1. Advisor
  2. http-errors
  3. functions
  4. http-errors.Unauthorized
View all http-errors analysis

How to use the http-errors.Unauthorized function in http-errors

To help you get started, we’ve selected a few http-errors examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github woleet / woleet.id-server / server / src / controllers / sign.ts View on Github external
if (userId) {
    user = await User.getById(userId);
  } else if (customUserId) {
    user = await User.getByCustomUserId(customUserId);
  }

  if (pubKey) {
    key = await Key.getByPubKey(pubKey, user && user.get('id'), !user);
    if (!key) {
      throw new NotFoundKeyError();
    }
    if (!user) {
      user = key.get('user');
      if (user.get('mode') === 'esign') {
        throw new Unauthorized('Cannot use e-signature with an admin token.');
      }
    }
  }

  if ((userId || customUserId) && !user) {
    throw new NotFoundUserError();
  }

  // Key and user are specified, need to check that the user is the owner of a key.
  if (key && user) {
    if (key.get('userId') !== user.get('id')) {
      throw new KeyOwnerMismatchError();
    }
  }

  // If the pubkey is not specified, need to put the value by default.
github paulrobertlloyd / indiekit / packages / indieauth / lib / verify-token.js View on Github external
module.exports = (opts, accessToken) => {
  debug('verifyToken opts', opts);

  // Throw error if no publication URL provided
  if (!opts.me) {
    throw new HttpError.InternalServerError('No publication URL provided');
  }

  // Throw error if no access token provided
  if (!accessToken) {
    throw new HttpError.Unauthorized('No access token provided in request');
  }

  // Throw error if access token does not contain a `me` value
  if (!accessToken.me) {
    throw new HttpError.Unauthorized('There was a problem with this access token');
  }

  // Normalize publication and token URLs before comparing
  const accessTokenMe = normalizeUrl(accessToken.me);
  const publicationMe = normalizeUrl(opts.me);
  const isAuthenticated = accessTokenMe === publicationMe;

  debug('Verified token URL: %s', accessTokenMe);
  debug('Publication URL: %s', publicationMe);

  // Publication URL does not match that provided by access token
github ShieldBattery / ShieldBattery / server / lib / wsapi / chat.js View on Github external
async getUser(data, next) {
    const user = this.userSockets.getBySocket(data.get('client'))
    if (!user) throw new errors.Unauthorized('authorization required')
    const newData = data.set('user', user)

    return await next(newData)
  }
github fastify / fastify-jwt / jwt.js View on Github external
function checkIfIsTrusted (result, callback) {
        if (!trusted) {
          callback(null, result)
        } else {
          const maybePromise = trusted(request, result)

          if (maybePromise && maybePromise.then) {
            maybePromise
              .then(trusted => trusted ? callback(null, result) : callback(new Unauthorized(messagesOptions.authorizationTokenUntrusted)))
          } else if (maybePromise) {
            callback(null, maybePromise)
          } else {
            callback(new Unauthorized(messagesOptions.authorizationTokenUntrusted))
          }
        }
      }
    ], function (err, result) {
github fastify / fastify-jwt / jwt.js View on Github external
              .then(trusted => trusted ? callback(null, result) : callback(new Unauthorized(messagesOptions.authorizationTokenUntrusted)))
          } else if (maybePromise) {
github woleet / woleet.id-server / server / src / api / routers / password-reset.ts View on Github external
const infoUpdatePassword = ctx.request.body;
  let user;
  if (!infoUpdatePassword.email) {
    throw new BadRequest('Need to send the email address.');
  }
  if (!infoUpdatePassword.token) {
    throw new BadRequest('Need to send the reset token.');
  }
  if (!infoUpdatePassword.password) {
    throw new BadRequest('Need to send the new password.');
  }

  try {
    user = await updatePassword(infoUpdatePassword);
  } catch (err) {
    throw new Unauthorized('Invalid token.');
  }

  event.register({
    type: 'user.edit',
    authorizedUserId: null,
    associatedTokenId: null,
    associatedUserId: user.id,
    associatedKeyId: null,
    data: hidePassword(user)
  });

  ctx.body = serializeUser(user);

});
github woleet / woleet.id-server / server / src / api / authentication.ts View on Github external
switch (token.status) {
            case 'active':
              return next();
            case 'expired':
              throw new Unauthorized('Token expired');
            case 'blocked':
              throw new Unauthorized('Token blocked');
          }
        }
      }

      throw new Unauthorized('Invalid token');
    }
  }

  throw new Unauthorized('Missing token');
}
github ShieldBattery / ShieldBattery / server / lib / wsapi / lobbies.js View on Github external
ensureIsLobbyHost(lobby, player) {
    if (player.id !== lobby.host.id) {
      throw new errors.Unauthorized('must be a lobby host')
    }
  }
github woleet / woleet.id-server / server / src / api / authentication.ts View on Github external
export async function user(ctx: Context, next) {
  if (!(ctx.session && ctx.session.user)) {
    throw new Unauthorized();
  }

  return next();
}

http-errors

Create HTTP error objects

GitHub
MIT
Latest version published 3 years ago

Package Health Score

79 / 100
Full package analysis

Popular http-errors functions

Similar packages