npm - @go-mailer/jarvis - Versions diffs - 4.2.5 → 5.0.0 - Mend

@go-mailer/jarvis 4.2.5 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/lib/middlewares/auth.js +21 -11
package/package.json +1 -1

package/lib/middlewares/auth.js CHANGED Viewed

@@ -10,7 +10,7 @@ const { verifyAPIKey } = require("../clients/iam");
 const authLogger = new ProcessLogger("Authenticator");
 // helpers
-const extract_token = (headers) => {
+const extractToken = (headers) => {
   const { authorization } = headers;
   if (!authorization) throw new Error("Unauthorized");
@@ -20,13 +20,14 @@ const extract_token = (headers) => {
   return token;
 };
-const extract_tenant_id = (request) => {
-  const { params, query } = request;
-  let tenant_id = { $exists: true };
-  if (query.tenant_id) tenant_id = query.tenant_id;
-  if (params.tenant_id) tenant_id = params.tenant_id;
+const extractId = (request, key) => {
+  const { params, query, body } = request;
+  let id = { $exists: true };
+  if (query[key]) id = query[key];
+  if (params[key]) id = params[key];
+  if (body[key]) id = body[key];
-  return tenant_id;
+  return id;
 };
 // main
@@ -40,7 +41,7 @@ const authenticateAdmin = async (request, response, next) => {
 const authenticateBearerKey = async (request, response, next) => {
   try {
-    const token = extract_token(request.headers);
+    const token = extractToken(request.headers);
     request.tenant_id = await verifyAPIKey(token);
     next();
   } catch (e) {
@@ -49,6 +50,12 @@ const authenticateBearerKey = async (request, response, next) => {
   }
 };
+const authenticateMembership = (tenant_id, memberships = []) => {
+  const membership = memberships.find((mbrship) => Number(mbrship.tenant_id) === Number(tenant_id));
+  if (!membership || membership.status !== "active") throw new Error('Unauthorized')
+  return tenant_id
+};
 const authenticateParamKey = async (request, response, next) => {
   try {
     const { api_key: token } = request.params;
@@ -67,18 +74,21 @@ const authenticateUser = async (request, response, next) => {
     const ISSUER = Env.fetch("JWT_ISSUER", true);
     const SECRET = Env.fetch("JWT_SECRET", true);
-    const token = extract_token(request.headers);
+    const token = extractToken(request.headers);
     if (token === DEFAULT_TOKEN) {
       // inter-service requests
       request.is_service_request = true;
       // typically scope requests by tenant_id
       request.tenant_id = request.body.tenant_id || request.query.tenant_id || { $exists: true };
+      request.user_id = request.body.user_id || request.query.user_id || { $exists: true };
       return next();
     }
-    const { tenant_id, is_admin } = await jwt.verify(token, SECRET, { issuer: ISSUER });
+    const { id: user_id, is_admin, memberships } = await jwt.verify(token, SECRET, { issuer: ISSUER });
+    const tenant_id = extractId(request, "tenant_id");
     request.is_admin = !!is_admin;
-    request.tenant_id = is_admin ? extract_tenant_id(request) : tenant_id;
+    request.user_id = is_admin ? extractId(request, "user_id") : user_id;
+    request.tenant_id = is_admin ? tenant_id : authenticateMembership(tenant_id, memberships);
     next();
   } catch (e) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@go-mailer/jarvis",
-  "version": "4.2.5",
+  "version": "5.0.0",
   "main": "index.js",
   "repository": "git@github.com:go-mailer-ltd/jarvis-node.git",
   "author": "Nathan Oguntuberu <nateoguns.work@gmail.com>",