feat(project): add AuthenticationStep and deprecate AuthorizeStep

DEPRECATION: AuthorizeStep replaced by AuthenticationStep

AuthenticationStep uses {settings:authentication:true}} of a route's configuration

src/aurelia-authentication.js

@@ -3,6 +3,7 @@ import {Config, Rest} from 'aurelia-api';
 
 import {AuthService} from './authService';
 import {AuthorizeStep} from './authorizeStep';
+import {AuthenticateStep} from './authenticateStep';
 import {BaseConfig} from './baseConfig';
 import {FetchConfig} from './fetchClientConfig';
 import './authFilter';
@@ -67,5 +68,6 @@ export {
   configure,
   FetchConfig,
   AuthService,
-  AuthorizeStep
+  AuthorizeStep,
+  AuthenticateStep
 };

src/authenticateStep.js

@@ -0,0 +1,25 @@
+import {inject} from 'aurelia-dependency-injection';
+import {Authentication} from './authentication';
+import {Redirect} from 'aurelia-router';
+
+@inject(Authentication)
+export class AuthenticateStep {
+  constructor(authentication) {
+    this.authentication = authentication;
+  }
+
+  run(routingContext, next) {
+    const isLoggedIn = this.authentication.isAuthenticated();
+    const loginRoute = this.authentication.config.loginRoute;
+
+    if (routingContext.getAllInstructions().some(i => i.config.settings.authenticate === true)) {
+      if (!isLoggedIn) {
+        return next.cancel(new Redirect(loginRoute));
+      }
+    } else if (isLoggedIn && routingContext.getAllInstructions().some(i => i.fragment === loginRoute)) {
+      return next.cancel(new Redirect( this.authentication.config.loginRedirect ));
+    }
+
+    return next();
+  }
+}

src/authorizeStep.js

@@ -1,10 +1,13 @@
 import {inject} from 'aurelia-dependency-injection';
 import {Authentication} from './authentication';
 import {Redirect} from 'aurelia-router';
+import * as LogManager from 'aurelia-logging';
 
 @inject(Authentication)
 export class AuthorizeStep {
   constructor(authentication) {
+    LogManager.getLogger('authentication').warn('AuthorizeStep is deprecated. Use AuthenticationStep instead and add {settings: {authenticate: true}} to your router configuration.');
+
     this.authentication = authentication;
   }
 

test/aurelia-authentication.spec.js

@@ -6,7 +6,8 @@ import {
   configure,
   FetchConfig,
   AuthService,
-  AuthorizeStep
+  AuthorizeStep,
+  AuthenticateStep
 } from '../src/aurelia-authentication';
 import {BaseConfig} from '../src/baseConfig';
 
@@ -41,6 +42,10 @@ describe('aurelia-authentication', function() {
     it('Should export AuthorizeStep', function() {
       expect(AuthorizeStep).toBeDefined();
     });
+
+    it('Should export AuthenticateStep', function() {
+      expect(AuthenticateStep).toBeDefined();
+    });
   });
 
   describe('configure()', function() {

test/authService.spec.js

@@ -87,11 +87,11 @@ describe('AuthService', () => {
   describe('.updateMe() with PUT', () => {
     const container      = getContainer();
     const authService    = container.get(AuthService);
-    
+
     beforeEach(() => {
       authService.config.profileMethod = 'put';
     });
-    
+
     it('without criteria', done => {
       authService.updateMe({data: 'some'})
         .then(result => {
@@ -141,7 +141,7 @@ describe('AuthService', () => {
   describe('.updateMe() with PATCH', () => {
     const container      = getContainer();
     const authService    = container.get(AuthService);
-    
+
     beforeEach(() => {
       authService.config.profileMethod = 'patch';
     });

test/authenticateStep.spec.js

@@ -0,0 +1,133 @@
+import {Container} from 'aurelia-dependency-injection';
+
+import {AuthenticateStep} from '../src/authenticateStep';
+
+
+const routes = {
+  onLoginRoute : [
+    {name: 'parent', fragment: '/login', config: {settings: {}}},
+    {name: 'child', fragment: 'childUrl', config: {settings: {}}}
+  ],
+  authenticateNone : [
+    {name: 'parent', fragment: 'parentUrl', config: {settings: {}}},
+    {name: 'child', fragment: 'childUrl', config: {settings: {}}}
+  ],
+  authenticateChild : [
+    {name: 'parent', fragment: 'parentUrl', config: {settings: {}}},
+    {name: 'child', fragment: 'childUrl', config: {settings: {authenticate: true}}}
+  ],
+  authenticateParent : [
+    {name: 'parent', fragment: 'parentUrl', config: {settings: {authenticate: true}}},
+    {name: 'child', fragment: 'childUrl', config: {settings: {}}}
+  ]};
+
+describe('AuthenticateStep', () => {
+  describe('.run()', () => {
+    const authenticateStep = new Container().get(AuthenticateStep);
+    function next() {return;}
+    let loginRoute = authenticateStep.authentication.config.loginRoute;
+
+    it('should not redirect when not authenticated and no route requires it', () => {
+      let routingContext = {
+        getAllInstructions: () => routes.authenticateNone
+      };
+
+      next.cancel = redirect => {throw new Error();};
+
+      spyOn(next, 'cancel');
+
+      authenticateStep.run(routingContext, next);
+
+      expect(next.cancel).not.toHaveBeenCalled();
+    });
+
+    it('should redirect to login when not authenticated and child route requires it', done => {
+      let routingContext = {
+        getAllInstructions: () => routes.authenticateChild
+      };
+
+      next.cancel = redirect => {
+        expect(redirect.url).toBe(loginRoute);
+        done();
+      };
+
+      authenticateStep.run(routingContext, next);
+    });
+
+    it('should redirect to login when not authenticated and parent route requires it', done => {
+      let routingContext = {
+        getAllInstructions: () => routes.authenticateParent
+      };
+
+      next.cancel = redirect => {
+        expect(redirect.url).toBe(loginRoute);
+        done();
+      };
+
+      authenticateStep.run(routingContext, next);
+    });
+
+    it('should not redirect to login when authenticated and no route requires it', () => {
+      let routingContext = {
+        getAllInstructions: () => routes.authenticateNone
+      };
+
+      next.cancel = redirect => {throw new Error();};
+
+      spyOn(next, 'cancel');
+
+      authenticateStep.authentication.isAuthenticated = () => true;
+
+      authenticateStep.run(routingContext, next);
+
+      expect(next.cancel).not.toHaveBeenCalled();
+    });
+
+    it('should not redirect when authenticated and child route requires it', ()  => {
+      let routingContext = {
+        getAllInstructions: () => routes.authenticateChild
+      };
+
+      next.cancel = redirect => {throw new Error();};
+
+      spyOn(next, 'cancel');
+
+      authenticateStep.authentication.isAuthenticated = () => true;
+
+      authenticateStep.run(routingContext, next);
+
+      expect(next.cancel).not.toHaveBeenCalled();
+    });
+
+    it('should not redirect when not authenticated and parent route requires it', () => {
+      let routingContext = {
+        getAllInstructions: () => routes.authenticateParent
+      };
+
+      next.cancel = redirect => {throw new Error();};
+
+      spyOn(next, 'cancel');
+
+      authenticateStep.authentication.isAuthenticated = () => true;
+
+      authenticateStep.run(routingContext, next);
+
+      expect(next.cancel).not.toHaveBeenCalled();
+    });
+
+    it('should redirect when  authenticated and parent route is login route', done => {
+      let routingContext = {
+        getAllInstructions: () => routes.onLoginRoute
+      };
+
+      next.cancel = redirect => {
+        expect(redirect.url).toBe(authenticateStep.authentication.config.loginRedirect);
+        done();
+      };
+
+      authenticateStep.authentication.isAuthenticated = () => true;
+
+      authenticateStep.run(routingContext, next);
+    });
+  });
+});

test/setup.js

@@ -1,5 +1,4 @@
 import {initialize} from 'aurelia-pal-browser';
 import 'aurelia-polyfills';
-import 'fetch';
 
 initialize();