UNPKG

@authxyz/core

Version:

Authxyz core package for authentication implementations and providers.

github.com/kisshan13/authxyz

kisshan13/authxyz

97 lines (96 loc) 4.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; import jwt from "jsonwebtoken"; import { cookieName } from "./sign.js"; import { errorFormatter, jwtError } from "./errors.js"; function middlewareProtect(roles, secret, adapter, validationMethod) { const useAuthorization = middlewareValidateAuthorization({ secret: secret, method: validationMethod, }); return (req, res, next) => __awaiter(this, void 0, void 0, function* () { const isAuthenticated = yield useAuthorization(req, res, next); if (isAuthenticated.status !== "error" && isAuthenticated.status) { const user = yield adapter.getUser({ id: isAuthenticated.data.id }); res["id"] = isAuthenticated.data.id; res["user"] = user; if (roles.includes(user === null || user === void 0 ? void 0 : user.role)) { return { data: null, status: true, }; } res.status(401).json({ message: "Unauthorized (Missing permission)" }); return { data: null, status: false, }; } }); } function middlewareValidateAuthorization({ secret, method, }) { return (req, res, next) => __awaiter(this, void 0, void 0, function* () { var _a; switch (method) { case "JWT": const token = (_a = req.headers.authorization) === null || _a === void 0 ? void 0 : _a.split(" ")[1]; if (!token) { res.status(401).json({ message: "Invalid Auth token" }); return { data: null, status: false, }; } const isValid = jwt.verify(token, secret); if (typeof isValid === "object") { return { data: { id: isValid === null || isValid === void 0 ? void 0 : isValid.id, }, status: true, }; } res.status(401).json({ message: "Invalid Auth token" }); return { data: null, status: false, }; case "COOKIE": const cookieInfo = req.signedCookies[cookieName]; if (!cookieInfo) { res.status(401).json({ message: "Invalid Auth token" }); return { data: null, status: false, }; } return { data: { id: cookieInfo === null || cookieInfo === void 0 ? void 0 : cookieInfo.id }, status: true, }; } }); } function useProtect(roles, { secret, adapter, validationMethod }) { const useProtected = middlewareProtect(roles, secret, adapter, validationMethod); return (req, res, next) => __awaiter(this, void 0, void 0, function* () { try { const isAuthenticated = yield useProtected(req, res, next); if (isAuthenticated.status) { next(); } } catch (error) { const response = errorFormatter(error, [jwtError]); res.status(response.status).json(response); } }); } export { middlewareValidateAuthorization, middlewareProtect, useProtect };