From 58657bda2aefe0421a3d134ccb68b69ad04a45db Mon Sep 17 00:00:00 2001
From: Jeff Andersen <jeffandersen@gmail.com>
Date: Mon, 19 Jan 2015 22:30:41 -0400
Subject: [PATCH 1/2] Lint errors

---
 index.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/index.js b/index.js
index a8e1c22..1ca67c3 100644
--- a/index.js
+++ b/index.js
@@ -41,7 +41,7 @@ Acl.prototype.is = function( roleName, failureBack ){
         if ( req.role && req.role.is(roleName) )
             next();
         else
-            acl.handleFailure( req, res, next, failureBack )
+            acl.handleFailure( req, res, next, failureBack );
     };
 };
 
@@ -56,7 +56,7 @@ Acl.prototype.isAny = function( roles, failureBack ){
         if ( req.role && req.role.isAny(roles) )
             next();
         else
-            acl.handleFailure( req, res, next, failureBack )
+            acl.handleFailure( req, res, next, failureBack );
     };
 };
 
@@ -105,7 +105,7 @@ Acl.prototype.can = function( permissionName, failureBack ){
         if ( req.role && req.role.can(permissionName) )
             next();
         else
-            acl.handleFailure( req, res, next, failureBack )
+            acl.handleFailure( req, res, next, failureBack );
     };
 };
 
@@ -237,4 +237,4 @@ Role.prototype.removeRole = function( roleName ){
 
 Role.prototype.setAuthorized = function( val ){
     this.authorized = !!val;
-};
\ No newline at end of file
+};

From 435cd027ab35c0520e5caad7ee9de70e2df5ec34 Mon Sep 17 00:00:00 2001
From: Jeff Andersen <jeffandersen@gmail.com>
Date: Mon, 19 Jan 2015 22:31:01 -0400
Subject: [PATCH 2/2] Add custom handler for determining user object location

---
 README.md |  6 ++++++
 index.js  | 27 +++++++++++++++++++++------
 2 files changed, 27 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index d86388d..65e754e 100644
--- a/README.md
+++ b/README.md
@@ -32,6 +32,12 @@ role.onUnauthorizedFailure( function( req, res ){
     res.redirect( '/' );
 });
 
+// Define where the user session is on the request object
+role.userSessionHandler( function( req ) {
+    // Example using custom Passport auth
+    return req.user;
+});
+
 // Сonnect a middleware
 app.use( role.middleware() );
 
diff --git a/index.js b/index.js
index 1ca67c3..60d2254 100644
--- a/index.js
+++ b/index.js
@@ -27,6 +27,7 @@ function Acl( rolesConfig ){
     this.roles = rolesConfig;
     this.authorizedFailureHandler = null;
     this.unauthorizedFailureHandler = null;
+    this.userSessionHandler = null;
 }
 
 
@@ -125,20 +126,34 @@ Acl.prototype.onUnauthorizedFailure = function( fn ){
     this.unauthorizedFailureHandler = fn;
 };
 
+/**
+ * @param {Function} fn
+ */
+Acl.prototype.userSessionHandler = function( fn ){
+    this.userSessionHandler = fn;
+};
 
 Acl.prototype.middleware = function(){
     var acl = this;
     return function( req, res, next ){
         req.role = new Role( acl.roles );
         res.locals.role = req.role;
-        if ( req.session && req.session.user ){
-            if ( req.session.user.role )
-                req.role.addRole( req.session.user.role );
-            else
-                req.role.setAuthorized( true );
+
+        var user = req.session && req.session.user;
+
+        // Allow custom lookup of user
+        if (typeof acl.userSessionHandler === 'function') {
+          user = acl.userSessionHandler(req);
+        }
+
+        if ( user.role ) {
+          req.role.addRole( user.role );
+        } else {
+          req.role.setAuthorized( true );
         }
+
         next();
-    }
+    };
 };