Merge pull request #17 from skelpo/develop

Version 0.9.0
skelpo · Dec 7, 2018 · 466838e · 466838e
2 parents 736409a + 9de3e38
commit 466838e
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 10 deletions.
diff --git a/Sources/JWTAuthenticatable/BasicJWTAuthenticatable.swift b/Sources/JWTAuthenticatable/BasicJWTAuthenticatable.swift
@@ -5,6 +5,12 @@ import Fluent
 import Crypto
 import Vapor
 
+extension String {
+
+    /// The key for the JWT payload when it is stored in a Vapor `Request` object.
+    public static let payloadKey: String = "skelpo-payload"
+}
+
 /// Used to decode a request body in
 /// `BasicJWTAuthenticatable.authBody(from:)`.
 ///
@@ -95,7 +101,7 @@ extension BasicJWTAuthenticatable {
             // Store the model and payload in the request
             // using the request's `privateContainer`.
             try request.authenticate(model)
-            try request.set("skelpo-payload", to: payload)
+            try request.set(.payloadKey, to: payload)
 
             return model
         })
@@ -123,7 +129,7 @@ extension BasicJWTAuthenticatable {
 
                 // Store the payload and the model in the request
                 // for later access.
-                try request.set("skelpo-payload", to: authenticated.0)
+                try request.set(.payloadKey, to: authenticated.0)
                 try request.authenticate(authenticated.1)
 
                 return authenticated.1

diff --git a/Sources/JWTMiddleware/JWTVerificationMiddleware.swift b/Sources/JWTMiddleware/JWTVerificationMiddleware.swift
@@ -24,7 +24,7 @@ public final class JWTStorageMiddleware<Payload: JWTPayload>: Middleware {
         // Extract the token from the request. It is expected to
         // be in the `Authorization` header as a bearer: `Bearer ...`
         guard let token = request.http.headers.bearerAuthorization?.token else {
-            throw Abort(.badRequest, reason: "'Authorization' header with bearer token is missing")
+            throw Abort(.unauthorized, reason: "'Authorization' header with bearer token is missing")
         }
 
         // Get JWT service to verify the token with
@@ -33,7 +33,7 @@ public final class JWTStorageMiddleware<Payload: JWTPayload>: Middleware {
 
         // Verify to token and store the payload in the request's private container.
         let payload = try JWT<Payload>(from: data, verifiedUsing: jwt.signer).payload
-        try request.set("skelpo-payload", to: payload)
+        try request.set(.payloadKey, to: payload)
 
         // Fire the next responder in the chain.
         return try next.respond(to: request)
@@ -56,7 +56,7 @@ public final class JWTVerificationMiddleware: Middleware {
         // Extract the token from the request. It is expected to
         // be in the `Authorization` header as a bearer: `Bearer ...`
         guard let token = request.http.headers.bearerAuthorization?.token else {
-            throw Abort(.badRequest, reason: "'Authorization' header with bearer token is missing")
+            throw Abort(.unauthorized, reason: "'Authorization' header with bearer token is missing")
         }
 
         // Get JWT service to verify the token with

diff --git a/...ddleware/RouteRestrictionMiddleware.swift → ...JWTMiddleware/PermissionsMiddleware.swift b/...ddleware/RouteRestrictionMiddleware.swift → ...JWTMiddleware/PermissionsMiddleware.swift
@@ -18,12 +18,12 @@ public protocol PermissionedUserPayload: IdentifiableJWTPayload {
 
 /// Verifies incoming request's authentication payload status
 /// against pre-defined allowed statuses.
-public final class PermissionsMiddleware<Status, Payload>: Middleware where Payload: PermissionedUserPayload, Status == Payload.Status {
+public final class PermissionsMiddleware<Payload>: Middleware where Payload: PermissionedUserPayload {
 
     /// All the restrictions to check against the
     /// incoming request. Only one restriction must
     /// pass for the request to validated.
-    public let statuses: [Status]
+    public let statuses: [Payload.Status]
 
     /// The status code to throw if no restriction passes.
     public let failureError: HTTPStatus
@@ -34,7 +34,7 @@ public final class PermissionsMiddleware<Status, Payload>: Middleware where Payl
     ///   - statuses: An array of valid permission statuses.
     ///   - failureError: The HTTP status to throw if all restrictions fail. The default
     ///     value is `.notFound` (404). `.unauthorized` (401) would be another common option.
-    public init(allowed statuses: [Status], failureError: HTTPStatus = .notFound) {
+    public init(allowed statuses: [Payload.Status], failureError: HTTPStatus = .notFound) {
         self.statuses = statuses
         self.failureError = failureError
     }

diff --git a/Sources/JWTMiddleware/Request+JWT.swift b/Sources/JWTMiddleware/Request+JWT.swift
@@ -27,7 +27,7 @@ extension Request {
     ///   request storage. This is because this method should _only_ be called
     ///   if a JWT compatible model has been authenticated through a `JWTMiddleware`.
     public func payload<Payload: Decodable>(as payloadType: Payload.Type = Payload.self)throws -> Payload {
-        guard let payload = try self.get("skelpo-payload", as: Payload .self) else {
+        guard let payload = try self.get(.payloadKey, as: Payload .self) else {
             throw Abort(.internalServerError, reason: "No JWTMiddleware has been registered for the current route.")
         }
         return payload
@@ -46,7 +46,7 @@ extension Request {
     ///   or some other error from encoding and decoding the payload.
     public func payloadData<Payload, Object>(storedAs stored: Payload.Type, convertedTo objectType: Object.Type = Object.self)throws -> Object
         where Payload: Encodable, Object: Decodable {
-            guard let payload = try self.get("skelpo-payload", as: Payload.self) else {
+            guard let payload = try self.get(.payloadKey, as: Payload.self) else {
                 throw Abort(.internalServerError, reason: "No JWTMiddleware has been registered for the current route.")
             }