

Summary

Logs out user.

An HTTP code 200 is returned to the client with no content.

Parameters:

  • request Request

    ExpressJS HTTP Request

  • response Response

    ExpressJS HTTP Response

  • next Function

    Function to defer execution to the next registered middleware

restrictAction

Defined in app/server/controllers/AuthenticationController.js:247

Syntax

restrictAction

(
  • request
  • response
  • next
)

Summary

Checks if current request is authenticated.

If not send back an HTTP code 401 with appropriate page. It just get to the next route action if permission is granted.

Parameters:

  • request Request

    ExpressJS HTTP Request

    • url String

      Request's url

    • method String

      Request's method

    • user Object

      The connected user

      • id String
        The connected user id
      • permissions Array
        The connected user permissions
  • response Response

    ExpressJS HTTP Response

  • next Function

    Function to defer execution to the next registered middleware