« index

Coverage for /Users/yunong/workspace/node-restify/lib/plugins/date.js : 94%

77 lines | 73 run | 4 missing | 0 partial | 8 blocks | 6 blocks run | 2 blocks missing

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

  // Copyright 2012 Mark Cavage, Inc.  All rights reserved.
  
  var assert = require('assert-plus');
  
  var errors = require('../errors');
  
  
  ///--- Globals
  
  var InvalidHeaderError = errors.InvalidHeaderError;
  var RequestExpiredError = errors.RequestExpiredError;
  
  var BAD_MSG = 'Date header is invalid';
  var OLD_MSG = 'Date header %s is too old';
  
  
  ///--- API
  
  /**
   * Returns a plugin that will parse the Date header (if present) and check for
   * an "expired" request, where expired means the request originated at a time
   * before ($now - $clockSkew). The default clockSkew allowance is 5m (thanks
   * Kerberos!)
   *
   * @param {Number} clockSkew optional age of time (in seconds).
   * @return {Function} restify handler.
   * @throws {TypeError} on bad input
   */
  function dateParser(clockSkew) {
      if (!clockSkew)
          clockSkew = 300;
      assert.number(clockSkew, 'clockSkew');
  
      clockSkew = clockSkew * 1000;
  
      function parseDate(req, res, next) {
          if (!req.headers.date)
              return (next());
  
          var e;
          var date = req.headers.date;
          var log = req.log;
  
          try {
              var now = Date.now();
              var sent = new Date(date).getTime();
  
              if (log.trace()) {
                  log.trace({
                      allowedSkew: clockSkew,
                      now: now,
                      sent: sent
                  }, 'Checking clock skew');
              }
  
              if ((now - sent) > clockSkew) {
                  e = new RequestExpiredError(OLD_MSG, date);
                  return (next(e));
              }
  
  
          } catch (err) {
              log.trace({
                  err: err
              }, 'Bad Date header: %s', date);
  
              e = new InvalidHeaderError(BAD_MSG, date);
              return (next(e));
          }
  
          return (next());
      }
  
      return (parseDate);
  }
  
  module.exports = dateParser;
« index | cover.io