szurubooru/public_html/js/Auth.js

var App = App || {};

App.Auth = function(_, jQuery, util, api, appState, promise) {

	var privileges = {
		register: 'register',
		listUsers: 'listUsers',
		viewAllEmailAddresses: 'viewAllEmailAddresses',
		changeAccessRank: 'changeAccessRank',
		changeOwnAvatarStyle: 'changeOwnAvatarStyle',
		changeOwnEmailAddress: 'changeOwnEmailAddress',
		changeOwnName: 'changeOwnName',
		changeOwnPassword: 'changeOwnPassword',
		changeAllAvatarStyles: 'changeAllAvatarStyles',
		changeAllEmailAddresses: 'changeAllEmailAddresses',
		changeAllNames: 'changeAllNames',
		changeAllPasswords: 'changeAllPasswords',
		deleteOwnAccount: 'deleteOwnAccount',
		deleteAllAccounts: 'deleteAllAccounts',

		listSafePosts: 'listSafePosts',
		listSketchyPosts: 'listSketchyPosts',
		listUnsafePosts: 'listUnsafePosts',
		uploadPosts: 'uploadPosts',

		listTags: 'listTags',
	};

	function loginFromCredentials(userNameOrEmail, password, remember) {
		return promise.make(function(resolve, reject) {
			promise.wait(api.post('/login', {userNameOrEmail: userNameOrEmail, password: password}))
				.then(function(response) {
					updateAppState(response);
					jQuery.cookie(
						'auth',
						response.json.token.name,
						remember ? { expires: 365 } : {});
					resolve(response);
				}).fail(function(response) {
					reject(response);
				});
		});
	}

	function loginFromToken(token) {
		return promise.make(function(resolve, reject) {
			promise.wait(api.post('/login', {token: token}))
				.then(function(response) {
					updateAppState(response);
					resolve(response);
				}).fail(function(response) {
					reject(response);
				});
		});
	}

	function loginAnonymous() {
		return promise.make(function(resolve, reject) {
			promise.wait(api.post('/login'))
				.then(function(response) {
					updateAppState(response);
					resolve(response);
				}).fail(function(response) {
					reject(response);
				});
		});
	}

	function logout() {
		return promise.make(function(resolve, reject) {
			jQuery.removeCookie('auth');
			appState.set('loginToken', null);
			return loginAnonymous().then(resolve).fail(reject);
		});
	}

	function tryLoginFromCookie() {
		return promise.make(function(resolve, reject) {
			if (isLoggedIn()) {
				resolve();
				return;
			}

			var authCookie = jQuery.cookie('auth');
			if (!authCookie) {
				reject();
				return;
			}

			promise.wait(loginFromToken(authCookie))
				.then(function(response) {
					resolve();
				}).fail(function(response) {
					jQuery.removeCookie('auth');
					reject();
				});
		});
	}

	function updateAppState(response) {
		appState.set('privileges', response.json.privileges || []);
		appState.set('loginToken', response.json.token && response.json.token.name);
		appState.set('loggedIn', response.json.user && !!response.json.user.id);
		appState.set('loggedInUser', response.json.user);
	}

	function isLoggedIn(userName) {
		if (!appState.get('loggedIn')) {
			return false;
		}
		if (typeof(userName) !== 'undefined') {
			if (getCurrentUser().name !== userName) {
				return false;
			}
		}
		return true;
	}

	function getCurrentUser() {
		return appState.get('loggedInUser');
	}

	function getCurrentPrivileges() {
		return appState.get('privileges');
	}

	function updateCurrentUser(user) {
		if (user.id !== getCurrentUser().id) {
			throw new Error('Cannot set current user to other user this way.');
		}
		appState.set('loggedInUser', user);
	}

	function hasPrivilege(privilege) {
		return _.contains(getCurrentPrivileges(), privilege);
	}

	function startObservingLoginChanges(listenerName, callback) {
		appState.startObserving('loggedInUser', listenerName, callback);
	}

	return {
		loginFromCredentials: loginFromCredentials,
		loginFromToken: loginFromToken,
		loginAnonymous: loginAnonymous,
		tryLoginFromCookie: tryLoginFromCookie,
		logout: logout,

		startObservingLoginChanges: startObservingLoginChanges,
		isLoggedIn: isLoggedIn,
		getCurrentUser: getCurrentUser,
		updateCurrentUser: updateCurrentUser,
		getCurrentPrivileges: getCurrentPrivileges,
		hasPrivilege: hasPrivilege,

		privileges: privileges,
	};

};

App.DI.registerSingleton('auth', App.Auth);
Added frontend outline 2014-08-31 23:22:56 +02:00			`var App = App \|\| {};`

Improved Javascript coding style 2014-09-08 22:02:28 +02:00			`App.Auth = function(_, jQuery, util, api, appState, promise) {`
Added frontend outline 2014-08-31 23:22:56 +02:00
Refactored privilege system 2014-09-06 10:00:26 +02:00			`var privileges = {`
			`register: 'register',`
			`listUsers: 'listUsers',`
Added account settings management and avatars 2014-09-07 00:33:46 +02:00			`viewAllEmailAddresses: 'viewAllEmailAddresses',`
			`changeAccessRank: 'changeAccessRank',`
			`changeOwnAvatarStyle: 'changeOwnAvatarStyle',`
			`changeOwnEmailAddress: 'changeOwnEmailAddress',`
			`changeOwnName: 'changeOwnName',`
			`changeOwnPassword: 'changeOwnPassword',`
			`changeAllAvatarStyles: 'changeAllAvatarStyles',`
			`changeAllEmailAddresses: 'changeAllEmailAddresses',`
			`changeAllNames: 'changeAllNames',`
			`changeAllPasswords: 'changeAllPasswords',`
Refactored privilege system 2014-09-06 10:00:26 +02:00			`deleteOwnAccount: 'deleteOwnAccount',`
			`deleteAllAccounts: 'deleteAllAccounts',`
Added presenter placeholders 2014-09-07 19:49:11 +02:00
			`listSafePosts: 'listSafePosts',`
			`listSketchyPosts: 'listSketchyPosts',`
			`listUnsafePosts: 'listUnsafePosts',`
			`uploadPosts: 'uploadPosts',`

			`listTags: 'listTags',`
Refactored privilege system 2014-09-06 10:00:26 +02:00			`};`

Added IValidatable; moved validation to FormData I still struggle to find out how to deal with arguments like $userNameOrEmail. Should I trim() them in controllers, or in service? If I do it in service, shouldn't all of such validation belong in there? 2014-09-09 19:38:16 +02:00			`function loginFromCredentials(userNameOrEmail, password, remember) {`
Fixed promises on Internet Explorer 2014-09-04 18:06:25 +02:00			`return promise.make(function(resolve, reject) {`
Added IValidatable; moved validation to FormData I still struggle to find out how to deal with arguments like $userNameOrEmail. Should I trim() them in controllers, or in service? If I do it in service, shouldn't all of such validation belong in there? 2014-09-09 19:38:16 +02:00			`promise.wait(api.post('/login', {userNameOrEmail: userNameOrEmail, password: password}))`
Added frontend outline 2014-08-31 23:22:56 +02:00			`.then(function(response) {`
Fixed app state authentication variables 2014-09-01 08:07:51 +02:00			`updateAppState(response);`
Added frontend outline 2014-08-31 23:22:56 +02:00			`jQuery.cookie(`
			`'auth',`
			`response.json.token.name,`
			`remember ? { expires: 365 } : {});`
			`resolve(response);`
Fixed promises on Internet Explorer 2014-09-04 18:06:25 +02:00			`}).fail(function(response) {`
Added frontend outline 2014-08-31 23:22:56 +02:00			`reject(response);`
			`});`
			`});`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`}`
Added frontend outline 2014-08-31 23:22:56 +02:00
			`function loginFromToken(token) {`
Fixed promises on Internet Explorer 2014-09-04 18:06:25 +02:00			`return promise.make(function(resolve, reject) {`
			`promise.wait(api.post('/login', {token: token}))`
Added frontend outline 2014-08-31 23:22:56 +02:00			`.then(function(response) {`
Fixed app state authentication variables 2014-09-01 08:07:51 +02:00			`updateAppState(response);`
Added frontend outline 2014-08-31 23:22:56 +02:00			`resolve(response);`
Fixed promises on Internet Explorer 2014-09-04 18:06:25 +02:00			`}).fail(function(response) {`
Added frontend outline 2014-08-31 23:22:56 +02:00			`reject(response);`
			`});`
			`});`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`}`
Added frontend outline 2014-08-31 23:22:56 +02:00
			`function loginAnonymous() {`
Fixed promises on Internet Explorer 2014-09-04 18:06:25 +02:00			`return promise.make(function(resolve, reject) {`
			`promise.wait(api.post('/login'))`
Added frontend outline 2014-08-31 23:22:56 +02:00			`.then(function(response) {`
Fixed app state authentication variables 2014-09-01 08:07:51 +02:00			`updateAppState(response);`
Added frontend outline 2014-08-31 23:22:56 +02:00			`resolve(response);`
Fixed promises on Internet Explorer 2014-09-04 18:06:25 +02:00			`}).fail(function(response) {`
Added frontend outline 2014-08-31 23:22:56 +02:00			`reject(response);`
			`});`
			`});`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`}`
Added frontend outline 2014-08-31 23:22:56 +02:00
			`function logout() {`
Fixed promises on Internet Explorer 2014-09-04 18:06:25 +02:00			`return promise.make(function(resolve, reject) {`
Added frontend outline 2014-08-31 23:22:56 +02:00			`jQuery.removeCookie('auth');`
Fixed logging out 2014-09-07 08:47:06 +02:00			`appState.set('loginToken', null);`
Added basic privilege system 2014-09-04 19:57:06 +02:00			`return loginAnonymous().then(resolve).fail(reject);`
Added frontend outline 2014-08-31 23:22:56 +02:00			`});`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`}`
Added frontend outline 2014-08-31 23:22:56 +02:00
			`function tryLoginFromCookie() {`
Fixed promises on Internet Explorer 2014-09-04 18:06:25 +02:00			`return promise.make(function(resolve, reject) {`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`if (isLoggedIn()) {`
Added frontend outline 2014-08-31 23:22:56 +02:00			`resolve();`
			`return;`
			`}`

			`var authCookie = jQuery.cookie('auth');`
			`if (!authCookie) {`
			`reject();`
			`return;`
			`}`

Fixed promises on Internet Explorer 2014-09-04 18:06:25 +02:00			`promise.wait(loginFromToken(authCookie))`
			`.then(function(response) {`
			`resolve();`
			`}).fail(function(response) {`
			`jQuery.removeCookie('auth');`
			`reject();`
			`});`
Added frontend outline 2014-08-31 23:22:56 +02:00			`});`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`}`
Added frontend outline 2014-08-31 23:22:56 +02:00
Fixed app state authentication variables 2014-09-01 08:07:51 +02:00			`function updateAppState(response) {`
Added basic privilege system 2014-09-04 19:57:06 +02:00			`appState.set('privileges', response.json.privileges \|\| []);`
Fixed app state authentication variables 2014-09-01 08:07:51 +02:00			`appState.set('loginToken', response.json.token && response.json.token.name);`
Added support for parameters in presenters 2014-09-03 09:10:26 +02:00			`appState.set('loggedIn', response.json.user && !!response.json.user.id);`
Fixed frontend behavior after edited user name 2014-09-10 19:19:30 +02:00			`appState.set('loggedInUser', response.json.user);`
Fixed app state authentication variables 2014-09-01 08:07:51 +02:00			`}`

Refactored privilege system 2014-09-06 10:00:26 +02:00			`function isLoggedIn(userName) {`
Improved Javascript coding style 2014-09-08 22:02:28 +02:00			`if (!appState.get('loggedIn')) {`
Refactored privilege system 2014-09-06 10:00:26 +02:00			`return false;`
Improved Javascript coding style 2014-09-08 22:02:28 +02:00			`}`
			`if (typeof(userName) !== 'undefined') {`
			`if (getCurrentUser().name !== userName) {`
Refactored privilege system 2014-09-06 10:00:26 +02:00			`return false;`
Improved Javascript coding style 2014-09-08 22:02:28 +02:00			`}`
Refactored privilege system 2014-09-06 10:00:26 +02:00			`}`
			`return true;`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`}`

			`function getCurrentUser() {`
			`return appState.get('loggedInUser');`
			`}`

			`function getCurrentPrivileges() {`
			`return appState.get('privileges');`
			`}`

Fixed frontend behavior after edited user name 2014-09-10 19:19:30 +02:00			`function updateCurrentUser(user) {`
			`if (user.id !== getCurrentUser().id) {`
			`throw new Error('Cannot set current user to other user this way.');`
			`}`
			`appState.set('loggedInUser', user);`
			`}`

Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`function hasPrivilege(privilege) {`
			`return _.contains(getCurrentPrivileges(), privilege);`
			`}`

			`function startObservingLoginChanges(listenerName, callback) {`
Fixed frontend behavior after edited user name 2014-09-10 19:19:30 +02:00			`appState.startObserving('loggedInUser', listenerName, callback);`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`}`

Added frontend outline 2014-08-31 23:22:56 +02:00			`return {`
			`loginFromCredentials: loginFromCredentials,`
			`loginFromToken: loginFromToken,`
			`loginAnonymous: loginAnonymous,`
			`tryLoginFromCookie: tryLoginFromCookie,`
			`logout: logout,`
Refactored privilege system 2014-09-06 10:00:26 +02:00
			`startObservingLoginChanges: startObservingLoginChanges,`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`isLoggedIn: isLoggedIn,`
			`getCurrentUser: getCurrentUser,`
Fixed frontend behavior after edited user name 2014-09-10 19:19:30 +02:00			`updateCurrentUser: updateCurrentUser,`
Refactored frontend authentication system 2014-09-05 13:50:19 +02:00			`getCurrentPrivileges: getCurrentPrivileges,`
			`hasPrivilege: hasPrivilege,`
Refactored privilege system 2014-09-06 10:00:26 +02:00
			`privileges: privileges,`
Added frontend outline 2014-08-31 23:22:56 +02:00			`};`

			`};`

			`App.DI.registerSingleton('auth', App.Auth);`