adaptic-backend 1.0.328 → 1.0.329
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/esm/middleware/auth.d.ts +1 -1
- package/esm/middleware/auth.d.ts.map +1 -1
- package/esm/middleware/auth.js.map +1 -1
- package/esm/middleware/auth.mjs +10 -1
- package/package.json +1 -1
- package/server.cjs +37 -15
package/esm/middleware/auth.d.ts
CHANGED
|
@@ -2,5 +2,5 @@ import { Request, Response, NextFunction } from "express";
|
|
|
2
2
|
export interface AuthenticatedRequest extends Request {
|
|
3
3
|
user?: any;
|
|
4
4
|
}
|
|
5
|
-
export declare const authMiddleware: (req: AuthenticatedRequest, res: Response, next: NextFunction) => Response<any, Record<string, any
|
|
5
|
+
export declare const authMiddleware: (req: AuthenticatedRequest, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
|
|
6
6
|
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAG1D,MAAM,WAAW,oBAAqB,SAAQ,OAAO;IACnD,IAAI,CAAC,EAAE,GAAG,CAAC;CACZ;AAED,eAAO,MAAM,cAAc,GAAI,KAAK,oBAAoB,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAG1D,MAAM,WAAW,oBAAqB,SAAQ,OAAO;IACnD,IAAI,CAAC,EAAE,GAAG,CAAC;CACZ;AAED,eAAO,MAAM,cAAc,GAAI,KAAK,oBAAoB,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,8CAwB1F,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/middleware/auth.ts"],"names":[],"mappings":"AACA,OAAO,GAAG,MAAM,cAAc,CAAC;AAM/B,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,GAAyB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;IAC7F,MAAM,
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/middleware/auth.ts"],"names":[],"mappings":"AACA,OAAO,GAAG,MAAM,cAAc,CAAC;AAM/B,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,GAAyB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;IAC7F,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,KAAK,GAAG,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAExF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,6BAA6B;IAC7B,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,sEAAsE,CAAC,CAAC;QACpF,GAAG,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QACzC,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,4BAA4B;IAC5B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,UAAW,CAAC,CAAC;QAC3D,GAAG,CAAC,IAAI,GAAG,OAAO,CAAC;QACnB,IAAI,EAAE,CAAC;IACT,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,KAAK,CAAC,CAAC;QAC/D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;IAClD,CAAC;AACH,CAAC,CAAC"}
|
package/esm/middleware/auth.mjs
CHANGED
|
@@ -1,15 +1,24 @@
|
|
|
1
1
|
import jwt from "jsonwebtoken";
|
|
2
2
|
export const authMiddleware = (req, res, next) => {
|
|
3
|
-
const
|
|
3
|
+
const authHeader = req.header("Authorization") || '';
|
|
4
|
+
const token = authHeader.startsWith('Bearer ') ? authHeader.replace("Bearer ", "") : '';
|
|
4
5
|
if (!token) {
|
|
5
6
|
return res.status(401).send({ error: "Unauthorized" });
|
|
6
7
|
}
|
|
8
|
+
// Handle Google OAuth tokens
|
|
9
|
+
if (token.startsWith('ya29.')) {
|
|
10
|
+
console.log('Detected Google OAuth token in middleware, skipping JWT verification');
|
|
11
|
+
req.user = { provider: 'google', token };
|
|
12
|
+
return next();
|
|
13
|
+
}
|
|
14
|
+
// Handle regular JWT tokens
|
|
7
15
|
try {
|
|
8
16
|
const decoded = jwt.verify(token, process.env.JWT_SECRET);
|
|
9
17
|
req.user = decoded;
|
|
10
18
|
next();
|
|
11
19
|
}
|
|
12
20
|
catch (error) {
|
|
21
|
+
console.error('JWT verification failed in middleware:', error);
|
|
13
22
|
res.status(401).send({ error: "Unauthorized" });
|
|
14
23
|
}
|
|
15
24
|
};
|
package/package.json
CHANGED
package/server.cjs
CHANGED
|
@@ -119,19 +119,31 @@ const startServer = async () => {
|
|
|
119
119
|
await server.start();
|
|
120
120
|
app.use('/graphql', (0, cors_1.default)(), body_parser_1.default.json(), (0, express4_1.expressMiddleware)(server, {
|
|
121
121
|
context: async ({ req }) => {
|
|
122
|
-
var _a;
|
|
123
122
|
console.log('Received headers:', req.headers);
|
|
124
123
|
console.log('Authorization header:', req.headers.authorization);
|
|
125
|
-
|
|
124
|
+
// Extract token from Authorization header
|
|
125
|
+
const authHeader = req.headers.authorization || '';
|
|
126
|
+
// Only try to verify token if it's in proper Bearer format
|
|
127
|
+
const token = authHeader.startsWith('Bearer ') ? authHeader.split(' ')[1] : '';
|
|
126
128
|
let user = null;
|
|
127
129
|
if (token) {
|
|
128
|
-
|
|
129
|
-
|
|
130
|
+
// Check if token is a Google OAuth token (starts with ya29.)
|
|
131
|
+
if (token.startsWith('ya29.')) {
|
|
132
|
+
// For Google OAuth tokens, we should validate differently or pass them through
|
|
133
|
+
// This is a temporary solution - ideally you should verify with Google's OAuth API
|
|
134
|
+
console.log('Detected Google OAuth token, skipping JWT verification');
|
|
135
|
+
user = { provider: 'google', token };
|
|
130
136
|
}
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
137
|
+
else {
|
|
138
|
+
// For regular JWT tokens, verify as before
|
|
139
|
+
try {
|
|
140
|
+
user = jsonwebtoken_1.default.verify(token, process.env.JWT_SECRET);
|
|
141
|
+
}
|
|
142
|
+
catch (e) {
|
|
143
|
+
console.error('JWT verification failed:', e);
|
|
144
|
+
console.error('Received token:', token);
|
|
145
|
+
return { prisma: prismaClient_1.default, req, authError: 'Invalid token' };
|
|
146
|
+
}
|
|
135
147
|
}
|
|
136
148
|
}
|
|
137
149
|
return { prisma: prismaClient_1.default, req, user };
|
|
@@ -153,16 +165,26 @@ const startServer = async () => {
|
|
|
153
165
|
(0, ws_2.useServer)({
|
|
154
166
|
schema,
|
|
155
167
|
context: async (ctx, msg, args) => {
|
|
156
|
-
var _a
|
|
157
|
-
const
|
|
168
|
+
var _a;
|
|
169
|
+
const authHeader = ((_a = ctx.connectionParams) === null || _a === void 0 ? void 0 : _a.authorization) || '';
|
|
170
|
+
const token = authHeader.startsWith('Bearer ') ? authHeader.split(' ')[1] : '';
|
|
158
171
|
let user = null;
|
|
159
172
|
if (token) {
|
|
160
|
-
|
|
161
|
-
|
|
173
|
+
// Check if token is a Google OAuth token (starts with ya29.)
|
|
174
|
+
if (token.startsWith('ya29.')) {
|
|
175
|
+
// For Google OAuth tokens, we should validate differently or pass them through
|
|
176
|
+
console.log('Detected Google OAuth token in WebSocket, skipping JWT verification');
|
|
177
|
+
user = { provider: 'google', token };
|
|
162
178
|
}
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
179
|
+
else {
|
|
180
|
+
// For regular JWT tokens, verify as before
|
|
181
|
+
try {
|
|
182
|
+
user = jsonwebtoken_1.default.verify(token, process.env.JWT_SECRET);
|
|
183
|
+
}
|
|
184
|
+
catch (e) {
|
|
185
|
+
console.error('JWT verification failed:', e);
|
|
186
|
+
return { prisma: prismaClient_1.default, authError: 'Invalid token' };
|
|
187
|
+
}
|
|
166
188
|
}
|
|
167
189
|
}
|
|
168
190
|
return { prisma: prismaClient_1.default, user };
|