lfk/backend
2
0
Fork 0
Code Issues 1 Pull Requests Actions Projects Releases 40 Activity

sample implementation of authorizationChecker

Browse Source
This commit is contained in:
Philipp Dormann 2020-11-27 19:45:44 +01:00
parent f7d7f5e75f
commit d5c6c9238f
1 changed files with 50 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
src/app.ts
View File

@ -1,22 +1,66 @@
import "reflect-metadata"; import "reflect-metadata";
import * as dotenvSafe from "dotenv-safe"; import * as dotenvSafe from "dotenv-safe";
import { createExpressServer } from "routing-controllers"; import { Action, createExpressServer, HttpError } from "routing-controllers";
import consola from "consola"; import consola from "consola";
import loaders from "./loaders/index"; import loaders from "./loaders/index";
//
import * as jwt from "jsonwebtoken";
//
dotenvSafe.config(); dotenvSafe.config();
const PORT = process.env.APP_PORT || 4010; const PORT = process.env.APP_PORT || 4010;
const sampletoken = jwt.sign({
"permissions": {
"TRACKS": ["read", "update", "delete", "add"]
}
}, process.env.JWT_SECRET || "secretjwtsecret")
console.log(`sampletoken: ${sampletoken}`);
const app = createExpressServer({ const app = createExpressServer({
controllers: [__dirname + "/controllers/*.ts"], authorizationChecker: async (action: Action, permissions: string | string[]) => {
let required_permissions = permissions
if (typeof permissions === "string") {
required_permissions = [permissions]
}
// const token = action.request.headers["authorization"];
const provided_token = action.request.query["auth"];
try {
const jwtPayload = <any>jwt.verify(provided_token, process.env.JWT_SECRET || "secretjwtsecret");
if (jwtPayload.permissions) {
action.response.local = {}
action.response.local.jwtPayload = jwtPayload.permissions
required_permissions.forEach(r => {
const permission_key = r.split(":")[0]
const permission_access_level = r.split(":")[1]
// console.log(permission_key);
// console.log(permission_access_level);
if (jwtPayload.permissions[permission_key].indexOf(r) === 1) {
return true;
} else {
// TODO: throw/return proper HttpError
return false;
}
});
} else {
// TODO: throw/return proper HttpError
return false;
}
} catch (error) {
console.log(error);
// throw new HttpError(401, "jwt_illegal")
return false
}
return true;
},
development: false,
controllers: [`${__dirname}/controllers/*.ts`],
}); });
async function main() { (async () => {
await loaders(app); await loaders(app);
app.listen(PORT, () => { app.listen(PORT, () => {
consola.success( consola.success(
`⚡️[server]: Server is running at http://localhost:${PORT}` `⚡️[server]: Server is running at http://localhost:${PORT}`
); );
}); });
} })();
main();