Updating auth middleware to accomodate public endpoints for the server properly and some refactoring.
This commit is contained in:
parent
2b58d695af
commit
58ca0d4224
|
@ -3,15 +3,35 @@ const database = require("../db")
|
||||||
const { getCookie, clearCookie } = require("../utils")
|
const { getCookie, clearCookie } = require("../utils")
|
||||||
const { StaticDatabases } = require("../db/utils")
|
const { StaticDatabases } = require("../db/utils")
|
||||||
|
|
||||||
function makeRegex() {
|
const PARAM_REGEX = /\/:(.*?)\//g
|
||||||
|
|
||||||
|
function buildNoAuthRegex(patterns) {
|
||||||
|
return patterns.map(pattern => {
|
||||||
|
const isObj = typeof pattern === "object" && pattern.route
|
||||||
|
const method = isObj ? pattern.method : "GET"
|
||||||
|
let route = isObj ? pattern.route : pattern
|
||||||
|
|
||||||
|
const matches = route.match(PARAM_REGEX)
|
||||||
|
if (matches) {
|
||||||
|
for (let match of matches) {
|
||||||
|
route = route.replace(match, "/.*/")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return { regex: new RegExp(route), method }
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
module.exports = (noAuthPatterns = []) => {
|
module.exports = (noAuthPatterns = [], opts) => {
|
||||||
const regex = new RegExp(noAuthPatterns.join("|"))
|
const noAuthOptions = noAuthPatterns ? buildNoAuthRegex(noAuthPatterns) : []
|
||||||
return async (ctx, next) => {
|
return async (ctx, next) => {
|
||||||
// the path is not authenticated
|
// the path is not authenticated
|
||||||
if (regex.test(ctx.request.url)) {
|
const found = noAuthOptions.find(({ regex, method }) => {
|
||||||
|
return (
|
||||||
|
regex.test(ctx.request.url) &&
|
||||||
|
ctx.request.method.toLowerCase() === method.toLowerCase()
|
||||||
|
)
|
||||||
|
})
|
||||||
|
if (found != null) {
|
||||||
return next()
|
return next()
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
|
@ -34,10 +54,14 @@ module.exports = (noAuthPatterns = []) => {
|
||||||
if (ctx.isAuthenticated !== true) {
|
if (ctx.isAuthenticated !== true) {
|
||||||
ctx.isAuthenticated = false
|
ctx.isAuthenticated = false
|
||||||
}
|
}
|
||||||
|
|
||||||
return next()
|
return next()
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
|
// allow configuring for public access
|
||||||
|
if (opts && opts.publicAllowed) {
|
||||||
|
ctx.isAuthenticated = false
|
||||||
|
} else {
|
||||||
ctx.throw(err.status || 403, err)
|
ctx.throw(err.status || 403, err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -9,13 +9,6 @@ const pkg = require("../../package.json")
|
||||||
const router = new Router()
|
const router = new Router()
|
||||||
const env = require("../environment")
|
const env = require("../environment")
|
||||||
|
|
||||||
const NO_AUTH_ENDPOINTS = [
|
|
||||||
"/health",
|
|
||||||
"/version",
|
|
||||||
"webhooks/trigger",
|
|
||||||
"webhooks/schema",
|
|
||||||
]
|
|
||||||
|
|
||||||
router
|
router
|
||||||
.use(
|
.use(
|
||||||
compress({
|
compress({
|
||||||
|
@ -38,7 +31,11 @@ router
|
||||||
})
|
})
|
||||||
.use("/health", ctx => (ctx.status = 200))
|
.use("/health", ctx => (ctx.status = 200))
|
||||||
.use("/version", ctx => (ctx.body = pkg.version))
|
.use("/version", ctx => (ctx.body = pkg.version))
|
||||||
.use(buildAuthMiddleware(NO_AUTH_ENDPOINTS))
|
.use(
|
||||||
|
buildAuthMiddleware(null, {
|
||||||
|
publicAllowed: true,
|
||||||
|
})
|
||||||
|
)
|
||||||
.use(currentApp)
|
.use(currentApp)
|
||||||
|
|
||||||
// error handling middleware
|
// error handling middleware
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
const authPkg = require("@budibase/auth")
|
const authPkg = require("@budibase/auth")
|
||||||
const { google } = require("@budibase/auth/src/middleware")
|
const { google } = require("@budibase/auth/src/middleware")
|
||||||
const { Configs } = require("../../constants")
|
const { Configs } = require("../../../constants")
|
||||||
const CouchDB = require("../../db")
|
const CouchDB = require("../../../db")
|
||||||
const { sendEmail } = require("../../utilities/email")
|
const { sendEmail } = require("../../../utilities/email")
|
||||||
const { clearCookie, getGlobalUserByEmail } = authPkg.utils
|
const { clearCookie, getGlobalUserByEmail } = authPkg.utils
|
||||||
const { Cookies } = authPkg.constants
|
const { Cookies } = authPkg.constants
|
||||||
const { passport } = authPkg.auth
|
const { passport } = authPkg.auth
|
|
@ -5,10 +5,22 @@ const { routes } = require("./routes")
|
||||||
const { buildAuthMiddleware } = require("@budibase/auth").auth
|
const { buildAuthMiddleware } = require("@budibase/auth").auth
|
||||||
|
|
||||||
const NO_AUTH_ENDPOINTS = [
|
const NO_AUTH_ENDPOINTS = [
|
||||||
"/api/admin/users/first",
|
{
|
||||||
"/api/admin/auth",
|
route: "/api/admin/users/first",
|
||||||
"/api/admin/auth/google",
|
method: "POST",
|
||||||
"/api/admin/auth/google/callback",
|
},
|
||||||
|
{
|
||||||
|
route: "/api/admin/auth",
|
||||||
|
method: "POST",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
route: "/api/admin/auth/google",
|
||||||
|
method: "GET",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
route: "/api/admin/auth/google/callback",
|
||||||
|
method: "GET",
|
||||||
|
},
|
||||||
]
|
]
|
||||||
|
|
||||||
const router = new Router()
|
const router = new Router()
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
const Router = require("@koa/router")
|
const Router = require("@koa/router")
|
||||||
const authController = require("../controllers/auth")
|
const authController = require("../../controllers/admin/auth")
|
||||||
const joiValidator = require("../../middleware/joi-validator")
|
const joiValidator = require("../../../middleware/joi-validator")
|
||||||
const Joi = require("joi")
|
const Joi = require("joi")
|
||||||
|
|
||||||
const router = Router()
|
const router = Router()
|
|
@ -3,7 +3,7 @@ const configRoutes = require("./admin/configs")
|
||||||
const groupRoutes = require("./admin/groups")
|
const groupRoutes = require("./admin/groups")
|
||||||
const templateRoutes = require("./admin/templates")
|
const templateRoutes = require("./admin/templates")
|
||||||
const emailRoutes = require("./admin/email")
|
const emailRoutes = require("./admin/email")
|
||||||
const authRoutes = require("./auth")
|
const authRoutes = require("./admin/auth")
|
||||||
const appRoutes = require("./app")
|
const appRoutes = require("./app")
|
||||||
|
|
||||||
exports.routes = [
|
exports.routes = [
|
||||||
|
|
Loading…
Reference in New Issue