/**
* @file Volt Core Library - auth module
*
* @license
* (c) 2017 NS BASIC Corporation. All rights reserved.
*/
$volt.register('auth', function (core, state) {
'use strict';
/**
* Volt Auth Library
*
* Provides functions for built-in authentication API.
*
* @namespace
* @alias $volt.auth
*/
var ns = {
/**
* Register a new user
*
* @param {string} email - the email to be registered
* @param {string} password - the password of the user
* @param {string} confirmation - the password confirmation
* @param {string} [appId] - defaults to the appId passed on init
* @param {voltCallback} [callback] - upon success the data param will contain an API user object (see the response section of the [API spec](https://docs.voltcloud.io/api/#authentication-register-post)) - if not passed, a promise is returned
*/
register: function (email, password, confirmation, appId, callback) {
if (typeof appId !== 'string') {
callback = appId;
appId = state.appId;
}
return core.api('POST', '/auth/register', null, {
email: email,
password: password,
confirmation: confirmation,
scope: appId
}, callback);
},
/**
* Request a confirmation email to be resent
*
* @param {string} email - the email to be logged in
* @param {string} [appId] - defaults to the appId passed on init
* @param {voltCallback} [callback] - no data is returned on success - if not passed, a promise is returned
*/
resend: function (email, appId, callback) {
if (typeof appId !== 'string') {
callback = appId;
appId = state.appId;
}
return core.api('POST', '/auth/resend', null, {
email: email,
scope: appId
}, callback);
},
/**
* Authenticate a user
*
* The login is managed by the API automatically, there is no need
* to manage the state yourself.
*
* @param {string} email - the email to be logged in
* @param {string} password - the password of the user
* @param {string} [appId] - defaults to the appId passed on init
* @param {voltCallback} [callback] - upon success the data param will contain an OAuth2 [access token](http://tools.ietf.org/html/rfc6749#section-5.1) response - if not passed, a promise is returned
*/
login: function (email, password, appId, callback) {
if (typeof appId !== 'string') {
callback = appId;
appId = state.appId;
}
callback = core.methodAsPromised(callback);
core.api('POST', '/auth/login', null, {
grant_type: 'password',
username: email,
password: password,
scope: appId
}, function (error, data) {
if (!error) {
state.accessToken = data.access_token;
state.userId = data.user_id;
state.save();
}
callback(error, data);
});
return callback.promise;
},
/**
* Request a forgotten password email to be send
*
* @param {string} email - the email to be logged in
* @param {string} [appId] - defaults to the appId passed on init
* @param {voltCallback} [callback] - no data is returned on success - if not passed, a promise is returned
*/
forgot: function (email, appId, callback) {
if (typeof appId !== 'string') {
callback = appId;
appId = state.appId;
}
return core.api('POST', '/auth/forgot', null, {
email: email,
scope: appId
}, callback);
},
/**
* Reset a password
*
* @param {string} token - the reset token
* @param {string} password - the password with which to update the account
* @param {string} confirmation - the password confirmation
* @param {voltCallback} [callback] - no data is returned on success - if not passed, a promise is returned
*/
reset: function (token, password, confirmation, callback) {
return core.api('POST', '/auth/reset', null, {
token: token,
password: password,
confirmation: confirmation
}, callback);
},
/**
* Confirm an account
*
* @param {string} token - the confirmation token
* @param {voltCallback} [callback] - no data is returned on success - if not passed, a promise is returned
*/
confirm: function (token, callback) {
return core.api('POST', '/auth/confirm', null, {
token: token
}, callback);
},
/**
* Log out the currently authenticated user
*
* This simply removes authentication token and associated details
* from volt's current state object.
*/
logout: function () {
state.clear();
},
/**
* Returns true if a user appears to be logged in
*
* This function does not touch the API - it just checks for
* certain properties on the volt state object. The user may not
* actually have a valid session.
*
* @returns {boolean}
*/
isLoggedIn: function () {
return Boolean(state.userId);
},
/**
* Returns true if a user is an admin.
*
* Only needed for the dashboard (so we can avoid exposing state).
* Marked private because end users will never need it.
*
* @private
*
* @returns {boolean}
*/
isAdmin: function () {
return state.admin;
}
};
return ns;
});