unleash-server/dist/lib/middleware/authorization-middleware.js

Unleash is an enterprise ready feature flag service. It provides different strategies for handling feature flags.

import UnauthorizedError from '../error/unauthorized-error.js';
import { AuthenticationRequired } from '../types/index.js';
const authorizationMiddleware = (getLogger, baseUriPath) => {
    const logger = getLogger('/middleware/authorization-middleware.ts');
    logger.debug('Enabling Authorization middleware');
    return async (req, res, next) => {
        if (!req.user?.isAPI && req.session?.user) {
            req.user = req.session.user;
            return next();
        }
        if (req.user) {
            return next();
        }
        if (req.header('authorization')) {
            // API clients should get 401 with a basic body
            const error = new UnauthorizedError('You must log in to use Unleash.');
            return res.status(error.statusCode).json(error);
        }
        const path = `${baseUriPath}/auth/simple/login`;
        const error = new AuthenticationRequired({
            message: `You must log in to use Unleash. Your request had no authorization header, so we could not authorize you. Try logging in at ${path}`,
            type: 'password',
            path,
        });
        return res.status(error.statusCode).json(error);
    };
};
export default authorizationMiddleware;
//# sourceMappingURL=authorization-middleware.js.map