@autofleet/zehut 1.4.12 → 1.5.1

package/lib/index.d.ts

@@ -1,5 +1,8 @@
-import User from './user';
+import User, { middleware, eagerLoadPermissionsMiddleware, middlewareWithDecode, getDecodedBearer } from './user';
+import { checkFleetPermission, checkBusinessModelPermission, checkDemandSourcePermission, isUserExist, getUser } from './check-permission';
 import { UnauthorizedAccessError } from './errors';
+declare const getCurrentPayload: () => any;
+export { User, middleware, middlewareWithDecode, eagerLoadPermissionsMiddleware, getCurrentPayload, getDecodedBearer, checkFleetPermission, checkBusinessModelPermission, checkDemandSourcePermission, isUserExist, getUser, UnauthorizedAccessError, };
 declare const _default: {
     User: typeof User;
     middleware: (options?: {

package/lib/index.js

@@ -19,17 +19,31 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.UnauthorizedAccessError = exports.getUser = exports.isUserExist = exports.checkDemandSourcePermission = exports.checkBusinessModelPermission = exports.checkFleetPermission = exports.getDecodedBearer = exports.getCurrentPayload = exports.eagerLoadPermissionsMiddleware = exports.middlewareWithDecode = exports.middleware = exports.User = void 0;
 const user_1 = __importStar(require("./user"));
+exports.User = user_1.default;
+Object.defineProperty(exports, "middleware", { enumerable: true, get: function () { return user_1.middleware; } });
+Object.defineProperty(exports, "eagerLoadPermissionsMiddleware", { enumerable: true, get: function () { return user_1.eagerLoadPermissionsMiddleware; } });
+Object.defineProperty(exports, "middlewareWithDecode", { enumerable: true, get: function () { return user_1.middlewareWithDecode; } });
+Object.defineProperty(exports, "getDecodedBearer", { enumerable: true, get: function () { return user_1.getDecodedBearer; } });
 const tracer_1 = require("./tracer");
 const check_permission_1 = require("./check-permission");
+Object.defineProperty(exports, "checkFleetPermission", { enumerable: true, get: function () { return check_permission_1.checkFleetPermission; } });
+Object.defineProperty(exports, "checkBusinessModelPermission", { enumerable: true, get: function () { return check_permission_1.checkBusinessModelPermission; } });
+Object.defineProperty(exports, "checkDemandSourcePermission", { enumerable: true, get: function () { return check_permission_1.checkDemandSourcePermission; } });
+Object.defineProperty(exports, "isUserExist", { enumerable: true, get: function () { return check_permission_1.isUserExist; } });
+Object.defineProperty(exports, "getUser", { enumerable: true, get: function () { return check_permission_1.getUser; } });
 const errors_1 = require("./errors");
+Object.defineProperty(exports, "UnauthorizedAccessError", { enumerable: true, get: function () { return errors_1.UnauthorizedAccessError; } });
 tracer_1.enable();
+const getCurrentPayload = tracer_1.getCurrentTrace;
+exports.getCurrentPayload = getCurrentPayload;
 exports.default = {
     User: user_1.default,
     middleware: user_1.middleware,
     middlewareWithDecode: user_1.middlewareWithDecode,
     eagerLoadPermissionsMiddleware: user_1.eagerLoadPermissionsMiddleware,
-    getCurrentPayload: tracer_1.getCurrentTrace,
+    getCurrentPayload,
     getDecodedBearer: user_1.getDecodedBearer,
     checkFleetPermission: check_permission_1.checkFleetPermission,
     checkBusinessModelPermission: check_permission_1.checkBusinessModelPermission,

package/lib/user/index.js

@@ -13,6 +13,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getDecodedBearer = exports.eagerLoadPermissionsMiddleware = exports.middlewareWithDecode = exports.middleware = void 0;
+const jsonwebtoken_1 = require("jsonwebtoken");
 const ApiUser_1 = __importDefault(require("./ApiUser"));
 const utils_1 = require("../utils");
 const tracer_1 = require("../tracer");
@@ -39,8 +40,32 @@ exports.middleware = (options = {}) => (req, res, next) => __awaiter(void 0, voi
 exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
     var _a;
     const trace = tracer_1.newTrace('userPayload');
+    let decoded;
     if (req.headers.authorization) {
-        const decoded = utils_1.decodeBearer(req.headers.authorization);
+        try {
+            decoded = utils_1.decodeBearer(req.headers.authorization);
+        }
+        catch (e) {
+            if (e instanceof jsonwebtoken_1.TokenExpiredError) {
+                res.status(401);
+                res.json({
+                    errors: ['Access token expired'],
+                });
+            }
+            else if (e instanceof jsonwebtoken_1.JsonWebTokenError) {
+                res.status(400);
+                res.json({
+                    errors: [e.message],
+                });
+            }
+            else {
+                res.status(500);
+                res.json({
+                    errors: ['Server error while parsing token'],
+                });
+            }
+            return;
+        }
         const userId = (_a = decoded === null || decoded === void 0 ? void 0 : decoded.user) === null || _a === void 0 ? void 0 : _a.id;
         if (userId) {
             req.headers['X-AF-USER-ID'] = userId;

package/lib/utils.js

@@ -31,7 +31,7 @@ const CONTEXT_MAP_PROPS = {
 exports.getAuthFromBearer = (bearer) => bearer.replace('Bearer ', '');
 exports.decodeBearer = (bearer) => {
     const token = bearer.replace('Bearer ', '');
-    const decoded = jwt.decode(token);
+    const decoded = jwt.verify(token);
     return decoded;
 };
 exports.parsePermissions = (contextId, decodedToken) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@autofleet/zehut",
-  "version": "1.4.12",
+  "version": "1.5.1",
   "description": "manage user's identity",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",