@fdm-monster/server/dist/middleware/authenticate.js

FDM Monster is a bulk OctoPrint manager to set up, configure and monitor 3D printers. Our aim is to provide extremely optimized websocket performance and reliability.

"use strict";
Object.defineProperty(exports, "__esModule", {
    value: true
});
function _export(target, all) {
    for(var name in all)Object.defineProperty(target, name, {
        enumerable: true,
        get: all[name]
    });
}
_export(exports, {
    authenticate: function() {
        return authenticate;
    },
    authorizeRoles: function() {
        return authorizeRoles;
    },
    permission: function() {
        return permission;
    }
});
const _awilixexpress = require("awilix-express");
const _runtimeexceptions = require("../exceptions/runtime.exceptions");
const _authorizationconstants = require("../constants/authorization.constants");
const authenticate = ()=>(0, _awilixexpress.inject)((authService, loggerFactory, settingsStore)=>async (req, res, next)=>{
            const logger = loggerFactory("Middleware:authenticate");
            const isLoginRequired = await settingsStore.getLoginRequired();
            if (!isLoginRequired) {
                return next();
            }
            if (req.user?.needsPasswordChange) {
                throw new _runtimeexceptions.AuthenticationError("Password change required", _authorizationconstants.AUTH_ERROR_REASON.PasswordChangeRequired);
            }
            const bearer = req.headers.authorization?.replace("Bearer ", "") || undefined;
            if (!!bearer?.length && authService.isJwtTokenBlacklisted(bearer)) {
                throw new _runtimeexceptions.AuthenticationError("Not authenticated", _authorizationconstants.AUTH_ERROR_REASON.LoginRequired);
            }
            if (req.isAuthenticated()) {
                return next();
            }
            logger.log(`Not authenticated for route: ${req.originalUrl}`);
            throw new _runtimeexceptions.AuthenticationError("Not authenticated", _authorizationconstants.AUTH_ERROR_REASON.InvalidOrExpiredAuthToken);
        });
function permission(requiredPermission) {
    return (0, _awilixexpress.inject)((permissionService, roleService)=>async (req, res, next)=>{
            const userRoles = req.roles;
            if (!userRoles?.length) {
                throw new _runtimeexceptions.AuthorizationError({
                    permissions: [
                        requiredPermission
                    ]
                });
            }
            const assignedPermissions = roleService.getRolesPermissions(userRoles);
            if (!permissionService.authorizePermission(requiredPermission, assignedPermissions)) {
                throw new _runtimeexceptions.AuthorizationError({
                    permissions: [
                        requiredPermission
                    ]
                });
            }
            next();
        });
}
const authorizeRoles = (roles, subset = true)=>(0, _awilixexpress.inject)((roleService)=>async (req, res, next)=>{
            if (!req.roles?.length || !roleService.authorizeRoles(roles, req.roles, subset)) {
                throw new _runtimeexceptions.AuthorizationError({
                    roles
                });
            }
            next();
        });

//# sourceMappingURL=authenticate.js.map