lfk/backend
2
0
Fork 0
Code Issues 1 Pull Requests Actions Projects Releases 40 Activity

Added comments and formatting to the auth checker

Browse Source 
ref #6
This commit is contained in:
Nicolai Ort 2020-12-18 19:42:08 +01:00
parent 428e2c38ce
commit 595a9213c1
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/authchecker.ts
View File

@ -7,7 +7,11 @@ import { IllegalJWTError, NoPermissionError, UserNonexistantOrRefreshtokenInvali
import { JwtCreator, JwtUser } from './JwtCreator'; import { JwtCreator, JwtUser } from './JwtCreator';
import { User } from './models/entities/User'; import { User } from './models/entities/User';
/**
* Handels authorisation verification via jwt's for all api endpoints using the @Authorized decorator.
* @param action Routing-Controllers action object that provides request and response objects among other stuff.
* @param permissions The permissions that the endpoint using @Authorized requires.
*/
const authchecker = async (action: Action, permissions: string[] | string) => { const authchecker = async (action: Action, permissions: string[] | string) => {
let required_permissions = undefined; let required_permissions = undefined;
if (typeof permissions === "string") { if (typeof permissions === "string") {
@ -16,18 +20,15 @@ const authchecker = async (action: Action, permissions: string[] | string) => {
required_permissions = permissions required_permissions = permissions
} }
let provided_token = "" + action.request.headers["authorization"];
try {
provided_token = provided_token.replace("Bearer ", "");
}
catch { }
let jwtPayload = undefined let jwtPayload = undefined
try { try {
let provided_token = "" + action.request.headers["authorization"].replace("Bearer ", "");
jwtPayload = <any>jwt.verify(provided_token, config.jwt_secret); jwtPayload = <any>jwt.verify(provided_token, config.jwt_secret);
jwtPayload = jwtPayload["userdetails"]; jwtPayload = jwtPayload["userdetails"];
} catch (error) { } catch (error) {
jwtPayload = await refresh(action); jwtPayload = await refresh(action);
} }
const user = await getConnectionManager().get().getRepository(User).findOne({ id: jwtPayload["id"], refreshTokenCount: jwtPayload["refreshTokenCount"] }, { relations: ['permissions'] }) const user = await getConnectionManager().get().getRepository(User).findOne({ id: jwtPayload["id"], refreshTokenCount: jwtPayload["refreshTokenCount"] }, { relations: ['permissions'] })
if (!user) { throw new UserNonexistantOrRefreshtokenInvalidError() } if (!user) { throw new UserNonexistantOrRefreshtokenInvalidError() }
if (!jwtPayload["permissions"]) { throw new NoPermissionError(); } if (!jwtPayload["permissions"]) { throw new NoPermissionError(); }
@ -40,6 +41,10 @@ const authchecker = async (action: Action, permissions: string[] | string) => {
return true; return true;
} }
/**
* Handels soft-refreshing of access-tokens.
* @param action Routing-Controllers action object that provides request and response objects among other stuff.
*/
const refresh = async (action: Action) => { const refresh = async (action: Action) => {
let refresh_token = undefined; let refresh_token = undefined;
try { try {