allow gateway without redirection, manual request handling

CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## 2.1.0
+
+- Allow access to Gateway functions like authenticate, get_cookie_auth, get_header_auth, redirect, deny
+- Allow Gateway to deny a request in case no redirect url is specified
+
 ## 2.0.0
 
 Complete redesign

README.md

@@ -1,6 +1,6 @@
 # auth-server-helper
 
-version: 2.0.x
+version: 2.1.x
 
 customizable and simple authentication
 
@@ -22,7 +22,7 @@ yarn:
 const {create_gateway} = require('@sapphirecode/auth-server-helper');
 
 const gateway = create_gateway({
-  redirect_url: '/auth',
+  redirect_url: '/auth', // if defined, unauthorized requests will be redirected
   cookie_name: 'auth_cookie', // if defined, access tokens will be read from this cookie
 });
 
@@ -40,6 +40,23 @@ http.createServer((main_req, main_res) =>
 the gateway will forward any authorized requests to the next handler and
 redirect all others to the specified url
 
+#### 1.1. Creating a gateway for manual processing of requests
+
+```js
+const {GatewayClass} = require('@sapphirecode/auth-server-helper');
+
+const gateway = new GatewayClass({ /* options */ }); // options are the same as for create_gateway above
+
+// process a request
+if (gateway.authenticate(http_request)) { // returns true if request is valid and sets req.connection.token_id and .token_data
+  console.log('access granted');
+} else {
+  gateway.redirect(response); // redirects the client, triggers deny if no redirect_url was set in options
+  // or
+  gateway.deny(response); // sends status 403
+}
+```
+
 ### 2. creating the auth endpoint
 
 ```js

lib/Gateway.ts

@@ -16,24 +16,32 @@ type Gateway = (
 ) => unknown;
 
 interface GatewayOptions {
-  redirect_url: string;
+  redirect_url?: string;
   cookie_name?: string;
 }
 
 class GatewayClass {
   private _options: GatewayOptions;
 
-  public constructor (options: GatewayOptions) {
+  public constructor (options: GatewayOptions = {}) {
     this._options = options;
   }
 
-  private redirect (res: ServerResponse): void {
+  public deny (res: ServerResponse): void {
+    res.statusCode = 403;
+    res.end();
+  }
+
+  public redirect (res: ServerResponse): void {
+    if (typeof this._options.redirect_url !== 'string')
+      return this.deny(res);
+
     res.statusCode = 302;
     res.setHeader ('Location', this._options.redirect_url);
     res.end ();
   }
 
-  private get_header_auth (req: IncomingMessage): string | null {
+  public get_header_auth (req: IncomingMessage): string | null {
     const auth_header = req.headers.authorization;
     const auth = (/(?<type>\w+) (?<data>.*)/u).exec (auth_header || '');
     if (auth === null)
@@ -43,7 +51,7 @@ class GatewayClass {
     return auth.groups?.data;
   }
 
-  private get_cookie_auth (req: IncomingMessage): string | null {
+  public get_cookie_auth (req: IncomingMessage): string | null {
     if (typeof this._options.cookie_name === 'undefined')
       return null;
     let auth = null;
@@ -58,7 +66,7 @@ class GatewayClass {
     return auth;
   }
 
-  private authenticate (req: IncomingMessage): boolean {
+  public authenticate (req: IncomingMessage): boolean {
     let auth = this.get_header_auth (req);
     if (auth === null)
       auth = this.get_cookie_auth (req);

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sapphirecode/auth-server-helper",
-  "version": "2.0.2",
+  "version": "2.1.0",
   "main": "dist/index.js",
   "author": {
     "name": "Timo Hocker",