unleash-server
Version:
Unleash is an enterprise ready feature toggles service. It provides different strategies for handling feature toggles.
57 lines • 2.25 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.TOKEN_TYPE_ERROR_MESSAGE = void 0;
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
const api_token_1 = require("../types/models/api-token");
const isClientApi = ({ path }) => {
return path && path.startsWith('/api/client');
};
const isProxyApi = ({ path }) => {
if (!path) {
return;
}
// Handle all our current proxy paths which will redirect to the new
// embedded proxy endpoint
return (path.startsWith('/api/proxy') ||
path.startsWith('/api/development/proxy') ||
path.startsWith('/api/production/proxy') ||
path.startsWith('/api/frontend'));
};
exports.TOKEN_TYPE_ERROR_MESSAGE = 'invalid token: expected a different token type for this endpoint';
const apiAccessMiddleware = ({ getLogger, authentication, flagResolver, }, { apiTokenService }) => {
const logger = getLogger('/middleware/api-token.ts');
logger.debug('Enabling api-token middleware');
if (!authentication.enableApiToken) {
return (req, res, next) => next();
}
return (req, res, next) => {
if (req.user) {
return next();
}
try {
const apiToken = req.header('authorization');
if (!apiToken?.startsWith('user:')) {
const apiUser = apiTokenService.getUserForToken(apiToken);
const { CLIENT, FRONTEND } = api_token_1.ApiTokenType;
if (apiUser) {
if ((apiUser.type === CLIENT && !isClientApi(req)) ||
(apiUser.type === FRONTEND && !isProxyApi(req)) ||
(apiUser.type === FRONTEND &&
!flagResolver.isEnabled('embedProxy'))) {
res.status(403).send({
message: exports.TOKEN_TYPE_ERROR_MESSAGE,
});
return;
}
req.user = apiUser;
}
}
}
catch (error) {
logger.error(error);
}
next();
};
};
exports.default = apiAccessMiddleware;
//# sourceMappingURL=api-token-middleware.js.map