vanja/feishin
1
0
Fork 0
mirror of https://github.com/jeffvli/feishin.git synced 2026-05-10 04:30:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update auth object and middleware

Browse Source
This commit is contained in:
jeffvli
2022-10-12 13:35:59 -07:00
parent b5c7abb566
commit 8aedd94033
4 changed files with 47 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/server/lib/passport.ts
+7 -5
View File
@@ -9,13 +9,13 @@ import {
import { Strategy as LocalStrategy } from 'passport-local'; import { Strategy as LocalStrategy } from 'passport-local';
import { prisma } from './prisma'; import { prisma } from './prisma';
export const generateToken = (userId: number) => { export const generateToken = (userId: string) => {
return jwt.sign({ id: userId }, String(process.env.TOKEN_SECRET), { return jwt.sign({ id: userId }, String(process.env.TOKEN_SECRET), {
expiresIn: String(process.env.TOKEN_EXPIRATION || '15m'), expiresIn: String(process.env.TOKEN_EXPIRATION || '15m'),
}); });
}; };
export const generateRefreshToken = (userId: number) => { export const generateRefreshToken = (userId: string) => {
return jwt.sign({ id: userId }, String(process.env.TOKEN_SECRET), { return jwt.sign({ id: userId }, String(process.env.TOKEN_SECRET), {
expiresIn: String(process.env.TOKEN_REFRESH_EXPIRATION || '90d'), expiresIn: String(process.env.TOKEN_REFRESH_EXPIRATION || '90d'),
}); });
@@ -54,9 +54,11 @@ passport.use(
new JwtStrategy(jwtOptions, async (jwt_payload: any, done: any) => { new JwtStrategy(jwtOptions, async (jwt_payload: any, done: any) => {
await prisma.user await prisma.user
.findUnique({ .findUnique({
where: { include: {
id: jwt_payload.id, serverFolderPermissions: true,
serverPermissions: true,
}, },
where: { id: jwt_payload.id },
}) })
.then((user) => { .then((user) => {
// eslint-disable-next-line promise/no-callback-in-promise // eslint-disable-next-line promise/no-callback-in-promise
@@ -72,7 +74,7 @@ passport.serializeUser((user: any, done) => {
return done(null, user.id); return done(null, user.id);
}); });
passport.deserializeUser(async (id: number, done) => { passport.deserializeUser(async (id: string, done) => {
return done( return done(
null, null,
await prisma.user.findUnique({ await prisma.user.findUnique({
src/server/middleware/authenticate-admin.ts
+2 -41
View File
@@ -1,43 +1,14 @@
import { NextFunction, Request, Response } from 'express'; import { NextFunction, Request, Response } from 'express';
import passport from 'passport';
export const authenticateAdmin = ( export const authenticateAdmin = (
req: Request, req: Request,
res: Response, res: Response,
next: NextFunction next: NextFunction
) => { ) => {
passport.authenticate('jwt', { session: false }, (err, user, info) => { if (!req.auth.isAdmin) {
if (err) {
return next(err);
}
if (!user) {
return res.status(401).json({
error: {
message: info?.message || 'Invalid authorization.',
path: req.path,
},
response: 'Error',
statusCode: 401,
});
}
if (!user.enabled) {
return res.status(401).json({
error: {
message: 'Your account is not enabled.',
path: req.path,
},
response: 'Error',
statusCode: 401,
});
}
if (!user.isAdmin) {
return res.status(403).json({ return res.status(403).json({
error: { error: {
message: message: 'This action requires an administrator account.',
info?.message || 'This action requires an administrator account.',
path: req.path, path: req.path,
}, },
response: 'Error', response: 'Error',
@@ -45,15 +16,5 @@ export const authenticateAdmin = (
}); });
} }
req.auth = {
createdAt: user.createdAt,
enabled: user.enabled,
id: user.id,
isAdmin: user.isAdmin,
updatedAt: user.updatedAt,
username: user.username,
};
return next(); return next();
})(req, res, next);
}; };
src/server/middleware/authenticate-local.ts → src/server/middleware/authenticate.ts
+28 -2
View File
@@ -1,7 +1,19 @@
import {
ServerFolderPermissions,
ServerPermissions,
User,
} from '@prisma/client';
import { NextFunction, Request, Response } from 'express'; import { NextFunction, Request, Response } from 'express';
import passport from 'passport'; import passport from 'passport';
export const authenticateLocal = ( export type AuthUser = User & {
flatServerFolderPermissions: string[];
flatServerPermissions: string[];
serverFolderPermissions: ServerFolderPermissions[];
serverPermissions: ServerPermissions[];
};
export const authenticate = (
req: Request, req: Request,
res: Response, res: Response,
next: NextFunction next: NextFunction
@@ -33,15 +45,29 @@ export const authenticateLocal = (
}); });
} }
req.auth = { const flatServerFolderPermissions = user.serverFolderPermissions.map(
(permission: ServerFolderPermissions) => permission.serverFolderId
);
const flatServerPermissions = user.serverPermissions.map(
(permission: ServerPermissions) => permission.serverId
);
const auth = {
createdAt: user?.createdAt, createdAt: user?.createdAt,
enabled: user?.enabled, enabled: user?.enabled,
flatServerFolderPermissions,
flatServerPermissions,
id: user?.id, id: user?.id,
isAdmin: user?.isAdmin, isAdmin: user?.isAdmin,
serverFolderPermissions: user?.serverFolderPermissions,
serverPermissions: user?.serverPermissions,
updatedAt: user?.updatedAt, updatedAt: user?.updatedAt,
username: user?.username, username: user?.username,
}; };
req.auth = auth;
return next(); return next();
})(req, res, next); })(req, res, next);
}; };
src/server/middleware/index.ts
+1 -1
View File
@@ -1,3 +1,3 @@
export * from './error-handler'; export * from './error-handler';
export * from './authenticate-local'; export * from './authenticate';
export * from './authenticate-admin'; export * from './authenticate-admin';