Refactored frontend authentication system

2014-09-05 13:50:19 +02:00 · 2014-09-05 13:50:19 +02:00 · eadd649ad0
commit eadd649ad0
parent 7a8badd2ed
6 changed files with 46 additions and 17 deletions
--- a/public_html/js/Auth.js
+++ b/public_html/js/Auth.js
@ -16,7 +16,7 @@ App.Auth = function(jQuery, util, api, appState, promise) {
 					reject(response);
 				});
 		});
-	};
+	}

 	function loginFromToken(token) {
 		return promise.make(function(resolve, reject) {
@ -28,7 +28,7 @@ App.Auth = function(jQuery, util, api, appState, promise) {
 					reject(response);
 				});
 		});
-	};
+	}

 	function loginAnonymous() {
 		return promise.make(function(resolve, reject) {
@ -40,18 +40,18 @@ App.Auth = function(jQuery, util, api, appState, promise) {
 					reject(response);
 				});
 		});
-	};
+	}

 	function logout() {
 		return promise.make(function(resolve, reject) {
 			jQuery.removeCookie('auth');
 			return loginAnonymous().then(resolve).fail(reject);
 		});
-	};
+	}

 	function tryLoginFromCookie() {
 		return promise.make(function(resolve, reject) {
-			if (appState.get('loggedIn')) {
+			if (isLoggedIn()) {
 				resolve();
 				return;
 			}
@ -70,7 +70,7 @@ App.Auth = function(jQuery, util, api, appState, promise) {
 					reject();
 				});
 		});
-	};
+	}

 	function updateAppState(response) {
 		appState.set('privileges', response.json.privileges || []);
@ -79,12 +79,37 @@ App.Auth = function(jQuery, util, api, appState, promise) {
 		appState.set('loggedIn', response.json.user && !!response.json.user.id);
 	}

+	function isLoggedIn() {
+		return appState.get('loggedIn');
+	}
+
+	function getCurrentUser() {
+		return appState.get('loggedInUser');
+	}
+
+	function getCurrentPrivileges() {
+		return appState.get('privileges');
+	}
+
+	function hasPrivilege(privilege) {
+		return _.contains(getCurrentPrivileges(), privilege);
+	}
+
+	function startObservingLoginChanges(listenerName, callback) {
+		appState.startObserving('loggedIn', listenerName, callback);
+	}
+
 	return {
 		loginFromCredentials: loginFromCredentials,
 		loginFromToken: loginFromToken,
 		loginAnonymous: loginAnonymous,
 		tryLoginFromCookie: tryLoginFromCookie,
 		logout: logout,
+		isLoggedIn: isLoggedIn,
+		getCurrentUser: getCurrentUser,
+		getCurrentPrivileges: getCurrentPrivileges,
+		hasPrivilege: hasPrivilege,
+		startObservingLoginChanges: startObservingLoginChanges,
 	};

 };
--- a/public_html/js/Presenters/LoginPresenter.js
+++ b/public_html/js/Presenters/LoginPresenter.js
@ -7,7 +7,6 @@ App.Presenters.LoginPresenter = function(
 	promise,
 	router,
 	auth,
-	appState,
 	topNavigationPresenter,
 	messagePresenter) {

@ -19,7 +18,7 @@ App.Presenters.LoginPresenter = function(
 		topNavigationPresenter.select('login');
 		promise.wait(util.promiseTemplate('login-form')).then(function(html) {
 			template = _.template(html);
-			if (appState.get('loggedIn'))
+			if (auth.isLoggedIn())
 				router.navigateToMainPage();
 			else
 				render();
--- a/public_html/js/Presenters/TopNavigationPresenter.js
+++ b/public_html/js/Presenters/TopNavigationPresenter.js
@ -5,7 +5,7 @@ App.Presenters.TopNavigationPresenter = function(
 	jQuery,
 	util,
 	promise,
-	appState) {
+	auth) {

 	var selectedElement = null;
 	var $el = jQuery('#top-navigation');
@ -15,7 +15,7 @@ App.Presenters.TopNavigationPresenter = function(
 		promise.wait(util.promiseTemplate('top-navigation')).then(function(html) {
 			template = _.template(html);
 			render();
-			appState.startObserving('loggedIn', 'top-navigation', loginStateChanged);
+			auth.startObservingLoginChanges('top-navigation', loginStateChanged);
 		});
 	}

@ -31,9 +31,9 @@ App.Presenters.TopNavigationPresenter = function(

 	function render() {
 		$el.html(template({
-			loggedIn: appState.get('loggedIn'),
-			user: appState.get('loggedInUser'),
-			privileges: appState.get('privileges'),
+			loggedIn: auth.isLoggedIn(),
+			user: auth.getCurrentUser(),
+			canListUsers: auth.hasPrivilege('listUsers')
 		}));
 		$el.find('li.' + selectedElement).addClass('active');
 	};
--- a/public_html/js/Presenters/UserPresenter.js
+++ b/public_html/js/Presenters/UserPresenter.js
@ -6,7 +6,7 @@ App.Presenters.UserPresenter = function(
 	util,
 	promise,
 	api,
-	appState,
+	auth,
 	topNavigationPresenter,
 	messagePresenter) {

@ -20,7 +20,7 @@ App.Presenters.UserPresenter = function(

 	function init(args) {
 		userName = args.userName;
-		topNavigationPresenter.select(appState.get('loggedIn') && appState.get('loggedInUser').name == userName ? 'my-account' : 'users');
+		topNavigationPresenter.select(auth.isLoggedIn() && auth.getCurrentUser().name == userName ? 'my-account' : 'users');

 		promise.waitAll(
 			util.promiseTemplate('user'),
--- a/public_html/templates/top-navigation.tpl
+++ b/public_html/templates/top-navigation.tpl
@ -1,6 +1,6 @@
 <ul>
 	<!-- todo: check privileges -->
-	<% if (_.contains(privileges, 'listUsers')) { %>
+	<% if (canListUsers) { %>
 		<li class="users">
 			<a href="#/users">Users</a>
 		</li>
--- a/src/Services/AuthService.php
+++ b/src/Services/AuthService.php
@ -123,9 +123,14 @@ class AuthService
 		return array_filter(preg_split('/[;,\s]+/', $this->config->security->privileges[$keyName]));
 	}

+	public function hasPrivilege($privilege)
+	{
+		return in_array($privilege, $this->getCurrentPrivileges());
+	}
+
 	public function assertPrivilege($privilege)
 	{
-		if (!in_array($privilege, $this->getCurrentPrivileges()))
+		if (!$this->hasPrivilege($privilege))
 			throw new \DomainException('Unprivileged operation');
 	}