API Docs for:
Show:

authentication Class

Module: authentication

Provides the authentication functions.

Methods

authByPam

(
  • username
  • password
  • cb
)
private

Authenticate the user by pam.

Parameters:

  • username String

    The access key used to authenticate, e.g. the username

  • password String

    The password of the account

  • cb Function

    The callback function

authenticate

(
  • username
  • password
  • cb
)

Authenticate the user using the choosen method in the configuration step.

It can throw an exception.

Parameters:

  • username String

    The access key used to authenticate, e.g. the username

  • password String

    The password of the account

  • cb Function

    The callback function

authenticateFreepbxAdmin

(
  • secretkey
)
Boolean

Authenticate the "admin" user of FreePBX.

Parameters:

  • secretkey String

    The secret key to be authenticated

Returns:

Boolean:

True if the authentication was successful

authenticateRemoteSite

(
  • username
  • password
  • remoteIp
  • cb
)

Authenticate remote site using the credentials specified in the configuration file.

Parameters:

  • username String

    The access key used to authenticate, e.g. the username

  • password String

    The password of the account

  • remoteIp String

    The remote ip address

  • cb Function

    The callback function

authRemoteSiteByFile

(
  • username
  • password
  • remoteIp
  • cb
)
private

Authenticate the remote site user by the credentials read from the file.

Parameters:

  • username String

    The access key used to authenticate, e.g. the username

  • password String

    The password of the account

  • remoteIp String

    The remote ip address

  • cb Function

    The callback function

calculateAdminSecretKey

(
  • username
  • sha1Pwd
  • secret
)

Calculates the SHA1 secret key for freepbx admin user authentication.

Parameters:

  • username String

    The username

  • sha1Pwd String

    The sha1 admin password

  • secret String

    The admin secret

calculateToken

(
  • username
  • password
  • nonce
)

Calculates the HMAC-SHA1 token to be used in the authentication.

Parameters:

  • username String

    The access key identifier, e.g. the username

  • password String

    The password of the account

  • nonce String

    It is used to create the HMAC-SHA1 token

config

(
  • path
)

It reads the authentication configuration file.

The method can throw an Exception.

Parameters:

  • path String

    The path of the configuration file

configRemoteAuthentications

(
  • path
)

It reads the authentication configuration file for remote sites. The file must use the JSON syntax.

The method can throw an Exception.

Parameters:

  • path String

    The path of the configuration file

getNonce

(
  • username
  • password
  • isRemoteSite
)
String

Creates an SHA1 nonce to be used in the authentication.

Parameters:

  • username String

    The access key identifier used to create the token.

  • password String

    The password of the account

  • isRemoteSite Boolean

    True if the request is for a remote site

Returns:

String:

The SHA1 nonce.

getRemoteSiteName

(
  • username
  • token
)
String

Returns the remote site name.

Parameters:

  • username String

    The access key identifier, e.g. the username

  • token String

    The authentication token

Returns:

String:

The name of the remote site

getTokenExpirationTimeout

() Number

Returns the token expiration timeout.

Returns:

Number:

The token expiration timeout in milliseconds.

initFreepbxAdminAuthentication

()

Initialize data used for freepbx admin authentication.

isAutoUpdateTokenExpires

() Boolean

Check if the automatic update of token expiration is active for each authentication request.

Returns:

Boolean:

True if the automatic update is active.

isRemoteSiteAlreadyLoggedIn

(
  • username
)
Boolean private

Checks if the remote username has already been logged in.

Parameters:

  • username String

    The access key identifier, e.g. the username

Returns:

Boolean:

True if the remote username has been already logged in

isUnautheCallEnabled

() Boolean

Checks if the unauthenticated asterisk call has been enabled by the JSON configuration file.

Returns:

Boolean:

True if the unauthenticated asterisk call has been enabled.

newToken

(
  • username
  • password
  • nonce
  • isRemoteSite
)
private

Creates an HMAC-SHA1 token to be used in the authentication and store it into the private grants object.

Parameters:

  • username String

    The access key identifier, e.g. the username

  • password String

    The password of the account

  • nonce String

    It is used to create the HMAC-SHA1 token

  • isRemoteSite Boolean

    True if the request is for a remote site

on

(
  • type
  • cb
)
Object

Subscribe a callback function to a custom event fired by this object. It's the same of nodejs events.EventEmitter.on.

Parameters:

  • type String

    The name of the event

  • cb Function

    The callback to execute in response to the event

Returns:

Object:

A subscription handle capable of detaching that subscription.

reload

()

Reload the component.

removeToken

(
  • username
  • token
)
Boolean

Removes the grant for an access key.

Parameters:

  • username String

    The access key

  • token String

    The token

Returns:

Boolean:

True if the grant removing has been successful.

reset

() static

Reset the component.

setCompDbconn

(
  • comp
)

Sets the database architect component.

Parameters:

  • comp Object

    The database architect component.

setLogger

(
  • log
)
static

Set the logger to be used.

Parameters:

  • log Object

    The logger object. It must have at least three methods: info, warn and error as console object.

startIntervalRemoveExpiredTokens

() private

Starts the removing of expired authentication tokens each interval of time. The interval time is equal to the expiration time, because the tokens are updated each half of expiration time.

updateTokenExpires

(
  • username
  • token
)

Update the expiration of the token relative to the access key.

Parameters:

  • username String

    The access key relative to the token to be updated

  • token String

    The access token

verifyToken

(
  • username
  • token
  • isRemote
)
Boolean

Authenticates the user through checking the token with the one that must be present in the grants object. The getNonce method must be used before this.

Parameters:

  • username String

    The access key used to retrieve the token

  • token String

    The token to be checked

  • isRemote Boolean

    True if the token belongs to a remote site

Returns:

Boolean:

True if the user has been authenticated succesfully.

Properties

AUTH_TYPE

Object private

The types of the authentication that can be used.

Default: { "pam": "pam" };

authenticationType

String private

The type of authentication chosen. It can be one of the AUTH_TYPE properties. The authentication type is selected with the configuration file. It's used to choose the correct authentication method.

authRemoteSites

Object private

The credentials used by remote sites.

Default: {}

autoUpdateTokenExpires

Boolean private

If true, every authentication request also causes the update of the token expiration value.

Default: true

compDbconn

Object private

The database component.

CONFIG_FILEPATH

String private

The file path of the configuration file.

emitter

Object private

The event emitter.

EVT_COMP_READY

String

The name of the component ready event.

Default: "ready"

EVT_RELOADED

String

The name of the reloaded event.

Default: "reloaded"

expires

Number private

The token expiration expressed in milliseconds. It can be customized with the configuration file.

Default: 3600000 (1h)

fpbxAdminSecretKey

String private

The secret key of FreePBX admin user.

grants

Object private

The temporary permissions assigned to the users. Associates each user with a list of tokens. Each permission has an expiration date of expires milliseconds. Each user can have more than one token because he can login from more than one place.

IDLOG

String private final

The module identifier used by the logger.

Default: [authentication]

intervalRemoveExpiredTokens

Number private

The identifier of the interval used to remove expired tokens.

logger

Object private

The logger. It must have at least three methods: info, warn and error.

Default: console

PAM_SCRIPT_PATH

String private

The path of the pam authentication script.

ready

Boolean private

True if the component has been started. Used to emit EVT_RELOADED instead of EVT_READY

Default: false

unauthenticatedCall

String private

Asterisk call without user authentication and permissions. It is disabled by default but can be enabled by the JSON configuration file in the config method.

Default: "disabled"

Events

ready

Fired when the component is ready.

reloaded

Fired when the componente has been reloaded.