parent
428e2c38ce
commit
595a9213c1
|
@ -7,7 +7,11 @@ import { IllegalJWTError, NoPermissionError, UserNonexistantOrRefreshtokenInvali
|
|||
import { JwtCreator, JwtUser } from './JwtCreator';
|
||||
import { User } from './models/entities/User';
|
||||
|
||||
|
||||
/**
|
||||
* Handels authorisation verification via jwt's for all api endpoints using the @Authorized decorator.
|
||||
* @param action Routing-Controllers action object that provides request and response objects among other stuff.
|
||||
* @param permissions The permissions that the endpoint using @Authorized requires.
|
||||
*/
|
||||
const authchecker = async (action: Action, permissions: string[] | string) => {
|
||||
let required_permissions = undefined;
|
||||
if (typeof permissions === "string") {
|
||||
|
@ -16,18 +20,15 @@ const authchecker = async (action: Action, permissions: string[] | string) => {
|
|||
required_permissions = permissions
|
||||
}
|
||||
|
||||
let provided_token = "" + action.request.headers["authorization"];
|
||||
try {
|
||||
provided_token = provided_token.replace("Bearer ", "");
|
||||
}
|
||||
catch { }
|
||||
let jwtPayload = undefined
|
||||
try {
|
||||
let provided_token = "" + action.request.headers["authorization"].replace("Bearer ", "");
|
||||
jwtPayload = <any>jwt.verify(provided_token, config.jwt_secret);
|
||||
jwtPayload = jwtPayload["userdetails"];
|
||||
} catch (error) {
|
||||
jwtPayload = await refresh(action);
|
||||
}
|
||||
|
||||
const user = await getConnectionManager().get().getRepository(User).findOne({ id: jwtPayload["id"], refreshTokenCount: jwtPayload["refreshTokenCount"] }, { relations: ['permissions'] })
|
||||
if (!user) { throw new UserNonexistantOrRefreshtokenInvalidError() }
|
||||
if (!jwtPayload["permissions"]) { throw new NoPermissionError(); }
|
||||
|
@ -40,6 +41,10 @@ const authchecker = async (action: Action, permissions: string[] | string) => {
|
|||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Handels soft-refreshing of access-tokens.
|
||||
* @param action Routing-Controllers action object that provides request and response objects among other stuff.
|
||||
*/
|
||||
const refresh = async (action: Action) => {
|
||||
let refresh_token = undefined;
|
||||
try {
|
||||
|
|
Loading…
Reference in New Issue