aaspai-authx 0.0.1 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/express/index.cjs +18 -14
- package/dist/express/index.cjs.map +1 -1
- package/dist/express/index.js +18 -14
- package/dist/express/index.js.map +1 -1
- package/dist/index.cjs +52 -32
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +52 -32
- package/dist/index.js.map +1 -1
- package/dist/nest/index.cjs +18 -14
- package/dist/nest/index.cjs.map +1 -1
- package/dist/nest/index.js +18 -14
- package/dist/nest/index.js.map +1 -1
- package/package.json +2 -2
package/dist/index.cjs
CHANGED
|
@@ -335,7 +335,9 @@ function requireAuth() {
|
|
|
335
335
|
try {
|
|
336
336
|
const apiKey = req.headers["x-api-key"] || req.headers["x-apikey"];
|
|
337
337
|
const userId = req.headers["x-user-id"] || req.headers["x-userId"];
|
|
338
|
+
console.log(apiKey, "apikey", userId, "userId");
|
|
338
339
|
if (apiKey) {
|
|
340
|
+
console.log("inside apikey");
|
|
339
341
|
if (apiKey !== process.env.SERVER_API_KEY) {
|
|
340
342
|
return res.status(401).json({ error: "Invalid API key" });
|
|
341
343
|
}
|
|
@@ -346,26 +348,28 @@ function requireAuth() {
|
|
|
346
348
|
if (!user) {
|
|
347
349
|
return res.status(401).json({ error: "User not found" });
|
|
348
350
|
}
|
|
349
|
-
const
|
|
351
|
+
const session = buildSession({
|
|
350
352
|
sub: user.id.toString(),
|
|
351
353
|
email: user.email,
|
|
352
354
|
roles: user.roles || []
|
|
353
355
|
});
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
req.user =
|
|
356
|
+
session.authType = "api-key";
|
|
357
|
+
session.projectId = readProjectId(req) || user.projectId || void 0;
|
|
358
|
+
req.user = session;
|
|
357
359
|
return next();
|
|
360
|
+
} else {
|
|
361
|
+
console.log("inside token");
|
|
362
|
+
const token = extractToken(req);
|
|
363
|
+
if (!token) {
|
|
364
|
+
return res.status(401).json({ error: "Missing token" });
|
|
365
|
+
}
|
|
366
|
+
const claims = await verifyJwt(token);
|
|
367
|
+
const session = buildSession(claims);
|
|
368
|
+
const pid = readProjectId(req);
|
|
369
|
+
if (pid) session.projectId = pid;
|
|
370
|
+
req.user = session;
|
|
371
|
+
next();
|
|
358
372
|
}
|
|
359
|
-
const token = extractToken(req);
|
|
360
|
-
if (!token) {
|
|
361
|
-
return res.status(401).json({ error: "Missing token" });
|
|
362
|
-
}
|
|
363
|
-
const claims = await verifyJwt(token);
|
|
364
|
-
const session = buildSession(claims);
|
|
365
|
-
const pid = readProjectId(req);
|
|
366
|
-
if (pid) session.projectId = pid;
|
|
367
|
-
req.user = session;
|
|
368
|
-
next();
|
|
369
373
|
} catch (e) {
|
|
370
374
|
res.status(401).json({ error: e?.message || "Unauthorized" });
|
|
371
375
|
}
|
|
@@ -378,7 +382,6 @@ function authorize(roles = []) {
|
|
|
378
382
|
if (!user) {
|
|
379
383
|
return res.status(401).json({ error: "Unauthorized" });
|
|
380
384
|
}
|
|
381
|
-
console.log(user, "user");
|
|
382
385
|
const have = new Set((user.roles || []).map(String));
|
|
383
386
|
const ok = roles.some((r) => have.has(r));
|
|
384
387
|
if (!ok) {
|
|
@@ -2002,27 +2005,44 @@ var AuthXSessionDecorator = (0, import_common4.createParamDecorator)(
|
|
|
2002
2005
|
var import_passport2 = require("passport");
|
|
2003
2006
|
var AuthXStrategy = class extends import_passport2.Strategy {
|
|
2004
2007
|
name = "authx";
|
|
2005
|
-
authenticate(req) {
|
|
2008
|
+
async authenticate(req) {
|
|
2006
2009
|
try {
|
|
2007
|
-
|
|
2008
|
-
const
|
|
2009
|
-
|
|
2010
|
-
|
|
2011
|
-
|
|
2012
|
-
|
|
2013
|
-
|
|
2014
|
-
|
|
2015
|
-
|
|
2016
|
-
|
|
2017
|
-
|
|
2010
|
+
const apiKey = req.headers["x-api-key"];
|
|
2011
|
+
const userId = req.headers["x-user-id"];
|
|
2012
|
+
if (apiKey) {
|
|
2013
|
+
if (apiKey !== process.env.SERVER_API_KEY) {
|
|
2014
|
+
return this.fail({ message: "Invalid API key" }, 401);
|
|
2015
|
+
}
|
|
2016
|
+
if (!userId) {
|
|
2017
|
+
return this.fail({ message: "User Id is required" }, 401);
|
|
2018
|
+
}
|
|
2019
|
+
const user = await OrgUser.findOne({
|
|
2020
|
+
id: userId,
|
|
2021
|
+
orgId: process.env.ORG_ID || null
|
|
2022
|
+
});
|
|
2023
|
+
if (!user) {
|
|
2024
|
+
return this.fail({ message: "User not found" }, 401);
|
|
2025
|
+
}
|
|
2026
|
+
const session = buildSession(user);
|
|
2018
2027
|
req.user = session;
|
|
2019
2028
|
return this.success(session);
|
|
2020
|
-
}
|
|
2021
|
-
|
|
2022
|
-
|
|
2023
|
-
|
|
2029
|
+
} else {
|
|
2030
|
+
const token = extractToken(req);
|
|
2031
|
+
if (!token) {
|
|
2032
|
+
return this.fail({ message: "Missing token" }, 401);
|
|
2033
|
+
}
|
|
2034
|
+
verifyJwt(token).then((claims) => {
|
|
2035
|
+
const session = buildSession(claims);
|
|
2036
|
+
req.user = session;
|
|
2037
|
+
return this.success(session);
|
|
2038
|
+
}).catch((error) => {
|
|
2039
|
+
return this.fail(
|
|
2040
|
+
{ message: error?.message || "Unauthorized" },
|
|
2041
|
+
401
|
|
2042
|
+
);
|
|
2043
|
+
});
|
|
2044
|
+
}
|
|
2024
2045
|
} catch (error) {
|
|
2025
|
-
console.log("AuthXStrategy.authenticate - exception caught:", error?.message || error);
|
|
2026
2046
|
return this.fail({ message: error?.message || "Unauthorized" }, 401);
|
|
2027
2047
|
}
|
|
2028
2048
|
}
|