stackpress/cjs/session/Session.js

Incept is a content management framework.

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const jose_1 = require("jose");
const Exception_js_1 = __importDefault(require("../Exception.js"));
const helpers_js_1 = require("./helpers.js");
class SessionServer {
    static get access() {
        return this._access;
    }
    static get seed() {
        return this._seed;
    }
    static get key() {
        return this._key;
    }
    static set expires(value) {
        this._expires = value;
    }
    static authorize(req_1, res_1) {
        return __awaiter(this, arguments, void 0, function* (req, res, permits = []) {
            if (Object.keys(this._access).length === 0) {
                return true;
            }
            const session = this.load(req);
            permits.unshift({
                method: req.method.toUpperCase(),
                route: req.url.pathname
            });
            const permitted = yield session.can(...permits);
            if (!permitted) {
                res.setError(Exception_js_1.default
                    .for('Unauthorized')
                    .withCode(401)
                    .toResponse());
                return false;
            }
            res.setResults(yield session.authorization());
            return true;
        });
    }
    static configure(key, seed, access) {
        this._key = key;
        this._seed = seed;
        this._access = access;
        return this;
    }
    static create(data) {
        return __awaiter(this, void 0, void 0, function* () {
            const seed = new TextEncoder().encode(this.seed);
            const signer = new jose_1.SignJWT(data)
                .setProtectedHeader({ alg: 'HS256' })
                .setIssuedAt();
            if (!this._expires) {
                return yield signer.sign(seed);
            }
            return yield signer.setExpirationTime(this._expires).sign(seed);
        });
    }
    static token(req) {
        if (req.session.has(this.key)) {
            return req.session(this.key);
        }
        return null;
    }
    static load(token) {
        if (typeof token === 'string') {
            return new SessionServer(token);
        }
        return new SessionServer(this.token(token) || '');
    }
    constructor(token) {
        this.token = token;
    }
    authorization() {
        return __awaiter(this, void 0, void 0, function* () {
            const data = yield this.data();
            return Object.assign(Object.assign({ id: 0, roles: ['GUEST'] }, (data || {})), { token: this.token, permits: yield this.permits() });
        });
    }
    data() {
        return __awaiter(this, void 0, void 0, function* () {
            if (typeof this._data === 'undefined') {
                this._data = null;
                if (this.token.length) {
                    const seed = new TextEncoder().encode(SessionServer.seed);
                    try {
                        const { payload } = yield (0, jose_1.jwtVerify)(this.token, seed);
                        this._data = typeof payload === 'string'
                            ? JSON.parse(payload)
                            : payload;
                    }
                    catch (e) { }
                }
            }
            return this._data;
        });
    }
    guest() {
        return __awaiter(this, void 0, void 0, function* () {
            const data = yield this.data();
            return data === null;
        });
    }
    can(...permits) {
        return __awaiter(this, void 0, void 0, function* () {
            if (permits.length === 0) {
                return true;
            }
            const permissions = yield this.permits();
            const events = permissions.filter(permission => typeof permission === 'string');
            const routes = permissions.filter(permission => typeof permission !== 'string');
            return Array.isArray(permits) && permits.every(permit => typeof permit === 'string'
                ? (0, helpers_js_1.matchAnyEvent)(permit, events)
                : (0, helpers_js_1.matchAnyRoute)(permit, routes));
        });
    }
    permits() {
        return __awaiter(this, void 0, void 0, function* () {
            const data = yield this.data();
            const roles = (data === null || data === void 0 ? void 0 : data.roles) || ['GUEST'];
            return roles.map(role => SessionServer.access[role] || []).flat().filter((value, index, self) => self.indexOf(value) === index);
        });
    }
    save(res) {
        res.session.set(SessionServer.key, this.token);
        return this;
    }
}
SessionServer._access = {};
SessionServer._expires = 0;
SessionServer._key = 'session';
SessionServer._seed = 'abc123';
exports.default = SessionServer;
;