« index
Coverage for /Users/yunong/workspace/node-restify/lib/plugins/date.js : 94%
77 lines |
73 run |
4 missing |
0 partial |
8 blocks |
6 blocks run |
2 blocks missing
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 | // Copyright 2012 Mark Cavage, Inc. All rights reserved. var assert = require('assert-plus'); var errors = require('../errors'); ///--- Globals var InvalidHeaderError = errors.InvalidHeaderError; var RequestExpiredError = errors.RequestExpiredError; var BAD_MSG = 'Date header is invalid'; var OLD_MSG = 'Date header %s is too old'; ///--- API /** * Returns a plugin that will parse the Date header (if present) and check for * an "expired" request, where expired means the request originated at a time * before ($now - $clockSkew). The default clockSkew allowance is 5m (thanks * Kerberos!) * * @param {Number} clockSkew optional age of time (in seconds). * @return {Function} restify handler. * @throws {TypeError} on bad input */ function dateParser(clockSkew) { if (!clockSkew) clockSkew = 300; assert.number(clockSkew, 'clockSkew'); clockSkew = clockSkew * 1000; function parseDate(req, res, next) { if (!req.headers.date) return (next()); var e; var date = req.headers.date; var log = req.log; try { var now = Date.now(); var sent = new Date(date).getTime(); if (log.trace()) { log.trace({ allowedSkew: clockSkew, now: now, sent: sent }, 'Checking clock skew'); } if ((now - sent) > clockSkew) { e = new RequestExpiredError(OLD_MSG, date); return (next(e)); } } catch (err) { log.trace({ err: err }, 'Bad Date header: %s', date); e = new InvalidHeaderError(BAD_MSG, date); return (next(e)); } return (next()); } return (parseDate); } module.exports = dateParser; |