How to use the restify.NotAuthorizedError function in restify
To help you get started, we’ve selected a few restify examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
pcimino / nodejs-restify-mongodb / config / routes-auth.js View on Github 
User.findOne(queryObj, function (err, user) {
if (err) {
res.send(err);
return next();
} else if (!user) {
return next(new restify.NotAuthorizedError("Invalid username."));
} else if (user.authenticate(req.params.password)) {
if (!user.emailValidatedFlag && !user.newEmail) {
// user account has never been validated
return next(new restify.NotAuthorizedError("Email address must be validated to activate your account."));
} else {
gUser = user;
return next();
}
} else {
return next(new restify.NotAuthorizedError("Invalid password."));
}
});
} else {if (err.message) {
errObj = err.message;
} else {
errObj = err.err;
}
return next(new restify.InternalError(errObj));
} else {
// clean up all verification codes
VerifyCode.remove({userObjectId: user._id}, function(err){});
res.send(successMsg);
return next();
}
});
} else {
return next(new restify.NotAuthorizedError(VERIFY_FAIL));
}
});
}User.findOne(queryObj, function (err, user) {
if (err) {
res.send(err);
return next();
} else if (!user) {
return next(new restify.NotAuthorizedError("Invalid username."));
} else {
user.password = newPass;
user.tempPasswordFlag = true;
user.save(function (err, user) {
if (!err) {
// send the new password
var refer = req.toString().substring(req.toString().indexOf('referer:')+8).trim();
var protocol = refer.substring(0, refer.indexOf('//') + 2);
var referHost = refer.substring(refer.indexOf('//') + 2);
referHost = referHost.substring(0, referHost.indexOf('/'));
var fullURL = protocol + referHost;
var messageBody = "Hello " + user.name + ",<br><p>Here is your new password. Please login and change it.</p><p>" + newPass + "</p>";
messageBody = messageBody + "<a href="" + fullURL + "">Login to your account</a>";
var mailAddress = user.email;const preRequest = function preRequest (request, response, next) {
response.charSet('utf-8');
request.log.info({ req: request }, 'REQUEST');
if (process.env.ENV === 'prod'
&& (!request.headers['x-forwarded-proto'] || request.headers['x-forwarded-proto'] !== 'https')) {
if (request.method !== 'POST' || !validUnsecuredPathRegex.test(request.url)) {
return next(new restify.NotAuthorizedError('Access through http is not allowed'));
}
}
return next();
};function handleUnauthorisedAccessError (req,res,next) {
next(new restify.NotAuthorizedError("Not authorised to access this resource."));
}.then(function (user) {
if (! user) {
next(new restify.NotAuthorizedError('email not found'));
}
if (user.isHashPasswordEqualsTo(password)) {
req.user = {
id: user.id,
email: user.email
};
next();
}
else {
next(new restify.NotAuthorizedError('wrong password'));
}
})
.catch(function (err) {Auth.requireAuth = function requireAuth(req, res, next) {
if (typeof (req.headers[AUTH_TOKEN_HEADER]) === 'undefined') {
return next(new restify.NotAuthorizedError(
util.format('%s not present', AUTH_TOKEN_HEADER)));
}
if (!req.sessions) {
return next(new restify.ServiceUnavailableError('service unavailable (moray)'));
}
var token = req.headers[AUTH_TOKEN_HEADER];
req.sessions.get(token, function (err, data) {
if (err) {
err.message = err.message || '';
return next(new restify.NotAuthorizedError(err.message));
}
if (data === null) {req.sessions.get(token, function (err, data) {
if (err) {
err.message = err.message || '';
return next(new restify.NotAuthorizedError(err.message));
}
if (data === null) {
return next(new restify.NotAuthorizedError('Invalid Auth Token'));
}
req.sessions.touch(token);
req.session = {data: data, token: token};
return next();
});req.sessions.get(token, function (err, data) {
if (err) {
err.message = err.message || '';
return next(new restify.NotAuthorizedError(err.message));
}
if (data === null) {
return next(new restify.NotAuthorizedError('Invalid Auth Token'));
}
req.sessions.touch(token);
req.session = {data: data, token: token};
return next();
});.then(function (user) {
if (! user) {
next(new restify.NotAuthorizedError('email not found'));
}
if (user.isHashPasswordEqualsTo(password)) {
req.user = {
id: user.id,
email: user.email
};
next();
}
else {
next(new restify.NotAuthorizedError('wrong password'));
}
})
.catch(function (err) {
Popular restify functions
- restify.acceptParser
- restify.authorizationParser
- restify.bodyParser
- restify.bunyan
- restify.ConflictError
- restify.CORS
- restify.createJsonClient
- restify.createServer
- restify.dateParser
- restify.fullResponse
- restify.gzipResponse
- restify.InternalError
- restify.InvalidArgumentError
- restify.MissingParameterError
- restify.NotAuthorizedError
- restify.plugins
- restify.pre
- restify.queryParser
- restify.requestLogger
- restify.serveStatic