mirror of
https://github.com/pawelmalak/flame.git
synced 2024-12-18 23:41:39 +03:00
Added auth middleware. Added access control to apps
This commit is contained in:
parent
d1c61bb393
commit
e3f167921c
1
api.js
1
api.js
@ -21,6 +21,7 @@ api.use('/api/weather', require('./routes/weather'));
|
||||
api.use('/api/categories', require('./routes/category'));
|
||||
api.use('/api/bookmarks', require('./routes/bookmark'));
|
||||
api.use('/api/queries', require('./routes/queries'));
|
||||
api.use('/api/auth', require('./routes/auth'));
|
||||
|
||||
// Custom error handler
|
||||
api.use(errorHandler);
|
||||
|
@ -1,11 +1,16 @@
|
||||
const asyncWrapper = require('../../middleware/asyncWrapper');
|
||||
const App = require('../../models/App');
|
||||
const loadConfig = require('../../utils/loadConfig');
|
||||
const ErrorResponse = require('../../utils/ErrorResponse');
|
||||
|
||||
// @desc Create new app
|
||||
// @route POST /api/apps
|
||||
// @access Public
|
||||
const createApp = asyncWrapper(async (req, res, next) => {
|
||||
if (!req.isAuthenticated) {
|
||||
return next(new ErrorResponse('Unauthorized', 401));
|
||||
}
|
||||
|
||||
const { pinAppsByDefault } = await loadConfig();
|
||||
|
||||
let app;
|
||||
|
@ -1,10 +1,15 @@
|
||||
const asyncWrapper = require('../../middleware/asyncWrapper');
|
||||
const App = require('../../models/App');
|
||||
const ErrorResponse = require('../../utils/ErrorResponse');
|
||||
|
||||
// @desc Delete app
|
||||
// @route DELETE /api/apps/:id
|
||||
// @access Public
|
||||
const deleteApp = asyncWrapper(async (req, res, next) => {
|
||||
if (!req.isAuthenticated) {
|
||||
return next(new ErrorResponse('Unauthorized', 401));
|
||||
}
|
||||
|
||||
await App.destroy({
|
||||
where: { id: req.params.id },
|
||||
});
|
||||
|
@ -25,13 +25,18 @@ const getAllApps = asyncWrapper(async (req, res, next) => {
|
||||
await useKubernetes(apps);
|
||||
}
|
||||
|
||||
// apps visibility
|
||||
const where = req.isAuthenticated ? {} : { isPublic: true };
|
||||
|
||||
if (orderType == 'name') {
|
||||
apps = await App.findAll({
|
||||
order: [[Sequelize.fn('lower', Sequelize.col('name')), 'ASC']],
|
||||
where,
|
||||
});
|
||||
} else {
|
||||
apps = await App.findAll({
|
||||
order: [[orderType, 'ASC']],
|
||||
where,
|
||||
});
|
||||
}
|
||||
|
||||
|
@ -1,12 +1,15 @@
|
||||
const asyncWrapper = require('../../middleware/asyncWrapper');
|
||||
const App = require('../../models/App');
|
||||
const ErrorResponse = require('../../utils/ErrorResponse');
|
||||
|
||||
// @desc Get single app
|
||||
// @route GET /api/apps/:id
|
||||
// @access Public
|
||||
const getSingleApp = asyncWrapper(async (req, res, next) => {
|
||||
const visibility = req.isAuthenticated ? {} : { isPublic: true };
|
||||
|
||||
const app = await App.findOne({
|
||||
where: { id: req.params.id },
|
||||
where: { id: req.params.id, ...visibility },
|
||||
});
|
||||
|
||||
if (!app) {
|
||||
|
@ -1,10 +1,15 @@
|
||||
const asyncWrapper = require('../../middleware/asyncWrapper');
|
||||
const App = require('../../models/App');
|
||||
const ErrorResponse = require('../../utils/ErrorResponse');
|
||||
|
||||
// @desc Reorder apps
|
||||
// @route PUT /api/apps/0/reorder
|
||||
// @access Public
|
||||
const reorderApps = asyncWrapper(async (req, res, next) => {
|
||||
if (!req.isAuthenticated) {
|
||||
return next(new ErrorResponse('Unauthorized', 401));
|
||||
}
|
||||
|
||||
req.body.apps.forEach(async ({ id, orderId }) => {
|
||||
await App.update(
|
||||
{ orderId },
|
||||
|
@ -1,10 +1,15 @@
|
||||
const asyncWrapper = require('../../middleware/asyncWrapper');
|
||||
const App = require('../../models/App');
|
||||
const ErrorResponse = require('../../utils/ErrorResponse');
|
||||
|
||||
// @desc Update app
|
||||
// @route PUT /api/apps/:id
|
||||
// @access Public
|
||||
const updateApp = asyncWrapper(async (req, res, next) => {
|
||||
if (!req.isAuthenticated) {
|
||||
return next(new ErrorResponse('Unauthorized', 401));
|
||||
}
|
||||
|
||||
let app = await App.findOne({
|
||||
where: { id: req.params.id },
|
||||
});
|
||||
|
@ -1,3 +1,4 @@
|
||||
module.exports = {
|
||||
login: require('./login'),
|
||||
validate: require('./validate'),
|
||||
};
|
||||
|
21
controllers/auth/validate.js
Normal file
21
controllers/auth/validate.js
Normal file
@ -0,0 +1,21 @@
|
||||
const asyncWrapper = require('../../middleware/asyncWrapper');
|
||||
const ErrorResponse = require('../../utils/ErrorResponse');
|
||||
const jwt = require('jsonwebtoken');
|
||||
|
||||
// @desc Verify token
|
||||
// @route POST /api/auth/verify
|
||||
// @access Public
|
||||
const validate = asyncWrapper(async (req, res, next) => {
|
||||
try {
|
||||
jwt.verify(req.body.token, process.env.SECRET);
|
||||
|
||||
res.status(200).json({
|
||||
success: true,
|
||||
data: { token: { isValid: true } },
|
||||
});
|
||||
} catch (err) {
|
||||
return next(new ErrorResponse('Token expired', 401));
|
||||
}
|
||||
});
|
||||
|
||||
module.exports = validate;
|
@ -7,7 +7,7 @@ const up = async (query) => {
|
||||
const template = {
|
||||
type: INTEGER,
|
||||
allowNull: true,
|
||||
defaultValue: 0,
|
||||
defaultValue: 1,
|
||||
};
|
||||
|
||||
for await (let table of tables) {
|
||||
|
25
middleware/auth.js
Normal file
25
middleware/auth.js
Normal file
@ -0,0 +1,25 @@
|
||||
const jwt = require('jsonwebtoken');
|
||||
|
||||
const auth = (req, res, next) => {
|
||||
const authHeader = req.header('Authorization');
|
||||
let token;
|
||||
let tokenIsValid = false;
|
||||
|
||||
if (authHeader && authHeader.startsWith('Bearer ')) {
|
||||
token = authHeader.split(' ')[1];
|
||||
}
|
||||
|
||||
if (token) {
|
||||
try {
|
||||
jwt.verify(token, process.env.SECRET);
|
||||
} finally {
|
||||
tokenIsValid = true;
|
||||
}
|
||||
}
|
||||
|
||||
req.isAuthenticated = tokenIsValid;
|
||||
|
||||
next();
|
||||
};
|
||||
|
||||
module.exports = auth;
|
@ -29,7 +29,7 @@ const App = sequelize.define(
|
||||
isPublic: {
|
||||
type: DataTypes.INTEGER,
|
||||
allowNull: true,
|
||||
defaultValue: 0,
|
||||
defaultValue: 1,
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -23,7 +23,7 @@ const Bookmark = sequelize.define(
|
||||
isPublic: {
|
||||
type: DataTypes.INTEGER,
|
||||
allowNull: true,
|
||||
defaultValue: 0,
|
||||
defaultValue: 1,
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -20,7 +20,7 @@ const Category = sequelize.define(
|
||||
isPublic: {
|
||||
type: DataTypes.INTEGER,
|
||||
allowNull: true,
|
||||
defaultValue: 0,
|
||||
defaultValue: 1,
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -1,6 +1,7 @@
|
||||
const express = require('express');
|
||||
const router = express.Router();
|
||||
const upload = require('../middleware/multer');
|
||||
const auth = require('../middleware/auth');
|
||||
|
||||
const {
|
||||
createApp,
|
||||
@ -11,10 +12,14 @@ const {
|
||||
reorderApps,
|
||||
} = require('../controllers/apps');
|
||||
|
||||
router.route('/').post(upload, createApp).get(getAllApps);
|
||||
router.route('/').post(auth, upload, createApp).get(auth, getAllApps);
|
||||
|
||||
router.route('/:id').get(getSingleApp).put(upload, updateApp).delete(deleteApp);
|
||||
router
|
||||
.route('/:id')
|
||||
.get(auth, getSingleApp)
|
||||
.put(auth, upload, updateApp)
|
||||
.delete(auth, deleteApp);
|
||||
|
||||
router.route('/0/reorder').put(reorderApps);
|
||||
router.route('/0/reorder').put(auth, reorderApps);
|
||||
|
||||
module.exports = router;
|
||||
|
@ -1,9 +1,11 @@
|
||||
const express = require('express');
|
||||
const router = express.Router();
|
||||
|
||||
const { login } = require('../controllers/auth');
|
||||
const { login, validate } = require('../controllers/auth');
|
||||
const requireBody = require('../middleware/requireBody');
|
||||
|
||||
router.route('/').post(requireBody(['password', 'duration']), login);
|
||||
|
||||
router.route('/validate').post(requireBody(['token']), validate);
|
||||
|
||||
module.exports = router;
|
||||
|
Loading…
Reference in New Issue
Block a user