UNPKG

@vulcan-sql/serve

Version:

VulcanSQL package for serving projects

81 lines 3.85 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.AuthCredentialsMiddleware = void 0; const tslib_1 = require("tslib"); const core_1 = require("@vulcan-sql/core"); const models_1 = require("../../../models/index"); const authMiddleware_1 = require("./authMiddleware"); const containers_1 = require("../../../containers/index"); const inversify_1 = require("inversify"); const utils_1 = require("./utils"); /** The middleware responsible for checking request auth credentials. * It seek the 'auth' module name to match data through built-in and customized authenticator by BaseAuthenticator * */ let AuthCredentialsMiddleware = class AuthCredentialsMiddleware extends authMiddleware_1.BaseAuthMiddleware { constructor(config, name, authenticators, projectOptions) { super(config, name, authenticators); this.projectOptions = projectOptions; } onActivate() { return tslib_1.__awaiter(this, void 0, void 0, function* () { yield this.initialize(); }); } handle(context, next) { var _a; return tslib_1.__awaiter(this, void 0, void 0, function* () { // return to stop the middleware, if disabled if (!this.enabled) return next(); // The endpoint not need contains auth credentials if ((0, utils_1.checkIsPublicEndpoint)(this.projectOptions, context.path)) return next(); const authorize = (_a = context.request) === null || _a === void 0 ? void 0 : _a.headers['authorization']; if (!authorize) { throw new core_1.UserError('Please provide proper authorization information', { httpCode: 401, code: 'vulcan.unauthorized', }); } // pass current context to auth token for users for (const name of Object.keys(this.authenticators)) { const authenticator = this.authenticators[name]; if (!authorize.toLowerCase().startsWith(authenticator.getExtensionId())) { continue; } // auth token const result = yield authenticator.authCredential(context); // if state is indeterminate, change to next authentication if (result.status === models_1.AuthStatus.INDETERMINATE) continue; // if state is failed, return directly if (result.status === models_1.AuthStatus.FAIL) { context.status = 401; context.body = { type: result.type, message: result.message || 'verify token failed', }; return; } // set auth user information to context context.state.user = result.user; yield next(); return; } throw new core_1.UserError('All types of authenticator failed.', { httpCode: 401, code: 'vulcan.unauthorized', }); }); } }; AuthCredentialsMiddleware = tslib_1.__decorate([ (0, core_1.VulcanInternalExtension)('auth'), tslib_1.__param(0, (0, inversify_1.inject)(core_1.TYPES.ExtensionConfig)), tslib_1.__param(1, (0, inversify_1.inject)(core_1.TYPES.ExtensionName)), tslib_1.__param(2, (0, inversify_1.multiInject)(containers_1.TYPES.Extension_Authenticator)), tslib_1.__param(3, (0, inversify_1.inject)(core_1.TYPES.ProjectOptions)), tslib_1.__metadata("design:paramtypes", [Object, String, Array, Object]) ], AuthCredentialsMiddleware); exports.AuthCredentialsMiddleware = AuthCredentialsMiddleware; //# sourceMappingURL=authCredentialsMiddleware.js.map