@topgroup/diginext
Version:
A BUILD SERVER & CLI to deploy apps to any Kubernetes clusters.
76 lines (75 loc) • 3.74 kB
JavaScript
;
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.apiAccessTokenHandler = void 0;
const response_1 = require("diginext-utils/dist/response");
const lodash_1 = require("lodash");
const mongodb_1 = require("../plugins/mongodb");
const apiAccessTokenHandler = async (req, res, next) => {
const { ApiKeyUserService } = await Promise.resolve().then(() => __importStar(require("../services")));
const apiKeyUserSvc = new ApiKeyUserService();
// extract API key from headers
const access_token = req.headers["x-api-key"].toString();
let apiKeyAccount = await apiKeyUserSvc.findOne({ "token.access_token": access_token }, {
populate: ["workspaces", "activeWorkspace", "roles", "activeRole"],
ignorable: true,
});
if (apiKeyAccount) {
// check active workspace
if (!apiKeyAccount.activeWorkspace) {
const workspaces = apiKeyAccount.workspaces;
if (workspaces.length === 1) {
apiKeyAccount = await apiKeyUserSvc.updateOne({ _id: apiKeyAccount._id }, { activeWorkspace: workspaces[0]._id, "token.refresh_token": access_token }, { populate: ["roles", "workspaces", "activeWorkspace"] });
}
}
req.workspace = apiKeyAccount.activeWorkspace;
// role
const { roles = [] } = apiKeyAccount;
const activeRole = roles.find((role) => {
var _a;
return mongodb_1.MongoDB.toString(role.workspace) === mongodb_1.MongoDB.toString((_a = apiKeyAccount.activeWorkspace) === null || _a === void 0 ? void 0 : _a._id) &&
!role.deletedAt;
});
if (activeRole && apiKeyAccount.activeRole !== activeRole._id)
apiKeyAccount = await apiKeyUserSvc.updateOne({ _id: apiKeyAccount._id }, { activeRole: activeRole._id }, { populate: ["roles", "workspaces", "activeWorkspace", "activeRole"] });
req.role = apiKeyAccount.activeRole = activeRole;
// WHY????
if ((0, lodash_1.isEmpty)(apiKeyAccount.activeWorkspace))
delete apiKeyAccount.activeWorkspace;
if ((0, lodash_1.isEmpty)(apiKeyAccount.activeRole))
delete apiKeyAccount.activeRole;
// if (isEmpty(apiKeyAccount.activeWorkspace) && isEmpty(apiKeyAccount.activeRole)) return Response.rejected(res, "Permissions denied.");
// user
req.user = apiKeyAccount;
res.locals.user = apiKeyAccount;
return next();
}
else {
return response_1.Response.rejected(res, "API access token is invalid.");
}
// next();
// return res.status(401).json({ message: "Invalid token" });
};
exports.apiAccessTokenHandler = apiAccessTokenHandler;