Impelemented stats api auth via token or the usual auth (jwt with get for runners, teams and orgs).
ref #56
This commit is contained in:
parent
b5f9cf201d
commit
43e256f38c
|
@ -2,6 +2,7 @@ import * as argon2 from "argon2";
|
||||||
import { Request, Response } from 'express';
|
import { Request, Response } from 'express';
|
||||||
import { getConnectionManager } from 'typeorm';
|
import { getConnectionManager } from 'typeorm';
|
||||||
import { StatsClient } from '../models/entities/StatsClient';
|
import { StatsClient } from '../models/entities/StatsClient';
|
||||||
|
import authchecker from './authchecker';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This middleware handels the authentification of stats client api tokens.
|
* This middleware handels the authentification of stats client api tokens.
|
||||||
|
@ -17,20 +18,42 @@ const StatsAuth = async (req: Request, res: Response, next: () => void) => {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
let prefix = "";
|
|
||||||
try {
|
try {
|
||||||
provided_token = provided_token.replace("Bearer ", "");
|
provided_token = provided_token.replace("Bearer ", "");
|
||||||
prefix = provided_token.split(".")[0];
|
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
|
res.status(401).send("No valid jwt or api token provided.");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
let prefix = "";
|
||||||
|
try {
|
||||||
|
prefix = provided_token.split(".")[0];
|
||||||
|
}
|
||||||
|
finally {
|
||||||
|
if (prefix == "" || prefix == undefined || prefix == null) {
|
||||||
res.status(401).send("Api token non-existant or invalid syntax.");
|
res.status(401).send("Api token non-existant or invalid syntax.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const client = await getConnectionManager().get().getRepository(StatsClient).findOne({ prefix: prefix });
|
const client = await getConnectionManager().get().getRepository(StatsClient).findOne({ prefix: prefix });
|
||||||
if (!client) {
|
if (!client) {
|
||||||
|
let user_authorized = false;
|
||||||
|
try {
|
||||||
|
let action = { request: req, response: res, context: null, next: next }
|
||||||
|
user_authorized = await authchecker(action, ["RUNNER:GET", "TEAM:GET", "ORGANISATION:GET"]);
|
||||||
|
}
|
||||||
|
finally {
|
||||||
|
if (user_authorized == false) {
|
||||||
res.status(401).send("Api token non-existant or invalid syntax.");
|
res.status(401).send("Api token non-existant or invalid syntax.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
next();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
if (!(await argon2.verify(client.key, provided_token))) {
|
if (!(await argon2.verify(client.key, provided_token))) {
|
||||||
res.status(401).send("Api token invalid.");
|
res.status(401).send("Api token invalid.");
|
||||||
return;
|
return;
|
||||||
|
@ -38,4 +61,5 @@ const StatsAuth = async (req: Request, res: Response, next: () => void) => {
|
||||||
|
|
||||||
next();
|
next();
|
||||||
}
|
}
|
||||||
|
}
|
||||||
export default StatsAuth;
|
export default StatsAuth;
|
Loading…
Reference in New Issue
Block a user