fromACL
This module exports the fromACL method to request and validate a user from the ACL.
- Source
Requires
- module:/user/acl
- module:/utils/reqHost
- module:/utils/mailer
- module:/utils/languageTemplates
- module:/utils/bcrypt
- module:crypto
Methods
(async, inner) failedLogin(request) → {Promise.<Error>}
Handles a failed login attempts.
Increases a counter of failed attempts in the user ACL record.
The user account will be locked if the failed attempts exceed the maxFailed attempts from process.env.FAILED_ATTEMPTS
. maxFailed attempts defaults to 3.
Verification will be removed and a verification token will stored in the ACL if a user account is getting locked.
An email with the verification token is sent to the user notifying that the account has been locked and asking to renew verification.
It is recommended to reset the password for the account if this happens.
Name | Type | Description | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
request | Object | The request object. Properties
|
- Source
A Promise that resolves with an Error.
- Type:
- Promise.<Error>
(async, inner) fromACL(req) → {Promise.<(Object|Error)>}
Creates a request object for the getUser(request) method argument. The request.email and request.password are taken from the req.body or authorization header.
Name | Type | Description | ||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
req | Object | The request object. Properties
|
- Source
Validated user object or an Error if authentication fails.
- Type:
- Promise.<(Object|Error)>
(inner) getUser(request) → {Promise.<(Object|Error)>}
Retrieves the user from the ACL and updates the access_log property.
Will call userExpiry method to check whether user approval has expired.
Will check whether the request.password matches stored user password.
Will call failedLogin method if user object can not be validated.
Returns a validated user object or Error.
Name | Type | Description | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
request | Object | The request object. Properties
|
- Source
A Promise that resolves with the user object, an Error, or null if the user is not found.
- Type:
- Promise.<(Object|Error)>
(async, inner) userExpiry(user, request) → {Promise.<boolean>}
Checks whether an user approval has expired if enabled with process.env.APPROVAL_EXPIRY
.
A user account will expire if the user object has an expires_on integer data which is smaller than the current Date.
The approval will be removed from the user record in the ACL.
Admin user accounts do not expire.
Name | Type | Description | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
user | Object | The user object. | |||||||||
request | Object | The request object. Properties
|
- Source
A Promise that resolves with a boolean indicating if the user account has expired.
- Type:
- Promise.<boolean>