@sync-in/server/server/authentication/guards/auth-basic.strategy.js

The secure, open-source platform for file storage, sharing, collaboration, and sync

/*
 * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>
 * This file is part of Sync-in | The open source file sync and share solution
 * See the LICENSE file for licensing details
 */ "use strict";
Object.defineProperty(exports, "__esModule", {
    value: true
});
Object.defineProperty(exports, "AuthBasicStrategy", {
    enumerable: true,
    get: function() {
        return AuthBasicStrategy;
    }
});
const _common = require("@nestjs/common");
const _passport = require("@nestjs/passport");
const _classtransformer = require("class-transformer");
const _nestjspino = require("nestjs-pino");
const _passporthttp = require("passport-http");
const _usermodel = require("../../applications/users/models/user.model");
const _shared = require("../../common/shared");
const _cacheservice = require("../../infrastructure/cache/services/cache.service");
const _scope = require("../constants/scope");
const _authmethod = require("../models/auth-method");
function _ts_decorate(decorators, target, key, desc) {
    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
    else for(var i = decorators.length - 1; i >= 0; i--)if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
    return c > 3 && r && Object.defineProperty(target, key, r), r;
}
function _ts_metadata(k, v) {
    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
}
let AuthBasicStrategy = class AuthBasicStrategy extends (0, _passport.PassportStrategy)(_passporthttp.BasicStrategy, 'basic') {
    async validate(req, loginOrEmail, password) {
        loginOrEmail = loginOrEmail.trim();
        password = password.trim();
        this.logger.assign({
            user: loginOrEmail
        });
        const authBasicUser = `${this.CACHE_KEY_PREFIX}-${req.headers['authorization'].split(' ').at(-1).toLowerCase()}`;
        const userFromCache = await this.cache.get(authBasicUser);
        if (userFromCache === null) {
            // not authorized
            return null;
        }
        if (userFromCache !== undefined) {
            // cached
            // warning: plainToInstance do not use constructor to instantiate class
            return (0, _classtransformer.plainToInstance)(_usermodel.UserModel, userFromCache);
        }
        const userFromDB = await this.authMethod.validateUser(loginOrEmail, password, req.ip, _scope.AUTH_SCOPE.WEBDAV);
        if (userFromDB !== null) {
            userFromDB.removePassword();
        }
        const userToCache = userFromDB ? (0, _classtransformer.instanceToPlain)(userFromDB, {
            excludePrefixes: [
                '_'
            ]
        }) : null;
        this.cache.set(authBasicUser, userToCache, this.CACHE_TTL).catch((e)=>this.logger.error(`${this.validate.name} - ${e}`));
        return userFromDB;
    }
    constructor(authMethod, cache, logger){
        super({
            passReqToCallback: true,
            realm: _shared.SERVER_NAME
        }), this.authMethod = authMethod, this.cache = cache, this.logger = logger, this.CACHE_TTL = 900, this.CACHE_KEY_PREFIX = 'auth-webdav';
    }
};
AuthBasicStrategy = _ts_decorate([
    (0, _common.Injectable)(),
    _ts_metadata("design:type", Function),
    _ts_metadata("design:paramtypes", [
        typeof _authmethod.AuthMethod === "undefined" ? Object : _authmethod.AuthMethod,
        typeof _cacheservice.Cache === "undefined" ? Object : _cacheservice.Cache,
        typeof _nestjspino.PinoLogger === "undefined" ? Object : _nestjspino.PinoLogger
    ])
], AuthBasicStrategy);

//# sourceMappingURL=auth-basic.strategy.js.map