npm - ag-common - Versions diffs - 0.0.91 → 0.0.92 - Mend

ag-common 0.0.91 → 0.0.92

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/api/helpers/validations.d.ts +3 -0
package/dist/api/helpers/validations.js +20 -10
package/package.json +1 -1

package/dist/api/helpers/validations.d.ts CHANGED Viewed

@@ -2,6 +2,9 @@ import { error } from '../../common/helpers/log';
 import { User } from '../../ui/helpers/jwt';
 import { APIGatewayProxyResult } from '../types';
 export declare const getAndValidateToken: ({ tokenRaw, jwksRegion, COGNITO_USER_POOL_ID, }: {
+    /**
+     * default ap-southeast-2
+     */
     jwksRegion?: string | undefined;
     tokenRaw?: string | undefined;
     COGNITO_USER_POOL_ID: string;

package/dist/api/helpers/validations.js CHANGED Viewed

@@ -65,17 +65,32 @@ const getAndValidateToken = ({ tokenRaw, jwksRegion = 'ap-southeast-2', COGNITO_
     let token = '';
     try {
         if (!tokenRaw) {
-            (0, log_1.error)('no auth headers');
+            const m = 'no auth headers, auth failed';
+            (0, log_1.error)(m);
             return {
-                error: (0, api_1.returnCode)(403, 'auth failed'),
+                error: (0, api_1.returnCode)(403, m),
             };
         }
         token = tokenRaw.substring(tokenRaw.indexOf(' ') + 1);
+        if (!token) {
+            const m = 'auth error: no token';
+            (0, log_1.error)(m);
+            return {
+                error: (0, api_1.returnCode)(403, m),
+            };
+        }
         let subject;
         try {
             yield jwtVerify({ token, jwksUri, issuer });
             const decoded = (0, jsonwebtoken_1.decode)(token);
             (0, log_1.debug)(`decoded=${JSON.stringify(decoded, null, 2)}`);
+            if (!decoded.email) {
+                const m = 'auth error, no email';
+                (0, log_1.error)(m);
+                return {
+                    error: (0, api_1.returnCode)(403, m),
+                };
+            }
             subject = decoded === null || decoded === void 0 ? void 0 : decoded.sub;
             if (!subject) {
                 const mess = 'user should have responded with subject (sub) field';
@@ -96,12 +111,6 @@ const getAndValidateToken = ({ tokenRaw, jwksRegion = 'ap-southeast-2', COGNITO_
                 picture,
                 updatedAt: parseInt(`${decoded.auth_time}000`, 10),
             };
-            if (!userProfile || !token || !userProfile.userId) {
-                (0, log_1.error)('auth fail');
-                return {
-                    error: (0, api_1.returnCode)(403, 'auth fail'),
-                };
-            }
             return { token, userProfile };
         }
         catch (e) {
@@ -114,9 +123,10 @@ const getAndValidateToken = ({ tokenRaw, jwksRegion = 'ap-southeast-2', COGNITO_
         }
     }
     catch (e) {
-        (0, log_1.error)('auth error', e);
+        const m = 'auth error:' + JSON.stringify(e, null, 2);
+        (0, log_1.error)(m);
         return {
-            error: (0, api_1.returnCode)(403, 'auth fail'),
+            error: (0, api_1.returnCode)(403, m),
         };
     }
 });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "ag-common",
-  "version": "0.0.91",
+  "version": "0.0.92",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "author": "Andrei Gec <@andreigec> (https://gec.dev/)",