@oxyhq/core 3.4.11 → 3.4.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +34 -3
- package/dist/cjs/.tsbuildinfo +1 -1
- package/dist/cjs/server/auth.js +88 -0
- package/dist/cjs/server/index.js +8 -1
- package/dist/esm/.tsbuildinfo +1 -1
- package/dist/esm/server/auth.js +80 -0
- package/dist/esm/server/index.js +1 -0
- package/dist/types/.tsbuildinfo +1 -1
- package/dist/types/server/auth.d.ts +52 -0
- package/dist/types/server/index.d.ts +2 -0
- package/package.json +1 -1
- package/src/__tests__/httpServiceCsrf.test.ts +7 -7
- package/src/__tests__/userIdentity.test.ts +6 -8
- package/src/server/__tests__/auth.test.ts +78 -0
- package/src/server/auth.ts +155 -0
- package/src/server/index.ts +17 -0
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getOxyUserId = getOxyUserId;
|
|
4
|
+
exports.isOxyAuthenticated = isOxyAuthenticated;
|
|
5
|
+
exports.getRequiredOxyUserId = getRequiredOxyUserId;
|
|
6
|
+
exports.requireOxyAuth = requireOxyAuth;
|
|
7
|
+
exports.createOptionalOxyAuth = createOptionalOxyAuth;
|
|
8
|
+
exports.createOxyAuthMiddleware = createOxyAuthMiddleware;
|
|
9
|
+
function normalizeId(value) {
|
|
10
|
+
const normalized = value?.trim();
|
|
11
|
+
return normalized && normalized.length > 0 ? normalized : null;
|
|
12
|
+
}
|
|
13
|
+
function ensureUser(req, userId) {
|
|
14
|
+
const existing = req.user;
|
|
15
|
+
if (existing) {
|
|
16
|
+
const user = {
|
|
17
|
+
...existing,
|
|
18
|
+
id: normalizeId(existing.id) ?? normalizeId(existing._id) ?? userId,
|
|
19
|
+
};
|
|
20
|
+
req.user = user;
|
|
21
|
+
return user;
|
|
22
|
+
}
|
|
23
|
+
const user = { id: userId };
|
|
24
|
+
req.user = user;
|
|
25
|
+
return user;
|
|
26
|
+
}
|
|
27
|
+
function getOxyUserId(req) {
|
|
28
|
+
const authReq = req;
|
|
29
|
+
return (normalizeId(authReq.userId) ??
|
|
30
|
+
normalizeId(authReq.user?.id) ??
|
|
31
|
+
normalizeId(authReq.user?._id));
|
|
32
|
+
}
|
|
33
|
+
function isOxyAuthenticated(req) {
|
|
34
|
+
return getOxyUserId(req) !== null;
|
|
35
|
+
}
|
|
36
|
+
function getRequiredOxyUserId(req) {
|
|
37
|
+
const userId = getOxyUserId(req);
|
|
38
|
+
if (!userId) {
|
|
39
|
+
throw new Error('User not authenticated');
|
|
40
|
+
}
|
|
41
|
+
return userId;
|
|
42
|
+
}
|
|
43
|
+
function requireOxyAuth(req, res, next) {
|
|
44
|
+
const userId = getOxyUserId(req);
|
|
45
|
+
if (!userId) {
|
|
46
|
+
res.status(401).json({
|
|
47
|
+
error: 'Unauthorized',
|
|
48
|
+
message: 'Authentication required',
|
|
49
|
+
});
|
|
50
|
+
return;
|
|
51
|
+
}
|
|
52
|
+
const authReq = req;
|
|
53
|
+
authReq.userId = userId;
|
|
54
|
+
ensureUser(authReq, userId);
|
|
55
|
+
next();
|
|
56
|
+
}
|
|
57
|
+
function createOptionalOxyAuth(oxy, options = {}) {
|
|
58
|
+
const resolveSession = oxy.auth({ ...options.auth, optional: true });
|
|
59
|
+
return (req, res, next) => {
|
|
60
|
+
if (getOxyUserId(req)) {
|
|
61
|
+
next();
|
|
62
|
+
return;
|
|
63
|
+
}
|
|
64
|
+
resolveSession(req, res, (error) => {
|
|
65
|
+
if (error) {
|
|
66
|
+
next(error);
|
|
67
|
+
return;
|
|
68
|
+
}
|
|
69
|
+
next();
|
|
70
|
+
});
|
|
71
|
+
};
|
|
72
|
+
}
|
|
73
|
+
function createOxyAuthMiddleware(oxy, options = {}) {
|
|
74
|
+
const resolveSession = createOptionalOxyAuth(oxy, options);
|
|
75
|
+
return (req, res, next) => {
|
|
76
|
+
if (getOxyUserId(req)) {
|
|
77
|
+
requireOxyAuth(req, res, next);
|
|
78
|
+
return;
|
|
79
|
+
}
|
|
80
|
+
resolveSession(req, res, (error) => {
|
|
81
|
+
if (error) {
|
|
82
|
+
next(error);
|
|
83
|
+
return;
|
|
84
|
+
}
|
|
85
|
+
requireOxyAuth(req, res, next);
|
|
86
|
+
});
|
|
87
|
+
};
|
|
88
|
+
}
|
package/dist/cjs/server/index.js
CHANGED
|
@@ -16,6 +16,13 @@
|
|
|
16
16
|
* ```
|
|
17
17
|
*/
|
|
18
18
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
19
|
-
exports.createOxyRateLimit = void 0;
|
|
19
|
+
exports.createOxyRateLimit = exports.requireOxyAuth = exports.isOxyAuthenticated = exports.getRequiredOxyUserId = exports.getOxyUserId = exports.createOxyAuthMiddleware = exports.createOptionalOxyAuth = void 0;
|
|
20
|
+
var auth_1 = require("./auth");
|
|
21
|
+
Object.defineProperty(exports, "createOptionalOxyAuth", { enumerable: true, get: function () { return auth_1.createOptionalOxyAuth; } });
|
|
22
|
+
Object.defineProperty(exports, "createOxyAuthMiddleware", { enumerable: true, get: function () { return auth_1.createOxyAuthMiddleware; } });
|
|
23
|
+
Object.defineProperty(exports, "getOxyUserId", { enumerable: true, get: function () { return auth_1.getOxyUserId; } });
|
|
24
|
+
Object.defineProperty(exports, "getRequiredOxyUserId", { enumerable: true, get: function () { return auth_1.getRequiredOxyUserId; } });
|
|
25
|
+
Object.defineProperty(exports, "isOxyAuthenticated", { enumerable: true, get: function () { return auth_1.isOxyAuthenticated; } });
|
|
26
|
+
Object.defineProperty(exports, "requireOxyAuth", { enumerable: true, get: function () { return auth_1.requireOxyAuth; } });
|
|
20
27
|
var rateLimit_1 = require("./rateLimit");
|
|
21
28
|
Object.defineProperty(exports, "createOxyRateLimit", { enumerable: true, get: function () { return rateLimit_1.createOxyRateLimit; } });
|