@samanhappy/mcphub 0.12.13 → 0.12.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.fr.md +2 -0
- package/README.md +2 -0
- package/README.zh.md +2 -0
- package/dist/config/index.js +1 -0
- package/dist/config/index.js.map +1 -1
- package/dist/controllers/authController.js +2 -2
- package/dist/controllers/authController.js.map +1 -1
- package/dist/controllers/bearerKeyController.js +1 -6
- package/dist/controllers/bearerKeyController.js.map +1 -1
- package/dist/controllers/configController.js +24 -4
- package/dist/controllers/configController.js.map +1 -1
- package/dist/controllers/oauthCallbackController.js +1 -1
- package/dist/controllers/oauthCallbackController.js.map +1 -1
- package/dist/controllers/oauthClientController.js +55 -3
- package/dist/controllers/oauthClientController.js.map +1 -1
- package/dist/controllers/oauthServerController.js +39 -6
- package/dist/controllers/oauthServerController.js.map +1 -1
- package/dist/controllers/registryController.js +3 -2
- package/dist/controllers/registryController.js.map +1 -1
- package/dist/controllers/serverController.js +119 -77
- package/dist/controllers/serverController.js.map +1 -1
- package/dist/controllers/userController.js +0 -6
- package/dist/controllers/userController.js.map +1 -1
- package/dist/dao/GroupDao.js +2 -2
- package/dist/dao/GroupDao.js.map +1 -1
- package/dist/middlewares/auth.js +23 -4
- package/dist/middlewares/auth.js.map +1 -1
- package/dist/middlewares/userContext.js +66 -47
- package/dist/middlewares/userContext.js.map +1 -1
- package/dist/routes/index.js +100 -97
- package/dist/routes/index.js.map +1 -1
- package/dist/server.js +15 -8
- package/dist/server.js.map +1 -1
- package/dist/services/groupService.js +22 -7
- package/dist/services/groupService.js.map +1 -1
- package/dist/services/mcpService.js +7 -6
- package/dist/services/mcpService.js.map +1 -1
- package/dist/services/userContextService.js +18 -25
- package/dist/services/userContextService.js.map +1 -1
- package/dist/utils/tokenTruncation.js +45 -37
- package/dist/utils/tokenTruncation.js.map +1 -1
- package/frontend/dist/assets/index-CebeneXS.js +323 -0
- package/frontend/dist/assets/index-CebeneXS.js.map +1 -0
- package/frontend/dist/assets/index-PEyR1nSL.css +1 -0
- package/frontend/dist/assets/{resourceService-D25G2-Ta.js → resourceService-C3LGHhTi.js} +2 -2
- package/frontend/dist/assets/{resourceService-D25G2-Ta.js.map → resourceService-C3LGHhTi.js.map} +1 -1
- package/frontend/dist/index.html +2 -2
- package/package.json +4 -5
- package/frontend/dist/assets/index-BFEyMCq8.css +0 -1
- package/frontend/dist/assets/index-BhBoIoYG.js +0 -323
- package/frontend/dist/assets/index-BhBoIoYG.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"userController.js","sourceRoot":"","sources":["../../src/controllers/userController.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,aAAa,EACb,UAAU,EACV,UAAU,EACV,YAAY,EACZ,aAAa,GACd,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"userController.js","sourceRoot":"","sources":["../../src/controllers/userController.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,aAAa,EACb,UAAU,EACV,UAAU,EACV,YAAY,EACZ,aAAa,GACd,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAE1E,6CAA6C;AAC7C,MAAM,YAAY,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAoB,EAAE;IAC3E,MAAM,IAAI,GAAI,GAAW,CAAC,IAAI,CAAC;IAC/B,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAC3B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,2BAA2B;SACrC,CAAC,CAAC;QACH,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,6BAA6B;AAC7B,MAAM,CAAC,MAAM,QAAQ,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAiB,EAAE;IAC3E,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAE,OAAO;IAE5C,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,CAAC,MAAM,WAAW,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,gCAAgC;QAC7G,MAAM,QAAQ,GAAgB;YAC5B,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,KAAK;SACZ,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,iCAAiC;SAC3C,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AAEF,+CAA+C;AAC/C,MAAM,CAAC,MAAM,OAAO,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAiB,EAAE;IAC1E,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAE,OAAO;IAE5C,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,sBAAsB;aAChC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,gBAAgB;aAC1B,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,QAAQ,EAAE,GAAG,IAAI,CAAC,CAAC,gCAAgC;QAC3E,MAAM,QAAQ,GAAgB;YAC5B,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,QAAQ;SACf,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,gCAAgC;SAC1C,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AAEF,iCAAiC;AACjC,MAAM,CAAC,MAAM,UAAU,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAiB,EAAE;IAC7E,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAE,OAAO;IAE5C,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAEjD,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC3B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,oCAAoC;aAC9C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,6BAA6B;QAC7B,MAAM,gBAAgB,GAAG,wBAAwB,CAAC,QAAQ,CAAC,CAAC;QAC5D,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC;YAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,8CAA8C;gBACvD,MAAM,EAAE,gBAAgB,CAAC,MAAM;aAChC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,OAAO,IAAI,KAAK,CAAC,CAAC;QAC1E,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,kDAAkD;aAC5D,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,CAAC,CAAC,gCAAgC;QAC9E,MAAM,QAAQ,GAAgB;YAC5B,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,QAAQ;YACd,OAAO,EAAE,2BAA2B;SACrC,CAAC;QACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACjC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AAEF,uCAAuC;AACvC,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAiB,EAAE;IACrF,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAE,OAAO;IAE5C,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAChC,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAE1C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,sBAAsB;aAChC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,yCAAyC;QACzC,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YACtD,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,gBAAgB;iBAC1B,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,oDAAoD;YACpD,IAAI,WAAW,CAAC,OAAO,IAAI,CAAC,OAAO,IAAI,CAAC,MAAM,aAAa,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;gBACrE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,qDAAqD;iBAC/D,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;QACH,CAAC;QAED,MAAM,UAAU,GAAQ,EAAE,CAAC;QAC3B,IAAI,OAAO,KAAK,SAAS;YAAE,UAAU,CAAC,OAAO,GAAG,OAAO,CAAC;QACxD,IAAI,WAAW,EAAE,CAAC;YAChB,iCAAiC;YACjC,MAAM,gBAAgB,GAAG,wBAAwB,CAAC,WAAW,CAAC,CAAC;YAC/D,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC;gBAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,8CAA8C;oBACvD,MAAM,EAAE,gBAAgB,CAAC,MAAM;iBAChC,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YACD,UAAU,CAAC,WAAW,GAAG,WAAW,CAAC;QACvC,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,mEAAmE;aAC7E,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAC3D,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,iCAAiC;aAC3C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,QAAQ,EAAE,GAAG,WAAW,CAAC,CAAC,gCAAgC;QAClF,MAAM,QAAQ,GAAgB;YAC5B,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,QAAQ;YACd,OAAO,EAAE,2BAA2B;SACrC,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AAEF,6BAA6B;AAC7B,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAiB,EAAE;IACrF,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAE,OAAO;IAE5C,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,sBAAsB;aAChC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,mDAAmD;QACnD,MAAM,WAAW,GAAI,GAAW,CAAC,IAAI,CAAC;QACtC,IAAI,WAAW,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACtC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,gCAAgC;aAC1C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,mEAAmE;aAC7E,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,2BAA2B;SACrC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AAEF,mCAAmC;AACnC,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAiB,EAAE;IAC/E,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAE,OAAO;IAE5C,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,MAAM,YAAY,EAAE,CAAC;QACxC,MAAM,UAAU,GAAG,MAAM,aAAa,EAAE,CAAC;QACzC,MAAM,YAAY,GAAG,UAAU,GAAG,UAAU,CAAC;QAE7C,MAAM,QAAQ,GAAgB;YAC5B,OAAO,EAAE,IAAI;YACb,IAAI,EAAE;gBACJ,UAAU;gBACV,UAAU;gBACV,YAAY;aACb;SACF,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACrB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,+BAA+B;SACzC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC"}
|
package/dist/dao/GroupDao.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { JsonFileBaseDao } from './base/JsonFileBaseDao.js';
|
|
2
|
-
import {
|
|
2
|
+
import { randomUUID } from 'node:crypto';
|
|
3
3
|
/**
|
|
4
4
|
* JSON file-based Group DAO implementation
|
|
5
5
|
*/
|
|
@@ -18,7 +18,7 @@ export class GroupDaoImpl extends JsonFileBaseDao {
|
|
|
18
18
|
}
|
|
19
19
|
createEntity(data) {
|
|
20
20
|
return {
|
|
21
|
-
id:
|
|
21
|
+
id: randomUUID(),
|
|
22
22
|
owner: 'admin', // Default owner
|
|
23
23
|
...data,
|
|
24
24
|
servers: data.servers || [],
|
package/dist/dao/GroupDao.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"GroupDao.js","sourceRoot":"","sources":["../../src/dao/GroupDao.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"GroupDao.js","sourceRoot":"","sources":["../../src/dao/GroupDao.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AA0CzC;;GAEG;AACH,MAAM,OAAO,YAAa,SAAQ,eAAe;IACrC,KAAK,CAAC,MAAM;QACpB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC3C,OAAO,QAAQ,CAAC,MAAM,IAAI,EAAE,CAAC;IAC/B,CAAC;IAES,KAAK,CAAC,OAAO,CAAC,MAAgB;QACtC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC3C,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC;QACzB,MAAM,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAES,WAAW,CAAC,KAAa;QACjC,OAAO,KAAK,CAAC,EAAE,CAAC;IAClB,CAAC;IAES,YAAY,CAAC,IAAwB;QAC7C,OAAO;YACL,EAAE,EAAE,UAAU,EAAE;YAChB,KAAK,EAAE,OAAO,EAAE,gBAAgB;YAChC,GAAG,IAAI;YACP,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE;SAC5B,CAAC;IACJ,CAAC;IAES,YAAY,CAAC,QAAgB,EAAE,OAAwB;QAC/D,OAAO;YACL,GAAG,QAAQ;YACX,GAAG,OAAO;YACV,EAAE,EAAE,QAAQ,CAAC,EAAE,EAAE,2BAA2B;SAC7C,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,OAAO;QACX,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,EAAU;QACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACnC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,IAAI,IAAI,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAwB;QACnC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAEnC,qCAAqC;QACrC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,mBAAmB,IAAI,CAAC,IAAI,iBAAiB,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACtB,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAE3B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,EAAU,EAAE,OAAwB;QAC/C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;QAE3D,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4CAA4C;QAC5C,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;YACxD,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;YAC7F,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,IAAI,KAAK,CAAC,mBAAmB,OAAO,CAAC,IAAI,iBAAiB,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,CAAC;QAC7C,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,cAAc,CAAC,CAAC;QACtE,MAAM,CAAC,KAAK,CAAC,GAAG,YAAY,CAAC;QAE7B,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC3B,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,EAAU;QACrB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;QAE3D,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;YACjB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACxB,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,EAAU;QACrB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACtC,OAAO,KAAK,KAAK,IAAI,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACnC,OAAO,MAAM,CAAC,MAAM,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAa;QAC7B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACnC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,UAAkB;QACnC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACnC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YAC7B,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;gBACjC,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;oBACnC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;wBAC/B,OAAO,MAAM,KAAK,UAAU,CAAC;oBAC/B,CAAC;yBAAM,CAAC;wBACN,OAAO,MAAM,CAAC,IAAI,KAAK,UAAU,CAAC;oBACpC,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,OAAe,EAAE,UAAkB;QACxD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,KAAK,CAAC;QACf,CAAC;QAED,0CAA0C;QAC1C,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;YACjD,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAC/B,OAAO,MAAM,KAAK,UAAU,CAAC;YAC/B,CAAC;iBAAM,CAAC;gBACN,OAAO,MAAM,CAAC,IAAI,KAAK,UAAU,CAAC;YACpC,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,CAAC,sCAAsC;QACrD,CAAC;QAED,MAAM,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,OAAO,EAAE,UAAU,CAAsB,CAAC;QAC3E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC,CAAC;QACvE,OAAO,MAAM,KAAK,IAAI,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,OAAe,EAAE,UAAkB;QAC7D,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,cAAc,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE;YACrD,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAC/B,OAAO,MAAM,KAAK,UAAU,CAAC;YAC/B,CAAC;iBAAM,CAAC;gBACN,OAAO,MAAM,CAAC,IAAI,KAAK,UAAU,CAAC;YACpC,CAAC;QACH,CAAC,CAAsB,CAAC;QAExB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC,CAAC;QACvE,OAAO,MAAM,KAAK,IAAI,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,OAAe,EAAE,OAAqC;QACxE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;QACvD,OAAO,MAAM,KAAK,IAAI,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,IAAY;QAC3B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACnC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,IAAI,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,OAAe,EAAE,OAAe;QACrD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACnC,IAAI,YAAY,GAAG,CAAC,CAAC;QAErB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;gBAC9C,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;oBAC/B,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;wBACvB,OAAO,GAAG,IAAI,CAAC;wBACf,OAAO,OAAO,CAAC;oBACjB,CAAC;oBACD,OAAO,MAAM,CAAC;gBAChB,CAAC;qBAAM,CAAC;oBACN,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;wBAC5B,OAAO,GAAG,IAAI,CAAC;wBACf,OAAO,EAAE,GAAG,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;oBACtC,CAAC;oBACD,OAAO,MAAM,CAAC;gBAChB,CAAC;YACH,CAAC,CAAsB,CAAC;YAExB,IAAI,OAAO,EAAE,CAAC;gBACZ,KAAK,CAAC,OAAO,GAAG,UAAU,CAAC;gBAC3B,YAAY,EAAE,CAAC;YACjB,CAAC;QACH,CAAC;QAED,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;CACF"}
|
package/dist/middlewares/auth.js
CHANGED
|
@@ -38,6 +38,13 @@ const validateBearerAuth = async (req, systemConfig) => {
|
|
|
38
38
|
console.warn('Bearer auth failed: token did not match any configured bearer key');
|
|
39
39
|
return false;
|
|
40
40
|
}
|
|
41
|
+
// Dashboard/API bearer authentication grants access to non-MCP management routes.
|
|
42
|
+
// Scoped keys are enforced on MCP routes in sseService.ts and must not bypass
|
|
43
|
+
// dashboard API authorization.
|
|
44
|
+
if (matchingKey.accessType !== 'all') {
|
|
45
|
+
console.warn(`Bearer auth denied for dashboard API: key id=${matchingKey.id}, name=${matchingKey.name} has restricted accessType=${matchingKey.accessType}`);
|
|
46
|
+
return false;
|
|
47
|
+
}
|
|
41
48
|
console.log(`Bearer auth succeeded with key id=${matchingKey.id}, name=${matchingKey.name}, accessType=${matchingKey.accessType}`);
|
|
42
49
|
return true;
|
|
43
50
|
};
|
|
@@ -53,6 +60,17 @@ const checkReadonly = (req) => {
|
|
|
53
60
|
}
|
|
54
61
|
return req.method === 'GET';
|
|
55
62
|
};
|
|
63
|
+
const createSkipAuthUser = () => ({
|
|
64
|
+
username: 'guest',
|
|
65
|
+
isAdmin: true,
|
|
66
|
+
});
|
|
67
|
+
const isDashboardApiRequest = (req) => {
|
|
68
|
+
const basePath = defaultConfig.basePath || '';
|
|
69
|
+
const apiPrefix = `${basePath}/api`;
|
|
70
|
+
return (req.baseUrl === apiPrefix ||
|
|
71
|
+
req.originalUrl === apiPrefix ||
|
|
72
|
+
req.originalUrl.startsWith(`${apiPrefix}/`));
|
|
73
|
+
};
|
|
56
74
|
// Middleware to authenticate JWT token
|
|
57
75
|
export const auth = async (req, res, next) => {
|
|
58
76
|
const t = req.t;
|
|
@@ -67,10 +85,6 @@ export const auth = async (req, res, next) => {
|
|
|
67
85
|
enableGroupNameRoute: true,
|
|
68
86
|
skipAuth: false,
|
|
69
87
|
};
|
|
70
|
-
if (routingConfig.skipAuth) {
|
|
71
|
-
next();
|
|
72
|
-
return;
|
|
73
|
-
}
|
|
74
88
|
// Check if bearer auth via configured keys can validate this request
|
|
75
89
|
if (await validateBearerAuth(req, systemConfig)) {
|
|
76
90
|
next();
|
|
@@ -110,6 +124,11 @@ export const auth = async (req, res, next) => {
|
|
|
110
124
|
const headerToken = req.header('x-auth-token');
|
|
111
125
|
const queryToken = req.query.token;
|
|
112
126
|
const token = headerToken || queryToken;
|
|
127
|
+
if (!token && routingConfig.skipAuth && isDashboardApiRequest(req)) {
|
|
128
|
+
req.user = createSkipAuthUser();
|
|
129
|
+
next();
|
|
130
|
+
return;
|
|
131
|
+
}
|
|
113
132
|
// Check if no token
|
|
114
133
|
if (!token) {
|
|
115
134
|
res.status(401).json({ success: false, message: 'No token, authorization denied' });
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/middlewares/auth.ts"],"names":[],"mappings":"AACA,OAAO,GAAG,MAAM,cAAc,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAEtE,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AAEnE,MAAM,SAAS,GACb,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM;IAC/B,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,SAAS;IACxC,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,SAAS,CAAC;AAE7C,MAAM,yBAAyB,GAAG,KAAK,EAAE,GAAY,EAAE,EAAE;IACvD,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,kCAAkC,CAAC,CAAC;IAChE,OAAO,MAAM,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;AAC3C,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,KAAK,EAAE,GAAY,EAAE,YAAkC,EAAoB,EAAE;IACtG,MAAM,gBAAgB,GAAG,YAAY,EAAE,OAAO,EAAE,gBAAgB,IAAI,IAAI,CAAC;IACzE,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,MAAM,WAAW,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,CAAC;IAErD,wEAAwE;IACxE,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IACnE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAA0B,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;IACpG,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;QAClF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,CAAC,GAAG,CACT,qCAAqC,WAAW,CAAC,EAAE,UAAU,WAAW,CAAC,IAAI,gBAAgB,WAAW,CAAC,UAAU,EAAE,CACtH,CAAC;IACF,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CAAC,SAAS,CAAC,CAAC;AAEvC,MAAM,aAAa,GAAG,CAAC,GAAY,EAAW,EAAE;IAC9C,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,MAAM,IAAI,IAAI,kBAAkB,EAAE,CAAC;QACtC,IAAI,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,QAAQ,GAAG,IAAI,CAAC,EAAE,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,GAAG,CAAC,MAAM,KAAK,KAAK,CAAC;AAC9B,CAAC,CAAC;AAEF,uCAAuC;AACvC,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;IAC3F,MAAM,CAAC,GAAI,GAAW,CAAC,CAAC,CAAC;IACzB,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC,qBAAqB,CAAC,EAAE,CAAC,CAAC;QAC5E,OAAO;IACT,CAAC;IAED,+CAA+C;IAC/C,MAAM,YAAY,GAAG,MAAM,kBAAkB,EAAE,CAAC,GAAG,EAAE,CAAC;IACtD,MAAM,aAAa,GAAG,YAAY,EAAE,OAAO,IAAI,YAAY,EAAE,CAAC,YAAY,EAAE,OAAO,IAAI;QACrF,iBAAiB,EAAE,IAAI;QACvB,oBAAoB,EAAE,IAAI;QAC1B,QAAQ,EAAE,KAAK;KAChB,CAAC;IAEF,
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/middlewares/auth.ts"],"names":[],"mappings":"AACA,OAAO,GAAG,MAAM,cAAc,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAEtE,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AAEnE,MAAM,SAAS,GACb,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM;IAC/B,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,SAAS;IACxC,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,SAAS,CAAC;AAE7C,MAAM,yBAAyB,GAAG,KAAK,EAAE,GAAY,EAAE,EAAE;IACvD,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,kCAAkC,CAAC,CAAC;IAChE,OAAO,MAAM,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;AAC3C,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,KAAK,EAAE,GAAY,EAAE,YAAkC,EAAoB,EAAE;IACtG,MAAM,gBAAgB,GAAG,YAAY,EAAE,OAAO,EAAE,gBAAgB,IAAI,IAAI,CAAC;IACzE,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,MAAM,WAAW,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,CAAC;IAErD,wEAAwE;IACxE,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IACnE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAA0B,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;IACpG,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;QAClF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kFAAkF;IAClF,8EAA8E;IAC9E,+BAA+B;IAC/B,IAAI,WAAW,CAAC,UAAU,KAAK,KAAK,EAAE,CAAC;QACrC,OAAO,CAAC,IAAI,CACV,gDAAgD,WAAW,CAAC,EAAE,UAAU,WAAW,CAAC,IAAI,8BAA8B,WAAW,CAAC,UAAU,EAAE,CAC/I,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,CAAC,GAAG,CACT,qCAAqC,WAAW,CAAC,EAAE,UAAU,WAAW,CAAC,IAAI,gBAAgB,WAAW,CAAC,UAAU,EAAE,CACtH,CAAC;IACF,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CAAC,SAAS,CAAC,CAAC;AAEvC,MAAM,aAAa,GAAG,CAAC,GAAY,EAAW,EAAE;IAC9C,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,MAAM,IAAI,IAAI,kBAAkB,EAAE,CAAC;QACtC,IAAI,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,QAAQ,GAAG,IAAI,CAAC,EAAE,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,GAAG,CAAC,MAAM,KAAK,KAAK,CAAC;AAC9B,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,GAAG,EAAE,CAAC,CAAC;IAChC,QAAQ,EAAE,OAAO;IACjB,OAAO,EAAE,IAAI;CACd,CAAC,CAAC;AAEH,MAAM,qBAAqB,GAAG,CAAC,GAAY,EAAW,EAAE;IACtD,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,IAAI,EAAE,CAAC;IAC9C,MAAM,SAAS,GAAG,GAAG,QAAQ,MAAM,CAAC;IAEpC,OAAO,CACL,GAAG,CAAC,OAAO,KAAK,SAAS;QACzB,GAAG,CAAC,WAAW,KAAK,SAAS;QAC7B,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,SAAS,GAAG,CAAC,CAC5C,CAAC;AACJ,CAAC,CAAC;AAEF,uCAAuC;AACvC,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;IAC3F,MAAM,CAAC,GAAI,GAAW,CAAC,CAAC,CAAC;IACzB,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC,qBAAqB,CAAC,EAAE,CAAC,CAAC;QAC5E,OAAO;IACT,CAAC;IAED,+CAA+C;IAC/C,MAAM,YAAY,GAAG,MAAM,kBAAkB,EAAE,CAAC,GAAG,EAAE,CAAC;IACtD,MAAM,aAAa,GAAG,YAAY,EAAE,OAAO,IAAI,YAAY,EAAE,CAAC,YAAY,EAAE,OAAO,IAAI;QACrF,iBAAiB,EAAE,IAAI;QACvB,oBAAoB,EAAE,IAAI;QAC1B,QAAQ,EAAE,KAAK;KAChB,CAAC;IAEF,qEAAqE;IACrE,IAAI,MAAM,kBAAkB,CAAC,GAAG,EAAE,YAAY,CAAC,EAAE,CAAC;QAChD,IAAI,EAAE,CAAC;QACP,OAAO;IACT,CAAC;IAED,oEAAoE;IACpE,MAAM,WAAW,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IACzE,IAAI,WAAW,IAAI,oBAAoB,EAAE,EAAE,CAAC;QAC1C,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,CAAC;QAE/C,IAAI,UAAU,IAAI,UAAU,CAAC,WAAW,KAAK,WAAW,EAAE,CAAC;YACzD,uDAAuD;YACvD,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,CAAC;YACjE,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAE3D,4CAA4C;YAC3C,GAAW,CAAC,IAAI,GAAG;gBAClB,QAAQ,EAAE,UAAU,CAAC,QAAQ;gBAC7B,OAAO,EAAE,IAAI,EAAE,OAAO,IAAI,KAAK;aAChC,CAAC;YACD,GAAW,CAAC,UAAU,GAAG,UAAU,CAAC;YACrC,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;IACH,CAAC;IAED,MAAM,gBAAgB,GAAG,0BAA0B,EAAE,CAAC;IACtD,IAAI,gBAAgB,CAAC,OAAO,EAAE,CAAC;QAC7B,MAAM,cAAc,GAAG,MAAM,yBAAyB,CAAC,GAAG,CAAC,CAAC;QAC5D,IAAI,cAAc,EAAE,CAAC;YAClB,GAAW,CAAC,IAAI,GAAG;gBAClB,QAAQ,EAAE,cAAc,CAAC,QAAQ;gBACjC,OAAO,EAAE,cAAc,CAAC,OAAO,IAAI,KAAK;aACzC,CAAC;YACF,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;IACH,CAAC;IAED,2CAA2C;IAC3C,MAAM,WAAW,GAAG,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IAC/C,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,KAAe,CAAC;IAC7C,MAAM,KAAK,GAAG,WAAW,IAAI,UAAU,CAAC;IAExC,IAAI,CAAC,KAAK,IAAI,aAAa,CAAC,QAAQ,IAAI,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC;QAClE,GAAW,CAAC,IAAI,GAAG,kBAAkB,EAAE,CAAC;QACzC,IAAI,EAAE,CAAC;QACP,OAAO;IACT,CAAC;IAED,oBAAoB;IACpB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,gCAAgC,EAAE,CAAC,CAAC;QACpF,OAAO;IACT,CAAC;IAED,mBAAmB;IACnB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;QAE9C,mCAAmC;QAClC,GAAW,CAAC,IAAI,GAAI,OAAe,CAAC,IAAI,CAAC;QAC1C,IAAI,EAAE,CAAC;IACT,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,CAAC,CAAC;IAC1E,CAAC;AACH,CAAC,CAAC"}
|
|
@@ -1,6 +1,36 @@
|
|
|
1
|
+
import jwt from 'jsonwebtoken';
|
|
1
2
|
import { getSystemConfigDao } from '../dao/index.js';
|
|
3
|
+
import { JWT_SECRET } from '../config/jwt.js';
|
|
2
4
|
import { UserContextService } from '../services/userContextService.js';
|
|
3
5
|
import { resolveOAuthUserFromHeaders } from '../utils/oauthBearer.js';
|
|
6
|
+
import { getBearerTokenFromHeaders } from '../utils/bearerAuth.js';
|
|
7
|
+
const resolveJwtUser = (req) => {
|
|
8
|
+
const headerToken = req.header('x-auth-token');
|
|
9
|
+
const queryToken = typeof req.query.token === 'string' ? req.query.token : undefined;
|
|
10
|
+
const token = headerToken || queryToken;
|
|
11
|
+
if (!token) {
|
|
12
|
+
return null;
|
|
13
|
+
}
|
|
14
|
+
try {
|
|
15
|
+
const decoded = jwt.verify(token, JWT_SECRET);
|
|
16
|
+
return decoded.user || null;
|
|
17
|
+
}
|
|
18
|
+
catch {
|
|
19
|
+
return null;
|
|
20
|
+
}
|
|
21
|
+
};
|
|
22
|
+
const resolveAuthenticatedUserForSse = async (req) => {
|
|
23
|
+
const systemConfig = await getSystemConfigDao().get();
|
|
24
|
+
const oauthUser = await resolveOAuthUserFromHeaders(req.headers, systemConfig);
|
|
25
|
+
if (oauthUser) {
|
|
26
|
+
return oauthUser;
|
|
27
|
+
}
|
|
28
|
+
const bearerToken = getBearerTokenFromHeaders(req.headers, systemConfig);
|
|
29
|
+
if (bearerToken) {
|
|
30
|
+
return null;
|
|
31
|
+
}
|
|
32
|
+
return resolveJwtUser(req);
|
|
33
|
+
};
|
|
4
34
|
/**
|
|
5
35
|
* User context middleware
|
|
6
36
|
* Sets user context after authentication middleware, allowing service layer to access current user information
|
|
@@ -8,17 +38,12 @@ import { resolveOAuthUserFromHeaders } from '../utils/oauthBearer.js';
|
|
|
8
38
|
export const userContextMiddleware = async (req, res, next) => {
|
|
9
39
|
try {
|
|
10
40
|
const currentUser = req.user;
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
const userContextService = UserContextService.getInstance();
|
|
18
|
-
userContextService.clearCurrentUser();
|
|
19
|
-
});
|
|
20
|
-
}
|
|
21
|
-
next();
|
|
41
|
+
UserContextService.getInstance().runWithContext(() => {
|
|
42
|
+
if (currentUser) {
|
|
43
|
+
UserContextService.getInstance().setCurrentUser(currentUser);
|
|
44
|
+
}
|
|
45
|
+
next();
|
|
46
|
+
}, currentUser || null);
|
|
22
47
|
}
|
|
23
48
|
catch (error) {
|
|
24
49
|
console.error('Error in user context middleware:', error);
|
|
@@ -33,45 +58,39 @@ export const sseUserContextMiddleware = async (req, res, next) => {
|
|
|
33
58
|
try {
|
|
34
59
|
const userContextService = UserContextService.getInstance();
|
|
35
60
|
const username = req.params.user;
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
isAdmin: false, // TODO: Should be retrieved from user database
|
|
56
|
-
};
|
|
57
|
-
userContextService.setCurrentUser(user);
|
|
58
|
-
attachCleanupHandlers();
|
|
59
|
-
console.log(`User context set for SSE/MCP endpoint: ${username}`);
|
|
60
|
-
}
|
|
61
|
-
else {
|
|
62
|
-
const systemConfig = await getSystemConfigDao().get();
|
|
63
|
-
const bearerUser = await resolveOAuthUserFromHeaders(req.headers, systemConfig);
|
|
64
|
-
if (bearerUser) {
|
|
65
|
-
userContextService.setCurrentUser(bearerUser);
|
|
66
|
-
attachCleanupHandlers();
|
|
67
|
-
console.log(`OAuth user context set for SSE/MCP endpoint: ${bearerUser.username}`);
|
|
61
|
+
userContextService.runWithContext(async () => {
|
|
62
|
+
if (username) {
|
|
63
|
+
const authenticatedUser = await resolveAuthenticatedUserForSse(req);
|
|
64
|
+
if (!authenticatedUser) {
|
|
65
|
+
res.status(401).json({
|
|
66
|
+
success: false,
|
|
67
|
+
message: 'Authentication is required for user-scoped SSE routes',
|
|
68
|
+
});
|
|
69
|
+
return;
|
|
70
|
+
}
|
|
71
|
+
if (authenticatedUser.username !== username) {
|
|
72
|
+
res.status(403).json({
|
|
73
|
+
success: false,
|
|
74
|
+
message: 'User-scoped SSE routes may only be accessed by the matching user',
|
|
75
|
+
});
|
|
76
|
+
return;
|
|
77
|
+
}
|
|
78
|
+
userContextService.setCurrentUser(authenticatedUser);
|
|
79
|
+
console.log(`User context set for SSE/MCP endpoint: ${username}`);
|
|
68
80
|
}
|
|
69
81
|
else {
|
|
70
|
-
|
|
71
|
-
|
|
82
|
+
const systemConfig = await getSystemConfigDao().get();
|
|
83
|
+
const bearerUser = await resolveOAuthUserFromHeaders(req.headers, systemConfig);
|
|
84
|
+
if (bearerUser) {
|
|
85
|
+
userContextService.setCurrentUser(bearerUser);
|
|
86
|
+
console.log('OAuth user context set for SSE/MCP endpoint');
|
|
87
|
+
}
|
|
88
|
+
else {
|
|
89
|
+
console.log('Global SSE/MCP endpoint access - no user context');
|
|
90
|
+
}
|
|
72
91
|
}
|
|
73
|
-
|
|
74
|
-
|
|
92
|
+
next();
|
|
93
|
+
});
|
|
75
94
|
}
|
|
76
95
|
catch (error) {
|
|
77
96
|
console.error('Error in SSE user context middleware:', error);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"userContext.js","sourceRoot":"","sources":["../../src/middlewares/userContext.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,mCAAmC,CAAC;AAEvE,OAAO,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAC;
|
|
1
|
+
{"version":3,"file":"userContext.js","sourceRoot":"","sources":["../../src/middlewares/userContext.ts"],"names":[],"mappings":"AACA,OAAO,GAAG,MAAM,cAAc,CAAC;AAC/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,mCAAmC,CAAC;AAEvE,OAAO,EAAE,2BAA2B,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AAEnE,MAAM,cAAc,GAAG,CAAC,GAAY,EAAgB,EAAE;IACpD,MAAM,WAAW,GAAG,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IAC/C,MAAM,UAAU,GAAG,OAAO,GAAG,CAAC,KAAK,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;IACrF,MAAM,KAAK,GAAG,WAAW,IAAI,UAAU,CAAC;IAExC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,UAAU,CAAqB,CAAC;QAClE,OAAO,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,8BAA8B,GAAG,KAAK,EAAE,GAAY,EAAyB,EAAE;IACnF,MAAM,YAAY,GAAG,MAAM,kBAAkB,EAAE,CAAC,GAAG,EAAE,CAAC;IACtD,MAAM,SAAS,GAAG,MAAM,2BAA2B,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAC/E,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,WAAW,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IACzE,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EACxC,GAAY,EACZ,GAAa,EACb,IAAkB,EACH,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,WAAW,GAAI,GAAW,CAAC,IAAa,CAAC;QAC/C,kBAAkB,CAAC,WAAW,EAAE,CAAC,cAAc,CAAC,GAAG,EAAE;YACnD,IAAI,WAAW,EAAE,CAAC;gBAChB,kBAAkB,CAAC,WAAW,EAAE,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;YAC/D,CAAC;YACD,IAAI,EAAE,CAAC;QACT,CAAC,EAAE,WAAW,IAAI,IAAI,CAAC,CAAC;IAC1B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC;AACH,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,KAAK,EAC3C,GAAY,EACZ,GAAa,EACb,IAAkB,EACH,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,kBAAkB,GAAG,kBAAkB,CAAC,WAAW,EAAE,CAAC;QAC5D,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;QACjC,kBAAkB,CAAC,cAAc,CAAC,KAAK,IAAI,EAAE;YAC3C,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,iBAAiB,GAAG,MAAM,8BAA8B,CAAC,GAAG,CAAC,CAAC;gBAEpE,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACvB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,OAAO,EAAE,uDAAuD;qBACjE,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,IAAI,iBAAiB,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAC5C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,OAAO,EAAE,kEAAkE;qBAC5E,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,kBAAkB,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;gBACrD,OAAO,CAAC,GAAG,CAAC,0CAA0C,QAAQ,EAAE,CAAC,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,MAAM,YAAY,GAAG,MAAM,kBAAkB,EAAE,CAAC,GAAG,EAAE,CAAC;gBACtD,MAAM,UAAU,GAAG,MAAM,2BAA2B,CAAC,GAAG,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;gBAEhF,IAAI,UAAU,EAAE,CAAC;oBACf,kBAAkB,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;oBAC9C,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;gBAC7D,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;gBAClE,CAAC;YACH,CAAC;YAED,IAAI,EAAE,CAAC;QACT,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,uCAAuC,EAAE,KAAK,CAAC,CAAC;QAC9D,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC;AACH,CAAC,CAAC;AAWF,MAAM,OAAO,2BAA2B;IAC9B,qBAAqB;QAC3B,OAAO,kBAAkB,CAAC,WAAW,EAAE,CAAC;IAC1C,CAAC;IAED,KAAK,CAAC,yBAAyB;QAC7B,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACxD,OAAO,kBAAkB,CAAC,cAAc,EAAE,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,QAAgB;QAC3C,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,kBAAkB,CAAC,cAAc,EAAE,CAAC;QAEjD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACxC,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,WAAW,QAAQ,mBAAmB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEnE,kDAAkD;QAClD,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO;gBACL,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,+BAA+B;gBACrC,IAAI,EAAE,IAAI,CAAC,QAAQ;gBACnB,MAAM,EAAE,MAAM;aACf,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO;gBACL,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,8BAA8B;gBACpC,IAAI,EAAE,IAAI,CAAC,QAAQ;gBACnB,MAAM,EAAE,SAAS;aAClB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,kBAAkB;QACtB,MAAM,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QACxD,OAAO,kBAAkB,CAAC,OAAO,EAAE,CAAC;IACtC,CAAC;CACF"}
|
package/dist/routes/index.js
CHANGED
|
@@ -29,6 +29,7 @@ import { auth } from '../middlewares/auth.js';
|
|
|
29
29
|
import { getBetterAuthRuntimeConfig } from '../services/betterAuthConfig.js';
|
|
30
30
|
import { authenticatedRouteRateLimiter, templateRateLimiter } from '../utils/rateLimit.js';
|
|
31
31
|
const router = express.Router();
|
|
32
|
+
const authenticatedRouter = express.Router();
|
|
32
33
|
export const initRoutes = async (app) => {
|
|
33
34
|
const isTestEnv = process.env.NODE_ENV === 'test' ||
|
|
34
35
|
process.env.JEST_WORKER_ID !== undefined ||
|
|
@@ -60,124 +61,126 @@ export const initRoutes = async (app) => {
|
|
|
60
61
|
app.get('/oauth/register/:clientId', getClientConfiguration); // Read client configuration
|
|
61
62
|
app.put('/oauth/register/:clientId', updateClientConfiguration); // Update client configuration
|
|
62
63
|
app.delete('/oauth/register/:clientId', deleteClientRegistration); // Delete client registration
|
|
63
|
-
|
|
64
|
-
router.
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
64
|
+
authenticatedRouter.use(authenticatedRouteRateLimiter);
|
|
65
|
+
router.use(authenticatedRouter);
|
|
66
|
+
// API routes protected by auth middleware in middlewares/index.ts and rate limited here
|
|
67
|
+
authenticatedRouter.get('/servers', getAllServers);
|
|
68
|
+
authenticatedRouter.get('/servers/:name', getServerConfig);
|
|
69
|
+
authenticatedRouter.get('/settings', getAllSettings);
|
|
70
|
+
authenticatedRouter.post('/servers', createServer);
|
|
71
|
+
authenticatedRouter.post('/servers/batch', batchCreateServers);
|
|
72
|
+
authenticatedRouter.put('/servers/:name', updateServer);
|
|
73
|
+
authenticatedRouter.delete('/servers/:name', deleteServer);
|
|
74
|
+
authenticatedRouter.post('/servers/:name/toggle', toggleServer);
|
|
75
|
+
authenticatedRouter.post('/servers/:name/reload', reloadServer);
|
|
76
|
+
authenticatedRouter.post('/servers/:serverName/tools/:toolName/toggle', toggleTool);
|
|
77
|
+
authenticatedRouter.put('/servers/:serverName/tools/:toolName/description', updateToolDescription);
|
|
78
|
+
authenticatedRouter.delete('/servers/:serverName/tools/:toolName/description', resetToolDescription);
|
|
79
|
+
authenticatedRouter.post('/servers/:serverName/prompts/:promptName/toggle', togglePrompt);
|
|
80
|
+
authenticatedRouter.put('/servers/:serverName/prompts/:promptName/description', updatePromptDescription);
|
|
81
|
+
authenticatedRouter.delete('/servers/:serverName/prompts/:promptName/description', resetPromptDescription);
|
|
82
|
+
authenticatedRouter.post('/servers/:serverName/resources/:resourceUri/toggle', toggleResource);
|
|
83
|
+
authenticatedRouter.put('/servers/:serverName/resources/:resourceUri/description', updateResourceDescription);
|
|
84
|
+
authenticatedRouter.delete('/servers/:serverName/resources/:resourceUri/description', resetResourceDescription);
|
|
85
|
+
authenticatedRouter.put('/system-config', updateSystemConfig);
|
|
83
86
|
// Group management routes
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
87
|
+
authenticatedRouter.get('/groups', getGroups);
|
|
88
|
+
authenticatedRouter.get('/groups/:id', getGroup);
|
|
89
|
+
authenticatedRouter.post('/groups', createNewGroup);
|
|
90
|
+
authenticatedRouter.post('/groups/batch', batchCreateGroups);
|
|
91
|
+
authenticatedRouter.put('/groups/:id', updateExistingGroup);
|
|
92
|
+
authenticatedRouter.delete('/groups/:id', deleteExistingGroup);
|
|
93
|
+
authenticatedRouter.post('/groups/:id/servers', addServerToExistingGroup);
|
|
94
|
+
authenticatedRouter.delete('/groups/:id/servers/:serverName', removeServerFromExistingGroup);
|
|
95
|
+
authenticatedRouter.get('/groups/:id/servers', getGroupServers);
|
|
93
96
|
// New route for batch updating servers in a group
|
|
94
|
-
|
|
97
|
+
authenticatedRouter.put('/groups/:id/servers/batch', updateGroupServersBatch);
|
|
95
98
|
// New routes for server configurations and tool management in groups
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
+
authenticatedRouter.get('/groups/:id/server-configs', getGroupServerConfigs);
|
|
100
|
+
authenticatedRouter.get('/groups/:id/server-configs/:serverName', getGroupServerConfig);
|
|
101
|
+
authenticatedRouter.put('/groups/:id/server-configs/:serverName/tools', updateGroupServerTools);
|
|
99
102
|
// User management routes (admin only)
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
103
|
+
authenticatedRouter.get('/users', getUsers);
|
|
104
|
+
authenticatedRouter.get('/users/:username', getUser);
|
|
105
|
+
authenticatedRouter.post('/users', createUser);
|
|
106
|
+
authenticatedRouter.put('/users/:username', updateExistingUser);
|
|
107
|
+
authenticatedRouter.delete('/users/:username', deleteExistingUser);
|
|
108
|
+
authenticatedRouter.get('/users-stats', getUserStats);
|
|
106
109
|
// OAuth Client management routes (admin only)
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
+
authenticatedRouter.get('/oauth/clients', getAllClients);
|
|
111
|
+
authenticatedRouter.get('/oauth/clients/:clientId', getClient);
|
|
112
|
+
authenticatedRouter.post('/oauth/clients', [
|
|
110
113
|
check('name', 'Client name is required').not().isEmpty(),
|
|
111
114
|
check('redirectUris', 'At least one redirect URI is required').isArray({ min: 1 }),
|
|
112
115
|
], createClient);
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
+
authenticatedRouter.put('/oauth/clients/:clientId', updateClient);
|
|
117
|
+
authenticatedRouter.delete('/oauth/clients/:clientId', deleteClient);
|
|
118
|
+
authenticatedRouter.post('/oauth/clients/:clientId/regenerate-secret', regenerateSecret);
|
|
116
119
|
// Bearer authentication key management (admin only)
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
120
|
+
authenticatedRouter.get('/auth/keys', getBearerKeys);
|
|
121
|
+
authenticatedRouter.post('/auth/keys', createBearerKey);
|
|
122
|
+
authenticatedRouter.put('/auth/keys/:id', updateBearerKey);
|
|
123
|
+
authenticatedRouter.delete('/auth/keys/:id', deleteBearerKey);
|
|
121
124
|
// Activity routes (database mode only)
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
125
|
+
authenticatedRouter.get('/activities/available', checkActivityAvailable);
|
|
126
|
+
authenticatedRouter.get('/activities', getActivities);
|
|
127
|
+
authenticatedRouter.get('/activities/stats', getActivityStats);
|
|
128
|
+
authenticatedRouter.get('/activities/filters', getActivityFilterOptions);
|
|
129
|
+
authenticatedRouter.get('/activities/:id', getActivityById);
|
|
130
|
+
authenticatedRouter.delete('/activities/cleanup', deleteOldActivities);
|
|
128
131
|
// Configuration template routes
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
+
authenticatedRouter.post('/templates/export', templateRateLimiter, auth, exportConfigTemplate);
|
|
133
|
+
authenticatedRouter.get('/templates/export/groups/:id', templateRateLimiter, auth, exportGroupAsTemplate);
|
|
134
|
+
authenticatedRouter.post('/templates/import', templateRateLimiter, auth, importConfigTemplate);
|
|
132
135
|
// Tool management routes
|
|
133
|
-
|
|
136
|
+
authenticatedRouter.post('/tools/call/:server', callTool);
|
|
134
137
|
// Prompt management routes
|
|
135
|
-
|
|
138
|
+
authenticatedRouter.post('/mcp/:serverName/prompts/:promptName', getPrompt);
|
|
136
139
|
// Built-in prompt management routes
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
140
|
+
authenticatedRouter.get('/prompts', listBuiltinPrompts);
|
|
141
|
+
authenticatedRouter.get('/prompts/:id', getBuiltinPrompt);
|
|
142
|
+
authenticatedRouter.post('/prompts', createBuiltinPrompt);
|
|
143
|
+
authenticatedRouter.put('/prompts/:id', updateBuiltinPrompt);
|
|
144
|
+
authenticatedRouter.delete('/prompts/:id', deleteBuiltinPrompt);
|
|
142
145
|
// Built-in resource management routes
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
146
|
+
authenticatedRouter.get('/resources', listBuiltinResources);
|
|
147
|
+
authenticatedRouter.get('/resources/:id', getBuiltinResource);
|
|
148
|
+
authenticatedRouter.post('/resources', createBuiltinResource);
|
|
149
|
+
authenticatedRouter.put('/resources/:id', updateBuiltinResource);
|
|
150
|
+
authenticatedRouter.delete('/resources/:id', deleteBuiltinResource);
|
|
151
|
+
authenticatedRouter.post('/resources/read', readResource);
|
|
149
152
|
// MCPB upload routes
|
|
150
|
-
|
|
153
|
+
authenticatedRouter.post('/mcpb/upload', uploadMiddleware, uploadMcpbFile);
|
|
151
154
|
// Market routes
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
155
|
+
authenticatedRouter.get('/market/servers', getAllMarketServers);
|
|
156
|
+
authenticatedRouter.get('/market/servers/search', searchMarketServersByQuery);
|
|
157
|
+
authenticatedRouter.get('/market/servers/:name', getMarketServer);
|
|
158
|
+
authenticatedRouter.get('/market/categories', getAllMarketCategories);
|
|
159
|
+
authenticatedRouter.get('/market/categories/:category', getMarketServersByCategory);
|
|
160
|
+
authenticatedRouter.get('/market/tags', getAllMarketTags);
|
|
161
|
+
authenticatedRouter.get('/market/tags/:tag', getMarketServersByTag);
|
|
159
162
|
// Cloud Market routes
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
163
|
+
authenticatedRouter.get('/cloud/servers', getAllCloudServers);
|
|
164
|
+
authenticatedRouter.get('/cloud/servers/search', searchCloudServersByQuery);
|
|
165
|
+
authenticatedRouter.get('/cloud/servers/:name', getCloudServer);
|
|
166
|
+
authenticatedRouter.get('/cloud/categories', getAllCloudCategories);
|
|
167
|
+
authenticatedRouter.get('/cloud/categories/:category', getCloudServersByCategory);
|
|
168
|
+
authenticatedRouter.get('/cloud/tags', getAllCloudTags);
|
|
169
|
+
authenticatedRouter.get('/cloud/tags/:tag', getCloudServersByTag);
|
|
170
|
+
authenticatedRouter.get('/cloud/servers/:serverName/tools', getCloudServerToolsList);
|
|
171
|
+
authenticatedRouter.post('/cloud/servers/:serverName/tools/:toolName/call', callCloudTool);
|
|
169
172
|
// Registry routes (proxy to official MCP registry)
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
+
authenticatedRouter.get('/registry/servers', getAllRegistryServers);
|
|
174
|
+
authenticatedRouter.get('/registry/servers/versions', getRegistryServerVersions);
|
|
175
|
+
authenticatedRouter.get('/registry/servers/version', getRegistryServerVersion);
|
|
173
176
|
// Log routes
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
+
authenticatedRouter.get('/logs', getAllLogs);
|
|
178
|
+
authenticatedRouter.delete('/logs', clearLogs);
|
|
179
|
+
authenticatedRouter.get('/logs/stream', streamLogs);
|
|
177
180
|
// MCP settings export route
|
|
178
|
-
|
|
179
|
-
// Auth
|
|
180
|
-
|
|
181
|
+
authenticatedRouter.get('/mcp-settings/export', getMcpSettingsJson);
|
|
182
|
+
// Better Auth user route requires authentication and shares the authenticated route limiter
|
|
183
|
+
authenticatedRouter.get('/better-auth/user', getBetterAuthUser);
|
|
181
184
|
router.post('/auth/login', [
|
|
182
185
|
check('username', 'Username is required').not().isEmpty(),
|
|
183
186
|
check('password', 'Password is required').not().isEmpty(),
|