How to use the boom.unauthorized function in boom
To help you get started, we’ve selected a few boom examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
kidtronnix / toothache / index.js View on Github 
update: function(request, reply) {
// console.log(config.update.access)
if(request.auth.isAuthenticated && request.auth.credentials.access !== 'admin' && request.auth.credentials.access !== config.update.access) {
var error = Boom.unauthorized('You do not have update access');
return reply(error);
}
else {
// Resource ID from URL
var resourceId = request.params.id;
var validSchema = config.update.payload;
if(request.method === 'get') {
var payload = request.query;
} else {
var payload = request.payload;
}
Joi.validate(payload, validSchema, config.validationOpts, function (err, value) {
if(err !== null) {}
}
`;
let hasura_data;
try {
hasura_data = await graphql_client.request(query, {
refresh_token
});
} catch (e) {
console.error(e);
return next(Boom.unauthorized("Invalid refresh token request"));
}
if (hasura_data[`${schema_name}refresh_tokens`].length === 0) {
return next(Boom.unauthorized("invalid refresh token"));
}
const user = hasura_data[`${schema_name}refresh_tokens`][0].user;
const user_id = user.id
// delete current refresh token and generate a new, and insert the
// new refresh_token in the database
// two mutations as transaction
query = `
mutation (
$old_refresh_token: uuid!,
$new_refresh_token_data: refresh_tokens_insert_input!
$user_id: Int!
) {
delete_${schema_name}refresh_tokens (
where: {var authenticate = function () {
// Find next strategy
if (strategyPos >= config.strategies.length) {
var err = Boom.unauthorized('Missing authentication', authErrors);
if (config.mode === 'optional' ||
config.mode === 'try') {
request.auth.isAuthenticated = false;
request.auth.credentials = null;
request.auth.error = err;
request._log(['auth', 'unauthenticated']);
return next();
}
return next(err);
}
var name = config.strategies[strategyPos];
++strategyPos;options.nonceFunc(authorization.nonce, authorization.ts, function (err) {
if (err) {
return callback(Boom.unauthorized('Invalid nonce', 'Hawk'), credentials);
}
// Check timestamp staleness
if (Math.abs((authorization.ts * 1000) - now) > (options.timestampSkewSec * 1000)) {
return callback(Boom.unauthorized('Stale timestamp'), credentials);
}
// Successful authentication
return callback(null, credentials);
});
});options.nonceFunc(credentials.key, attributes.nonce, attributes.ts, function (err) {
if (err) {
return callback(Boom.unauthorized('Invalid nonce', 'Hawk'), credentials, artifacts);
}
// Check timestamp staleness
if (Math.abs((attributes.ts * 1000) - now) > (options.timestampSkewSec * 1000)) {
var tsm = Crypto.timestampMessage(credentials, options.localtimeOffsetMsec);
return callback(Boom.unauthorized('Stale timestamp', 'Hawk', tsm), credentials, artifacts);
}
// Successful authentication
return callback(null, credentials, artifacts);
});
});authenticate: function (request, reply) {
// Find the token
var token = (settings.tokenSelector ? settings.tokenSelector : internals.getAuthToken)(request);
if (!token) return reply(Boom.unauthorized('Can\'t authenticate the request'));
// Check if the token is valid
settings.tokenValidator(token, function(err, user) {
if (err) return reply(Boom.internal(err));
if (!user) return reply(Boom.unauthorized("Unknown user"));
// The user is valid, return it
return reply.continue({credentials: user});
});
}
};authenticate(request, reply) {
const {authorization} = request.headers;
if (realm & !authorization) {
reply.setHeader('WWW-Authenticate', `Basic realm="${realm}"`);
return reply.code(402);
}
if (!authorization) {
return reply(Boom.unauthorized(null, 'Basic', unauthorizedAttributes));
}
const [authType, authValue] = authorization.split(/\s+/, 2);
if (authType.toLowerCase() !== 'basic') {
return reply(Boom.unauthorized(null, 'Basic', unauthorizedAttributes));
}
if (!authValue) {
return reply(Boom.badRequest('Bad HTTP authentication header format', 'Basic'));
}
const [username, password] = new Buffer(authValue, 'base64').toString().split(':', 2);
if (!username && !allowEmptyUsername) {
return reply(Boom.unauthorized('HTTP authentication header missing username', 'Basic', unauthorizedAttributes));exports.unauthorized = function (message) {
return Boom.unauthorized(message, 'Hawk');
};function verifyAndDecode(header) {
if (header.startsWith(bearerPrefix)) {
try {
const token = header.substring(bearerPrefix.length);
return jsonwebtoken.verify(token, secret, { algorithms: ['HS256'] });
}
catch (ex) {
throw Boom.unauthorized(STRINGS.invalidJwt);
}
}
throw Boom.unauthorized(STRINGS.invalidAuthHeader);
}}, (error) => {
if (error) {
request.log([ERROR, CONTEXT], error)
return reply(Boom.wrap(error))
}
const req = request.raw.req
if (!req.socket.authorized) {
request.log([WARN, CONTEXT], `Socket was not authorised - ${req.socket.authorizationError}`)
return reply(Boom.unauthorized('Socket was not authorised', 'certificate'))
}
const clientCertificate = req.connection.getPeerCertificate()
if (!clientCertificate) {
request.log([WARN, CONTEXT], 'No certificate found')
return reply(Boom.unauthorized('No certificate found', 'certificate'))
}
if (!clientCertificate.fingerprint) {
request.log([WARN, CONTEXT], 'No certificate fingerprint found')
return reply(Boom.unauthorized('No certificate fingerprint found', 'certificate'))
}
if (clientCertificate.subject.OU === 'user') {
request.log([DEBUG, CONTEXT], 'User certificate supplied')
Popular boom functions
- boom.badData
- boom.badGateway
- boom.badImplementation
- boom.badRequest
- boom.boomify
- boom.conflict
- boom.create
- boom.forbidden
- boom.gatewayTimeout
- boom.internal
- boom.isBoom
- boom.methodNotAllowed
- boom.notAcceptable
- boom.notFound
- boom.notImplemented
- boom.preconditionFailed
- boom.serverUnavailable
- boom.unauthorized
- boom.wrap
- boom