Module: /user/fromACL

fromACL

This module exports the fromACL method to request and validate a user from the ACL.

Source: mod/user/fromACL.js, line 1

Requires

Methods

(async, inner) failedLogin(request) → {Promise.<Error>}

Handles a failed login attempts.

Increases a counter of failed attempts in the user ACL record.

The user account will be locked if the failed attempts exceed the maxFailed attempts from process.env.FAILED_ATTEMPTS. maxFailed attempts defaults to 3.

Verification will be removed and a verification token will stored in the ACL if a user account is getting locked.

An email with the verification token is sent to the user notifying that the account has been locked and asking to renew verification.

It is recommended to reset the password for the account if this happens.

Parameters:

Name Type Description

request

Object

The request object.

Properties

Name	Type	Description
`email`	string	The email address of the user.
`language`	string	The language for the user.
`host`	string	The host for the account verification email.
`remote_address`	string	The IP address of the client.

Source: mod/user/fromACL.js, line 255

Returns:

A Promise that resolves with an Error.

Type:: Promise.<Error>

(async, inner) fromACL(req) → {Promise.<(Object|Error)>}

Creates a request object for the getUser(request) method argument. The request.email and request.password are taken from the req.body or authorization header.

Parameters:

Name Type Description

req

Object

The request object.

Properties

Name Type Attributes Description

body.email

string

The email address of the user.

body.password

string

The password of the user.

params.language

string

The language for the user.

headers

Object

The request headers.

Properties

Name	Type	Attributes	Description
`authorization`	string	<optional>	The authorization header containing the email and password.

Source: mod/user/fromACL.js, line 28

Returns:

Validated user object or an Error if authentication fails.

Type:: Promise.<(Object|Error)>

(inner) getUser(request) → {Promise.<(Object|Error)>}

Retrieves the user from the ACL and updates the access_log property.

Will call userExpiry method to check whether user approval has expired.

Will check whether the request.password matches stored user password.

Will call failedLogin method if user object can not be validated.

Returns a validated user object or Error.

Parameters:

Name Type Description

request

Object

The request object.

Properties

Name	Type	Description
`email`	string	The email address of the user.
`date`	Date	The current date and time.
`remote_address`	string	The IP address of the client.
`language`	string	The language for the user.
`host`	string	The host for the account verification email.

Source: mod/user/fromACL.js, line 96

Returns:

A Promise that resolves with the user object, an Error, or null if the user is not found.

Type:: Promise.<(Object|Error)>

(async, inner) userExpiry(user, request) → {Promise.<boolean>}

Checks whether an user approval has expired if enabled with process.env.APPROVAL_EXPIRY.

A user account will expire if the user object has an expires_on integer data which is smaller than the current Date.

The approval will be removed from the user record in the ACL.

Admin user accounts do not expire.

Parameters:

Name Type Description

user

Object

The user object.

request

Object

The request object.

Properties

Name	Type	Description
`email`	string	The email address of the user.
`language`	string	The language for the user.

Source: mod/user/fromACL.js, line 209

Returns:

A Promise that resolves with a boolean indicating if the user account has expired.

Type:: Promise.<boolean>