publication-igid
Version:
Authorization gateway relying on an auth service for providing user editing interfaces
277 lines (250 loc) • 10.2 kB
JavaScript
//
const { GeneralAuth, SessionManager_Lite } = require('copious-transitions')
const cookieParser = require('cookie-parser');
// from SessionManager_Lite because this is a consumer if sessions and does not create them
//
class PublicationSessionManager extends SessionManager_Lite {
constructor(exp_app,db_obj,business,trans_engine,token_storage) { //
super(exp_app,db_obj,business,trans_engine,token_storage) //
// ---- ---- ---- ---- ---- ---- ---- ---- ----
this.middle_ware.push(cookieParser()) // use a cookie parser
}
token_match(session_from_cookie,session_token) {
// or decrypt the token from the cookie
if ( session_from_cookie === session_token ) return(true)
return(false)
}
/**
* selected_session_table_hash
*
* @param {string} msg
* @returns
*/
selected_session_table_hash(token,ucwid) {
let msg = `${token}-${ucwid}`
return do_hash(msg)
}
/**
* guard
*
* @param {string} asset
* @param {object} body
* @param {object} req
* @returns boolean
*/
//
async guard(asset,body,req) {
if ( asset.substring(0,'publication'.length) === 'publication' ) {
let app_scheme_id = asset.substring('publication'.length + 1)
if ( app_scheme_id.length ) {
let session = body.session
if ( !(this.app_user_check_cookie(req,session)) ) {
return false
}
return await super.session_guard(session,app_scheme_id)
}
} else {
let session = body.session
let app_scheme_id = body['ucwid']
return await super.session_guard(session,app_scheme_id)
}
return(true) // true by default
}
//
//process_asset(asset_id,post_body) {}
async feasible(transition,post_body,req) { // is the transition something that can be done?
if ( G_publication_asset.tagged(transition) ) {
return(true)
}
if ( G_publication_trns.tagged(transition) ) {
return(true)
}
if ( G_publication_commands_trns.tagged(transition) ) {
let topic = post_body.topic
let hash = post_body.hash
if ( G_publication_commands_trns.can_upload(topic,hash) ) {
// the transition engine will make use of the pub/sub system...
// expect commands to go this way.. requesting changes in the backend such as a file moving directories, etc.
return true
} else if ( G_publication_commands_trns.can_publish(topic) ) {
return true
}
}
return(super.feasible(transition,post_body,req))
}
/*
post_body.ucwid = user_info.ccwid
post_body.session = session
post_body.hash = data.hash
post_body.topic === "command-upload",
post_body.path === "upload-media" | "upload-lite"
post_body.public_signer
post_body.axiom_public_key
//
post_body.protocol === "default-p2p" | undefined
post_body.preamble_size
post_body.meta --- good data ... all descriptors // media, poster substructures, etc.
//
*/
//
async process_transition(transition,post_body,req) {
let trans_object = super.process_transition(transition,post_body,req)
if ( G_publication_trns.tagged(transition) ) {
post_body._uuid_prefix = G_publication_trns.uuid_prefix()
}
if ( G_publication_asset.tagged(transition) ) {
G_publication_asset.update(post_body)
trans_object.secondary_action = G_publication_asset.has_secondary_action(transition)
}
if ( G_publication_commands_trns.tagged(transition) ) { // relay the publication possibility
if ( G_publication_commands_trns.can_upload(post_body.topic,post_body.hash) ) {
//
trans_object = trans_object.to_object()
//
// by detail below
for ( let ky in post_body ) {
trans_object[ky] = post_body[ky]
}
// trans_object -- becomes body for the uploader...
trans_object.secondary_action = true // G_publication_commands_trns.has_secondary_action(transition)
// -----
trans_object.transition = 'uploader-preparation' // this transition object becomes a body for another process using transition processing
trans_object.uploader_type = post_body.path
//
trans_object.topic = post_body.topic // === "command-upload",
trans_object.path = post_body.path // === "upload-media" | "upload-lite"
trans_object.hash = post_body.hash
//
trans_object.ucwid = post_body.ucwid // user_info.ccwid
trans_object.session = post_body.session
trans_object.public_signer = post_body.public_signer
trans_object.axiom_public_key = post_body.axiom_public_key
//
if ( post_body.meta ) {
trans_object.meta = post_body.meta // meta ???
trans_object.protocol = post_body.protocol
trans_object.preamble_size = post_body.preamble_size
}
//
} else {
/// don't have to do anything ???
trans_object = trans_object.to_object()
}
}
return(trans_object)
}
//
match(post_body,transtion_object) {
if ( G_publication_trns.tagged(transtion_object.tobj.asset_key) ) {
post_body._t_match_field = post_body[G_publication_trns.match_key()]
}
return super.match(post_body,transtion_object)
}
//
async finalize_transition(transition,post_body,elements,req) {
//
if ( G_publication_trns.tagged(transition) || G_publication_commands_trns.tagged(transition) ) {
let status = await this.update_session_state(transition,post_body,req)
let finalization_state = { // this has to get fancy
"state" : "computed",
"OK" : (status ? "true" : "false")
}
// set a cookie for use by other micro services
return(finalization_state)
}
//
if ( G_publication_asset.tagged(transition) ) {
let status = await this.update_session_state(transition,post_body,req)
let finalization_state = { // this has to get fancy
"state" : "computed",
"OK" : (status ? "true" : "false")
}
return(finalization_state)
}
//
let finalization_state = {
"state" : "ERROR",
"OK" : "false"
}
return(finalization_state)
}
//
set_cookie(res,cookie_id,value,age) {
if ( res ) {
res.cookie(cookie_id,value, { maxAge: age, httpOnly: true });
}
}
//
release_cookie(res,cookie_id) {
if ( res ) {
res.clearCookie(cookie_id);
}
}
//
app_user_check_cookie(req,session_token) {
if ( this.user_cookie !== undefined ) {
if ( req && (req.cookies !== undefined) ) {
let session_from_cookie = req.cookies[this.user_cookie]
if ( session_from_cookie !== undefined ) {
// will check this if it is being used... otherwise, out the weight on having the token in the body.
if ( !(this.token_match(session_from_cookie,session_token)) ) {
return(false)
}
}
}
}
return(true)
}
//
which_uploaded_files(req,post_body) {
if ( req ) {
let files = req.files
return(files) // the application should handle this
}
return([])
}
//
key_for_user() { // communicate to the general case which key to use
let key_key = G_publication_trns.kv_store_key()
return(key_key)
}
//
async update_session_state(transition,post_body,req) { // req for session cookies if any
//
if ( G_publication_commands_trns.tagged(transition) ) {
if ( this.trans_engine && post_body.topic ) { // a valid secondary?
let topic = post_body.topic
let hash = post_body.hash
// a two party transition
if ( G_publication_commands_trns.did_publish(topic,hash) ) { // hash selects this options
return true
}
if ( G_publication_commands_trns.can_publish(topic,hash) ) {
// the transition engine will make use of the pub/sub system...
// expect commands to go this way.. requesting changes in the backend such as a file moving directories, etc.
let response = await this.trans_engine.publication_op(topic,post_body)
if ( response === "OK" || (response.status === "OK" ) ) {
return true
}
}
return false
}
}
if ( G_publication_asset.tagged(transition) ) {
let response = await this.trans_engine.forward_user_asset(post_body._transition_path,post_body)
if ( response === "OK" || (response.status === "OK" ) ) {
return true
}
return (false)
}
return(true)
}
}
class PublicationAuth extends GeneralAuth {
constructor() {
super(PublicationSessionManager) // intializes general authorization with the customized session manager class.
// super(PublicationSessionManager,SpecialTokenStorage)
}
}
var session_checker = new PublicationAuth()
module.exports = session_checker;