@oxyhq/core 3.4.11 → 3.4.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +34 -3
- package/dist/cjs/.tsbuildinfo +1 -1
- package/dist/cjs/server/auth.js +88 -0
- package/dist/cjs/server/index.js +8 -1
- package/dist/esm/.tsbuildinfo +1 -1
- package/dist/esm/server/auth.js +80 -0
- package/dist/esm/server/index.js +1 -0
- package/dist/types/.tsbuildinfo +1 -1
- package/dist/types/server/auth.d.ts +52 -0
- package/dist/types/server/index.d.ts +2 -0
- package/package.json +1 -1
- package/src/__tests__/httpServiceCsrf.test.ts +7 -7
- package/src/__tests__/userIdentity.test.ts +6 -8
- package/src/server/__tests__/auth.test.ts +78 -0
- package/src/server/auth.ts +155 -0
- package/src/server/index.ts +17 -0
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
function normalizeId(value) {
|
|
2
|
+
const normalized = value?.trim();
|
|
3
|
+
return normalized && normalized.length > 0 ? normalized : null;
|
|
4
|
+
}
|
|
5
|
+
function ensureUser(req, userId) {
|
|
6
|
+
const existing = req.user;
|
|
7
|
+
if (existing) {
|
|
8
|
+
const user = {
|
|
9
|
+
...existing,
|
|
10
|
+
id: normalizeId(existing.id) ?? normalizeId(existing._id) ?? userId,
|
|
11
|
+
};
|
|
12
|
+
req.user = user;
|
|
13
|
+
return user;
|
|
14
|
+
}
|
|
15
|
+
const user = { id: userId };
|
|
16
|
+
req.user = user;
|
|
17
|
+
return user;
|
|
18
|
+
}
|
|
19
|
+
export function getOxyUserId(req) {
|
|
20
|
+
const authReq = req;
|
|
21
|
+
return (normalizeId(authReq.userId) ??
|
|
22
|
+
normalizeId(authReq.user?.id) ??
|
|
23
|
+
normalizeId(authReq.user?._id));
|
|
24
|
+
}
|
|
25
|
+
export function isOxyAuthenticated(req) {
|
|
26
|
+
return getOxyUserId(req) !== null;
|
|
27
|
+
}
|
|
28
|
+
export function getRequiredOxyUserId(req) {
|
|
29
|
+
const userId = getOxyUserId(req);
|
|
30
|
+
if (!userId) {
|
|
31
|
+
throw new Error('User not authenticated');
|
|
32
|
+
}
|
|
33
|
+
return userId;
|
|
34
|
+
}
|
|
35
|
+
export function requireOxyAuth(req, res, next) {
|
|
36
|
+
const userId = getOxyUserId(req);
|
|
37
|
+
if (!userId) {
|
|
38
|
+
res.status(401).json({
|
|
39
|
+
error: 'Unauthorized',
|
|
40
|
+
message: 'Authentication required',
|
|
41
|
+
});
|
|
42
|
+
return;
|
|
43
|
+
}
|
|
44
|
+
const authReq = req;
|
|
45
|
+
authReq.userId = userId;
|
|
46
|
+
ensureUser(authReq, userId);
|
|
47
|
+
next();
|
|
48
|
+
}
|
|
49
|
+
export function createOptionalOxyAuth(oxy, options = {}) {
|
|
50
|
+
const resolveSession = oxy.auth({ ...options.auth, optional: true });
|
|
51
|
+
return (req, res, next) => {
|
|
52
|
+
if (getOxyUserId(req)) {
|
|
53
|
+
next();
|
|
54
|
+
return;
|
|
55
|
+
}
|
|
56
|
+
resolveSession(req, res, (error) => {
|
|
57
|
+
if (error) {
|
|
58
|
+
next(error);
|
|
59
|
+
return;
|
|
60
|
+
}
|
|
61
|
+
next();
|
|
62
|
+
});
|
|
63
|
+
};
|
|
64
|
+
}
|
|
65
|
+
export function createOxyAuthMiddleware(oxy, options = {}) {
|
|
66
|
+
const resolveSession = createOptionalOxyAuth(oxy, options);
|
|
67
|
+
return (req, res, next) => {
|
|
68
|
+
if (getOxyUserId(req)) {
|
|
69
|
+
requireOxyAuth(req, res, next);
|
|
70
|
+
return;
|
|
71
|
+
}
|
|
72
|
+
resolveSession(req, res, (error) => {
|
|
73
|
+
if (error) {
|
|
74
|
+
next(error);
|
|
75
|
+
return;
|
|
76
|
+
}
|
|
77
|
+
requireOxyAuth(req, res, next);
|
|
78
|
+
});
|
|
79
|
+
};
|
|
80
|
+
}
|
package/dist/esm/server/index.js
CHANGED
|
@@ -14,4 +14,5 @@
|
|
|
14
14
|
* app.use(createOxyRateLimit(oxy, { store: redisStore }));
|
|
15
15
|
* ```
|
|
16
16
|
*/
|
|
17
|
+
export { createOptionalOxyAuth, createOxyAuthMiddleware, getOxyUserId, getRequiredOxyUserId, isOxyAuthenticated, requireOxyAuth, } from './auth.js';
|
|
17
18
|
export { createOxyRateLimit } from './rateLimit.js';
|