emilsoftware-utilities 1.7.1 → 1.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -61,27 +61,27 @@ function authorizeAccessi(req, res, next, options) {
|
|
|
61
61
|
try {
|
|
62
62
|
const authHeader = req.headers.authorization;
|
|
63
63
|
if (!authHeader)
|
|
64
|
-
|
|
64
|
+
throw new Error("Authorization header not found");
|
|
65
65
|
const token = authHeader.split(" ")[1];
|
|
66
66
|
if (!token)
|
|
67
|
-
|
|
67
|
+
throw new Error("Token not found in Authorization header");
|
|
68
68
|
const secret = (_b = (_a = accessiOptionsRef === null || accessiOptionsRef === void 0 ? void 0 : accessiOptionsRef.jwtOptions) === null || _a === void 0 ? void 0 : _a.secret) !== null && _b !== void 0 ? _b : process.env.ACC_JWT_SECRET;
|
|
69
69
|
if (!secret)
|
|
70
|
-
|
|
70
|
+
throw new Error("JWT secret not configured");
|
|
71
71
|
let decoded;
|
|
72
72
|
try {
|
|
73
73
|
decoded = jwt.verify(token, secret);
|
|
74
74
|
}
|
|
75
75
|
catch (error) {
|
|
76
|
-
|
|
76
|
+
throw new Error("Invalid JWT token");
|
|
77
77
|
}
|
|
78
78
|
const codiceUtente = resolveCodiceUtente(decoded);
|
|
79
79
|
if (!codiceUtente)
|
|
80
|
-
|
|
80
|
+
throw new Error("codiceUtente not found in token payload");
|
|
81
81
|
const requisiti = (_c = options === null || options === void 0 ? void 0 : options.requisiti) !== null && _c !== void 0 ? _c : [];
|
|
82
82
|
if (requisiti.length > 0) {
|
|
83
83
|
if (!(accessiOptionsRef === null || accessiOptionsRef === void 0 ? void 0 : accessiOptionsRef.databaseOptions))
|
|
84
|
-
|
|
84
|
+
throw new Error("Database options not configured");
|
|
85
85
|
const permissionService = new PermissionService_1.PermissionService(accessiOptionsRef);
|
|
86
86
|
const grantsResult = yield permissionService.getUserRolesAndGrants(codiceUtente);
|
|
87
87
|
const grants = (_d = grantsResult.grants) !== null && _d !== void 0 ? _d : [];
|
|
@@ -95,14 +95,15 @@ function authorizeAccessi(req, res, next, options) {
|
|
|
95
95
|
? requisiti.every((r) => hasMenu(r.codiceMenu, r.tipoAbilitazione))
|
|
96
96
|
: requisiti.some((r) => hasMenu(r.codiceMenu, r.tipoAbilitazione));
|
|
97
97
|
if (!hasAbil)
|
|
98
|
-
|
|
98
|
+
throw new Error("User does not have required permissions");
|
|
99
99
|
req.userGrants = grantsResult;
|
|
100
100
|
}
|
|
101
101
|
req.data = decoded;
|
|
102
102
|
return next();
|
|
103
103
|
}
|
|
104
104
|
catch (error) {
|
|
105
|
-
|
|
105
|
+
console.error("Authentication error:", error);
|
|
106
|
+
return res.status(401).json({ message: "Unauthorized", error: error.message });
|
|
106
107
|
}
|
|
107
108
|
});
|
|
108
109
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authenticateGen.js","sourceRoot":"","sources":["../../../src/accessi-module/middleware/authenticateGen.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAYA,sDAEC;AAUD,
|
|
1
|
+
{"version":3,"file":"authenticateGen.js","sourceRoot":"","sources":["../../../src/accessi-module/middleware/authenticateGen.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAYA,sDAEC;AAUD,4CAyDC;AAhFD,kDAAoC;AAEpC,uFAAoF;AAOpF,IAAI,iBAAiB,GAA0B,IAAI,CAAC;AAEpD,SAAgB,qBAAqB,CAAC,OAAuB;IAC3D,iBAAiB,GAAG,OAAO,CAAC;AAC9B,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAY;;IACvC,OAAO,CACL,MAAA,MAAA,MAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,0CAAE,MAAM,0CAAE,YAAY,mCACvC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,0CAAE,YAAY,mCAC7B,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,CACtB,CAAC;AACJ,CAAC;AAED,SAAsB,gBAAgB,CACpC,GAAY,EACZ,GAAa,EACb,IAAkB,EAClB,OAAqC;;;QAErC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;YAC7C,IAAI,CAAC,UAAU;gBAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;YAEnE,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACvC,IAAI,CAAC,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAEvE,MAAM,MAAM,GACV,MAAA,MAAA,iBAAiB,aAAjB,iBAAiB,uBAAjB,iBAAiB,CAAE,UAAU,0CAAE,MAAM,mCAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;YACtE,IAAI,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAE1D,IAAI,OAAY,CAAC;YACjB,IAAI,CAAC;gBACH,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YACtC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YACvC,CAAC;YAED,MAAM,YAAY,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAClD,IAAI,CAAC,YAAY;gBAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAE9E,MAAM,SAAS,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,mCAAI,EAAE,CAAC;YAC3C,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACzB,IAAI,CAAC,CAAA,iBAAiB,aAAjB,iBAAiB,uBAAjB,iBAAiB,CAAE,eAAe,CAAA;oBAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;gBAC5F,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,CAAC,iBAAiB,CAAC,CAAC;gBACnE,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,qBAAqB,CAChE,YAAY,CACb,CAAC;gBAEF,MAAM,MAAM,GAAG,MAAA,YAAY,CAAC,MAAM,mCAAI,EAAE,CAAC;gBACzC,MAAM,OAAO,GAAG,CAAC,UAAkB,EAAE,gBAAwB,EAAE,EAAE,CAC/D,MAAM,CAAC,IAAI,CACT,CAAC,CAAC,EAAE,EAAE;;oBACJ,OAAA,CAAC,CAAC,UAAU,IAAI,UAAU;wBAC1B,MAAM,CAAC,MAAA,CAAC,CAAC,gBAAgB,mCAAI,CAAC,CAAC,IAAI,gBAAgB,CAAA;iBAAA,CACtD,CAAC;gBACJ,MAAM,UAAU,GAAG,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,mCAAI,KAAK,CAAC,KAAK,KAAK,CAAC;gBAC/D,MAAM,OAAO,GAAG,UAAU;oBACxB,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,gBAAgB,CAAC,CAAC;oBACnE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC;gBAErE,IAAI,CAAC,OAAO;oBAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;gBACxE,GAAW,CAAC,UAAU,GAAG,YAAY,CAAC;YACzC,CAAC;YAEA,GAAW,CAAC,IAAI,GAAG,OAAO,CAAC;YAC5B,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAC;YAC9C,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,cAAc,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACjF,CAAC;IACH,CAAC;CAAA;AAEY,QAAA,eAAe,GAAG,gBAAgB,CAAC","sourcesContent":["import { NextFunction, Request, Response } from \"express\";\nimport * as jwt from \"jsonwebtoken\";\nimport { AccessiOptions } from \"../AccessiModule\";\nimport { PermissionService } from \"../Services/PermissionService/PermissionService\";\n\nexport type AccessiAuthorizationOptions = {\n requisiti: { codiceMenu: string; tipoAbilitazione: number }[];\n tipoControllo?: \"AND\" | \"OR\";\n};\n\nlet accessiOptionsRef: AccessiOptions | null = null;\n\nexport function setAccessiAuthOptions(options: AccessiOptions) {\n accessiOptionsRef = options;\n}\n\nfunction resolveCodiceUtente(decoded: any): number | undefined {\n return (\n decoded?.userData?.utente?.codiceUtente ??\n decoded?.utente?.codiceUtente ??\n decoded?.codiceUtente\n );\n}\n\nexport async function authorizeAccessi(\n req: Request,\n res: Response,\n next: NextFunction,\n options?: AccessiAuthorizationOptions\n) {\n try {\n const authHeader = req.headers.authorization;\n if (!authHeader) throw new Error(\"Authorization header not found\");\n\n const token = authHeader.split(\" \")[1];\n if (!token) throw new Error(\"Token not found in Authorization header\");\n\n const secret =\n accessiOptionsRef?.jwtOptions?.secret ?? process.env.ACC_JWT_SECRET;\n if (!secret) throw new Error(\"JWT secret not configured\");\n\n let decoded: any;\n try {\n decoded = jwt.verify(token, secret);\n } catch (error) {\n throw new Error(\"Invalid JWT token\");\n }\n\n const codiceUtente = resolveCodiceUtente(decoded);\n if (!codiceUtente) throw new Error(\"codiceUtente not found in token payload\");\n\n const requisiti = options?.requisiti ?? [];\n if (requisiti.length > 0) {\n if (!accessiOptionsRef?.databaseOptions) throw new Error(\"Database options not configured\");\n const permissionService = new PermissionService(accessiOptionsRef);\n const grantsResult = await permissionService.getUserRolesAndGrants(\n codiceUtente\n );\n\n const grants = grantsResult.grants ?? [];\n const hasMenu = (codiceMenu: string, tipoAbilitazione: number) =>\n grants.some(\n (g) =>\n g.codiceMenu == codiceMenu &&\n Number(g.tipoAbilitazione ?? 0) >= tipoAbilitazione\n );\n const requireAll = (options?.tipoControllo ?? \"AND\") === \"AND\";\n const hasAbil = requireAll\n ? requisiti.every((r) => hasMenu(r.codiceMenu, r.tipoAbilitazione))\n : requisiti.some((r) => hasMenu(r.codiceMenu, r.tipoAbilitazione));\n\n if (!hasAbil) throw new Error(\"User does not have required permissions\");\n (req as any).userGrants = grantsResult;\n }\n\n (req as any).data = decoded;\n return next();\n } catch (error) {\n console.error(\"Authentication error:\", error);\n return res.status(401).json({ message: \"Unauthorized\", error: error.message });\n }\n}\n\nexport const authenticateGen = authorizeAccessi;\n"]}
|
|
Binary file
|
package/package.json
CHANGED
|
Binary file
|