UNPKG

teleprice-quoting-system

Version:

a live feed pricing system for exchanges, wire services, and telegraphic news. Use in indexing pricing and matching indexed prices.

github.com/freight-chain/pqms

freight-chain/pqms

101 lines (94 loc) 3.37 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
import * as express from 'express'; import * as fs from 'fs'; const expressJwt = require('express-jwt'); import { User } from '../models/security.model'; /** * JWT Authentication middleware from the REST APIs */ const authMiddlewareFactory = () => { return (config: User) => { return ( req: express.Request, res: express.Response, next: express.NextFunction ) => { (async () => { // Enabled if JWT Authentication is turned on if (process.env.JWT_AUTH === 'true') { const RSA_PUBLIC_KEY = await fs.readFileSync( process.env.RSA_PUBLIC_KEY_FILE ); await expressJwt({ secret: RSA_PUBLIC_KEY })(req, res, err => { // Check if token is valid if (err) { res.status(401).json({ message: 'Unauthorized User' }); } else { // If the token is valid, req.user will be set with the JSON object decoded const obj: any = req; if ( config.role !== undefined && obj.user.role !== undefined && config.role === obj.user.role ) { next(); } else { res .status(401) .json({ message: 'Unauthorized role :' + obj.user.role }); } } }); } else { next(); } })(); }; }; }; /** * GraphQL Middleware which will check if the user credentials are proper */ const authGraphQLMiddlewareFactory = () => { return (req, res, next) => { // console.log('Middleware called'); // If the token is valid, req.user will be set with the JSON object decoded const obj: any = req; if (obj.user.role !== undefined && 'test' === obj.user.role) { next(); } else { res.status(401).end('Unauthorized role'); } }; }; export const checkUser = async (user: any): Promise<any> => { if (user.role !== undefined && 'ADMIN' === user.role) { return Promise.resolve(user); } else { return Promise.reject('Unauthorised User'); } }; export const getUserRole = ctx => { if (process.env.JWT_AUTH === 'true') { return Promise.resolve( ctx.user && ctx.user.role ? ctx.user.role : 'UNKNOWN' ); } else { return Promise.resolve('UNKNOWN'); } }; /** * GraphQL Context Middleware * If Valid JWT token is present the user object is set on the context * This functional validates the user information and role * @param ctx */ export const getAuthenticatedUser = ctx => { if (process.env.JWT_AUTH === 'true') { return checkUser(ctx.user); } else { return Promise.resolve(ctx); } }; const authMiddleware = authMiddlewareFactory(); const graphQLAuthMiddleware = authGraphQLMiddlewareFactory(); export { authMiddleware, graphQLAuthMiddleware };