@httpc/kit
Version:
httpc toolbox for building function-based API with minimal code and end-to-end type safety
121 lines (120 loc) • 4.61 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.useIsAuthorized = exports.useAuthorize = exports.useAuthorization = exports.useAuthentication = exports.useIsAuthenticated = exports.useUser = void 0;
const server_1 = require("@httpc/server");
const di_1 = require("../di");
const logging_1 = require("../logging");
const permissions_1 = require("../permissions");
function useUser(mode) {
const { user } = (0, server_1.useContext)();
if (!user && mode !== "optional") {
throw new server_1.UnauthorizedError();
}
return user;
}
exports.useUser = useUser;
function useIsAuthenticated() {
return !!useUser("optional");
}
exports.useIsAuthenticated = useIsAuthenticated;
function useAuthentication(user) {
(0, server_1.useContextProperty)("user", user || undefined);
(0, logging_1.useLogger)().verbose("Authentication: %o", user || "Anonymous");
return user;
}
exports.useAuthentication = useAuthentication;
function useAuthorization(action, auth) {
if (arguments.length === 1) {
auth = action;
action = "set";
}
let { authorization } = (0, server_1.useContext)();
if (action && auth) {
// check if an authz service is registered
const service = getAuthorizationService();
if (service) {
if (action === "merge" && authorization) {
authorization = authorization.merge(auth);
}
authorization = service.createAuthorization(auth);
}
else {
// no service --> use raw authorization management
if (action === "merge" && authorization) {
authorization = authorization.merge(auth);
}
else if (auth instanceof permissions_1.Authorization) {
authorization = auth;
}
else {
authorization = permissions_1.Authorization.parse(auth);
}
}
(0, server_1.useContextProperty)("authorization", authorization);
const logger = (0, logging_1.useLogger)();
if (logger.isLevelEnabled("verbose")) {
logger.verbose("Authorization: %s", authorization.toString());
}
}
return authorization;
}
exports.useAuthorization = useAuthorization;
function useAuthorize(permissions) {
const logger = (0, logging_1.useLogger)();
if (!permissions) {
logger.warn("Authorized: no permission provided");
return;
}
const authorization = useAuthorization();
if (!authorization) {
logger.warn("Not Authorized: missing authorization");
throw new server_1.UnauthorizedError();
}
// check if an authz service is registered
const service = getAuthorizationService();
if (service) {
service.assert(authorization, permissions);
}
else {
// no service --> use raw assert
const assertion = typeof permissions === "string" ? permissions_1.Assertion.parse(permissions) : permissions;
if (!assertion.test(authorization).success) {
logger.warn("Not Authorized: %s", assertion);
throw new server_1.ForbiddenError();
}
}
logger.verbose("Authorized: %s", permissions);
}
exports.useAuthorize = useAuthorize;
function useIsAuthorized(permissions) {
const logger = (0, logging_1.useLogger)();
if (!permissions) {
logger.warn("IsAuthorized(OK): no permission provided");
return true;
}
const authorization = useAuthorization();
if (!authorization) {
logger.warn("IsAuthorized(KO): missing authorization");
return false;
}
let isAuthorized;
// check if an authz service is registered
const service = getAuthorizationService();
if (service) {
isAuthorized = service.check(authorization, permissions);
}
else {
// no service --> use raw assert
const assertion = typeof permissions === "string" ? permissions_1.Assertion.parse(permissions) : permissions;
isAuthorized = assertion.test(authorization).success;
}
logger.verbose("IsAuthorized(%s): %s", isAuthorized ? "OK" : "KO", permissions);
return isAuthorized;
}
exports.useIsAuthorized = useIsAuthorized;
function getAuthorizationService() {
const container = (0, di_1.useContainer)();
if (container.isRegistered((0, di_1.KEY)("IAuthorizationService"), true)) {
return (0, di_1.RESOLVE)(container, "IAuthorizationService");
}
}