@intranefr/superbackend 1.6.3 → 1.6.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/middleware/auth.js +31 -3
- package/src/middleware.js +28 -5
- package/src/routes/experiments.routes.js +2 -2
package/package.json
CHANGED
package/src/middleware/auth.js
CHANGED
|
@@ -131,9 +131,37 @@ const adminSessionAuth = (req, res, next) => {
|
|
|
131
131
|
|
|
132
132
|
// Admin authentication middleware that supports both session and basic auth
|
|
133
133
|
const adminAuth = (req, res, next) => {
|
|
134
|
-
// First try session authentication
|
|
135
|
-
if (req.session && req.session.authenticated) {
|
|
136
|
-
|
|
134
|
+
// First try session authentication (only if session exists AND is authenticated)
|
|
135
|
+
if (req.session && req.session.authenticated === true) {
|
|
136
|
+
// Verify session is still valid (check login time)
|
|
137
|
+
const loginTime = new Date(req.session.loginTime);
|
|
138
|
+
const now = new Date();
|
|
139
|
+
const sessionAge = (now - loginTime) / (1000 * 60 * 60); // hours
|
|
140
|
+
|
|
141
|
+
// Session expires after 24 hours
|
|
142
|
+
if (sessionAge > 24) {
|
|
143
|
+
req.session.destroy((err) => {
|
|
144
|
+
if (err) console.error('Error destroying expired session:', err);
|
|
145
|
+
});
|
|
146
|
+
|
|
147
|
+
if (req.xhr || req.headers.accept?.includes('application/json')) {
|
|
148
|
+
return res.status(401).json({
|
|
149
|
+
error: "Session expired",
|
|
150
|
+
redirectTo: `${req.adminPath || '/admin'}/login`
|
|
151
|
+
});
|
|
152
|
+
}
|
|
153
|
+
|
|
154
|
+
return res.redirect(`${req.adminPath || '/admin'}/login?error=Session expired`);
|
|
155
|
+
}
|
|
156
|
+
|
|
157
|
+
// Attach user info to request for consistency with other auth middleware
|
|
158
|
+
req.user = {
|
|
159
|
+
authenticated: true,
|
|
160
|
+
authType: req.session.authType,
|
|
161
|
+
role: req.session.role
|
|
162
|
+
};
|
|
163
|
+
|
|
164
|
+
return next();
|
|
137
165
|
}
|
|
138
166
|
|
|
139
167
|
// Fallback to basic auth for backward compatibility
|
package/src/middleware.js
CHANGED
|
@@ -44,6 +44,7 @@ const {
|
|
|
44
44
|
} = require("./middleware/errorCapture");
|
|
45
45
|
const rateLimiter = require("./services/rateLimiter.service");
|
|
46
46
|
const pluginsService = require("./services/plugins.service");
|
|
47
|
+
const telegramService = require("./services/telegram.service");
|
|
47
48
|
|
|
48
49
|
let errorCaptureInitialized = false;
|
|
49
50
|
|
|
@@ -229,8 +230,6 @@ function createMiddleware(options = {}) {
|
|
|
229
230
|
maxPoolSize: 10,
|
|
230
231
|
};
|
|
231
232
|
|
|
232
|
-
const telegramService = require("./services/telegram.service");
|
|
233
|
-
|
|
234
233
|
// Return a promise that resolves when connection is established
|
|
235
234
|
const connectionPromise = mongoose
|
|
236
235
|
.connect(mongoUri, connectionOptions)
|
|
@@ -251,7 +250,19 @@ const telegramService = require("./services/telegram.service");
|
|
|
251
250
|
// Initialize Telegram bots (check telegram config)
|
|
252
251
|
const telegramEnabled = options.telegram?.enabled !== false;
|
|
253
252
|
if (telegramEnabled) {
|
|
254
|
-
|
|
253
|
+
const telegramInitializer =
|
|
254
|
+
(telegramService && typeof telegramService.initialize === "function"
|
|
255
|
+
? telegramService.initialize.bind(telegramService)
|
|
256
|
+
: null) ||
|
|
257
|
+
(telegramService && typeof telegramService.init === "function"
|
|
258
|
+
? telegramService.init.bind(telegramService)
|
|
259
|
+
: null);
|
|
260
|
+
|
|
261
|
+
if (telegramInitializer) {
|
|
262
|
+
await telegramInitializer();
|
|
263
|
+
} else {
|
|
264
|
+
console.warn("⚠️ Telegram service has no initialize/init method; skipping startup");
|
|
265
|
+
}
|
|
255
266
|
} else {
|
|
256
267
|
console.log("🔍 Telegram bots disabled - telegram.enabled:", options.telegram?.enabled);
|
|
257
268
|
}
|
|
@@ -396,9 +407,21 @@ const telegramService = require("./services/telegram.service");
|
|
|
396
407
|
// Initialize Telegram bots for existing connection (check telegram config)
|
|
397
408
|
const telegramEnabled = options.telegram?.enabled !== false;
|
|
398
409
|
if (telegramEnabled) {
|
|
399
|
-
|
|
410
|
+
const telegramInitializer =
|
|
411
|
+
(telegramService && typeof telegramService.initialize === "function"
|
|
412
|
+
? telegramService.initialize.bind(telegramService)
|
|
413
|
+
: null) ||
|
|
414
|
+
(telegramService && typeof telegramService.init === "function"
|
|
415
|
+
? telegramService.init.bind(telegramService)
|
|
416
|
+
: null);
|
|
417
|
+
|
|
418
|
+
if (!telegramInitializer) {
|
|
419
|
+
console.warn("⚠️ Telegram service has no initialize/init method; skipping startup (existing connection)");
|
|
420
|
+
} else {
|
|
421
|
+
telegramInitializer().catch(err => {
|
|
400
422
|
console.error("Failed to initialize Telegram service (existing connection):", err);
|
|
401
|
-
|
|
423
|
+
});
|
|
424
|
+
}
|
|
402
425
|
} else {
|
|
403
426
|
console.log("🔍 Telegram bots disabled - telegram.enabled:", options.telegram?.enabled, "(existing connection)");
|
|
404
427
|
}
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
const express = require('express');
|
|
2
2
|
const router = express.Router();
|
|
3
3
|
|
|
4
|
-
const {
|
|
4
|
+
const { adminAuth } = require('../middleware/auth');
|
|
5
5
|
const rateLimiter = require('../services/rateLimiter.service');
|
|
6
6
|
|
|
7
7
|
const controller = require('../controllers/experiments.controller');
|
|
8
8
|
|
|
9
9
|
router.use(express.json({ limit: '1mb' }));
|
|
10
|
-
router.use(
|
|
10
|
+
router.use(adminAuth);
|
|
11
11
|
|
|
12
12
|
router.get(
|
|
13
13
|
'/:code/assignment',
|