UNPKG

zcatalyst-cli

Version:

Command Line Tool for CATALYST

catalyst.zoho.com

86 lines (85 loc) 2.97 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
'use strict'; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); const https_1 = __importDefault(require("https")); const querystring_1 = __importDefault(require("querystring")); exports.default = (req, res, next) => { const app = req.app; const bestRule = res.locals.bestRule; const types = bestRule.authentication; if (types === undefined || types === null) { if (req.url.startsWith('/baas/logout')) { app.locals.auth = {}; } next(); return; } if (app.locals.auth === undefined) { app.locals.auth = {}; } if (app.locals.auth[req.url] === undefined) { app.locals.auth[req.url] = {}; } const currentTypeByValue = types.reduce((accumulator, type) => { switch (type) { case 'APIKey': const apikey = req.query.ZCFKEY === undefined ? req.get('ZCFKEY') : req.query.ZCFKEY; if (apikey !== undefined) { accumulator[0] = type; accumulator[1] = apikey + ''; req.headers.ZCFKEY = apikey + ''; } break; case 'OAuth': const oauthHeader = req.get('authorization'); if (oauthHeader !== undefined) { accumulator[0] = type; accumulator[1] = oauthHeader; } break; case 'CatalystUserManagement': const csrfToken = req.cookies.ZD_CSRF_TOKEN; if (csrfToken !== undefined) { accumulator[0] = type; accumulator[1] = csrfToken; } break; } return accumulator; }, []); if (currentTypeByValue.length === 0) { next(new Error('NO_ACCESS')); return; } if (app.locals.auth[req.url][currentTypeByValue[1]]) { next(); return; } const data = querystring_1.default.stringify({ type: currentTypeByValue[0] }); const projectId = req.headers['x-zc-projectid']; const headers = ['cookie', 'authorization', 'ZCFKEY'].reduce((result, headerName) => { if (req.headers[headerName] !== undefined) { result[headerName] = req.headers[headerName]; } return result; }, {}); const authReq = https_1.default.get(`https://${req.headers['x-zc-project-domain']}/baas/${projectId}/check-auth?${data}`, { headers }, (serverRes) => { if (serverRes.statusCode === 200) { app.locals.auth[req.url][currentTypeByValue[1]] = true; next(); } else { next(new Error('NO_ACCESS')); } }); authReq.on('error', () => { next(new Error('NO_ACCESS')); }); authReq.end(); };