node.js - Explain to Mean.io beginner how Mean.io sample package's authentication works -


i'm learning mean.io this tutorial video, shows example package (created mean package mymodule. described under "packages" on docs). in understanding how given authentication/authorization works.

the default sample package/module has simple user authentication on client side

myapp/packages/mymodule/public/views/index.html contains:

    <li>       <a href="mymodule/example/anyone">server route can access</a>     </li>     <li>       <a href="mymodule/example/auth">server route requires authentication</a>     </li>     <li>       <a href="mymodule/example/admin">server route requires admin user</a>     </li>

on server side,

myapp/packages/mymodule/server/routes/mymodule.js, contains:

// package past automatically first parameter module.exports = function(mymodule, app, auth, database) {    app.get('/mymodule/example/anyone', function(req, res, next) {     res.send('anyone can access this');   });    app.get('/mymodule/example/auth', auth.requireslogin, function(req, res, next) {     res.send('only authenticated users can access this');   });    app.get('/mymodule/example/admin', auth.requiresadmin, function(req, res, next) {     res.send('only users admin role can access this');   });    ... };

the magic of different authentication relies on second argument of app.get() additional authentication callback: none, auth.requireslogin, or auth.requiresadmin.

this authentication magic (also on github):

myapp/packages/access/server/config/authorization.js:

/**  * generic require login routing middleware  */ exports.requireslogin = function(req, res, next) {   if (!req.isauthenticated()) {     return res.send(401, 'user not authorized');   }   next(); };  /**  * generic require admin routing middleware  * basic role checking - future release full permission system  */ exports.requiresadmin = function(req, res, next) {   if (!req.isauthenticated() || !req.user.hasrole('admin')) {     return res.send(401, 'user not authorized');   }   next(); };

question a: why "exports.requireslogin" , "exports.requiresadmin" in authorization.js instead of "somethingelse.requireslogin" , "somethingelse.requiresadmin"? "exports" related myapp/packages/access/server/config/passport.js's exports: module.exports = function(passport) { ...}, github? if so, in circumstances can use "exports"?

since authentication's authorization rules written in package "access" , used in package "mymodule", mean.io packages not independent of each other. access package registered on

myapp/packages/access/app.js, github:

var mean = require('meanio'),   module = mean.module,   passport = require('passport');  var access = new module('access');  access.register(function(database) {    // register auth dependency    var auth = require('./server/config/authorization');   require('./server/config/passport')(passport);    // backwards compatibility   mean.register('auth', function() {     return auth;   });    mean.register('passport', function() {     return passport;   });    access.passport = passport;   access.middleware = auth;    return access; });

question b: mean.io automatically link packages or there code link packages somewhere? linked due part "this backwards compatibility" shown below? if so, can "auth" used? packages myapp/packages/? how in mean.io base app directory myapp/?

var auth = require('./server/config/authorization');  // backwards compatibility   mean.register('auth', function() {     return auth;   });

question c: why "access.passport = passport;", "middleware" "access.middleware = auth;"? what happen if "access.auth = auth"?

regarding question (on use of exports)

in node.js, assigning values exports object makes values available code requires source file.

for example, given file foo.js:

exports.foo = "foo"; exports.bar = "bar";

and file main.js:

var foo = require('foo.js'); console.log('foo=',foo.foo,'; bar=',foo.bar);

running node main.js output foo= foo ; bar= bar.

see, example, node's module documentation or this write-up on require , exports.

regarding question b (on package "linking")

the answer question complement answer question a.

there code "link" packages. require statement.

in app.js source code, first line (reading var mean = require('meanio')) set local variable mean whatever values assigned exports object when meanio.js and/or meanio module loaded.

same passport = require('passport'). in case, local variable passport equal value of exports after index.js in passport module loaded.

regarding question c

i'm not entirely sure asking here, let me take stab @ it.

in case:

1) var mean = require('meanio') in line 1 "imports" meanio module, such local variable mean more or less set equal value of exports in meanio module.

2) module = mean.module in line 2 sets local variable module equal value of mean.module, must have been assigned in meanio module.

3) var access = new module('access') instantiating instance of module class, assigning local variable access.

4) access.passport = passport assigns instance variable named passport within instance of meanio.module named access (to value of passport module required on line #3)

5) access.middleware = auth assigns instance variable named middleward within instance of meanio.module named access (to value returned require('./server/config/authorization') in line 11).

i'm not familiar "meanio" module, based on code looks configuring meanio.module("access") instance (named access) assigning specific "magic" variable names.

in other words, rather access.passport = passport; access.middleware = auth might have access.setpassport(passport); access.setmiddleware(auth) or (rather line 5) var access = new module('access',passport,auth).

that is, author of "meanio" module seems have decided use special variable names configure class rather "setter" methods or parameters passed constructor. assume somewhere in meanio code you'll find reference this.middleware , this.passport, code assuming have "filled in" instance variables happens in last few lines in code sample.

if add access.auth = auth happen access object have new attributed named auth value equal of local variable auth.

if used access.auth instead of access.middleware, assume whatever code in access class using this.middleware fail, since no value ever assigned access.middleware , access.auth not 1 of "magic" variable names meanio looking for.


Comments

Post a Comment

Popular posts from this blog

javascript - Jquery show_hide, what to add in order to make the page scroll to the bottom of the hidden field once button is clicked -

i have button on website when clicked, reveals map. button can seen when page first loads up, when clicked, section holding map slides open , goes out of screen since page loads @ top (normal). want page scroll down bottom of div select when button pushed, if map out of screen. if page scrolled down, , clicks show map button, don't want page jump bottom of map. i tried figure out myself, no luck. seasoned jquery coders able give me guidance? many thanks! map = mapdiv.gmap3("get"); infobox = new infobox({ pixeloffset: new google.maps.size(-220, -310), closeboxurl: '', enableeventpropagation: true }); mapdiv.delegate('.infobox .close','click',function () { infobox.close(); }); jquery(".slidingdiv").hide(); jquery(".show_hide").show(); jquery('.show_hide').click(function(){ lastcenter=map.getcenter(); jquery(".slidingdiv...
Read more

python - Django-cities exits with "killed" -

i trying install django-cities on server 500mb ram. whenever run: manage.py cities the system exits saying killed. trying run: manage.py cities --import=country --force worked, guessing matter of running out of memory. to bypass, tried refer package local copy of cities' data file. still didn't work. any ideas on how can migrate data without having increase memory on server? based on suggestion comments, solved setting temporary swap file. if unfamiliar it, can follow these steps: set swap file touch /var/swap.img chmod 600 /var/swap.img set swap file size cd /var dd if=/dev/zero of=/var/swap.img bs=1024k count=1000 this create 1gb swap file. prepare disk image mkswap /var/swap.img activate swap memory swapon /var/swap.img once done, can turn off swap image: swapoff /var/swap.img more information on virtual memory , swap files can found here: https://www.digitalocean.com/community/tutorials/how-to-configure-virtual-me...
Read more

python - How to get a widget position inside it's layout in Kivy? -

i have gridlayout , added image widgets on after adding of images want draw rectangle in each image using canvas couldn't because don't know exact image widgets positions on gridlayout. code: http://paste.ofcode.org/3bdp9yhjrcrzmsztbu9hqp4 http://paste.ofcode.org/3az3gx4fxzr9dlhe2ami97c in last line of python code : rectangle(pos = (child.x - 2.4, child.y + 467), size = (70, 70)) how draw rectangle in child(my method not good^), also why gridlayout not coming in center after setting it's pos_hint = {"center_x" : .5}? if understand question right, try use such methods to_local() , to_parent() , to_widget() , to_window() . try substract position of gridlayout widgets' positions.
Read more