Updating auth middleware to accomodate public endpoints for the server properly and some refactoring.

This commit is contained in:
mike12345567 2021-04-28 18:13:21 +01:00
parent 2b58d695af
commit 58ca0d4224
6 changed files with 57 additions and 24 deletions

View File

@ -3,15 +3,35 @@ const database = require("../db")
const { getCookie, clearCookie } = require("../utils") const { getCookie, clearCookie } = require("../utils")
const { StaticDatabases } = require("../db/utils") const { StaticDatabases } = require("../db/utils")
function makeRegex() { const PARAM_REGEX = /\/:(.*?)\//g
function buildNoAuthRegex(patterns) {
return patterns.map(pattern => {
const isObj = typeof pattern === "object" && pattern.route
const method = isObj ? pattern.method : "GET"
let route = isObj ? pattern.route : pattern
const matches = route.match(PARAM_REGEX)
if (matches) {
for (let match of matches) {
route = route.replace(match, "/.*/")
}
}
return { regex: new RegExp(route), method }
})
} }
module.exports = (noAuthPatterns = []) => { module.exports = (noAuthPatterns = [], opts) => {
const regex = new RegExp(noAuthPatterns.join("|")) const noAuthOptions = noAuthPatterns ? buildNoAuthRegex(noAuthPatterns) : []
return async (ctx, next) => { return async (ctx, next) => {
// the path is not authenticated // the path is not authenticated
if (regex.test(ctx.request.url)) { const found = noAuthOptions.find(({ regex, method }) => {
return (
regex.test(ctx.request.url) &&
ctx.request.method.toLowerCase() === method.toLowerCase()
)
})
if (found != null) {
return next() return next()
} }
try { try {
@ -34,10 +54,14 @@ module.exports = (noAuthPatterns = []) => {
if (ctx.isAuthenticated !== true) { if (ctx.isAuthenticated !== true) {
ctx.isAuthenticated = false ctx.isAuthenticated = false
} }
return next() return next()
} catch (err) { } catch (err) {
// allow configuring for public access
if (opts && opts.publicAllowed) {
ctx.isAuthenticated = false
} else {
ctx.throw(err.status || 403, err) ctx.throw(err.status || 403, err)
} }
} }
} }
}

View File

@ -9,13 +9,6 @@ const pkg = require("../../package.json")
const router = new Router() const router = new Router()
const env = require("../environment") const env = require("../environment")
const NO_AUTH_ENDPOINTS = [
"/health",
"/version",
"webhooks/trigger",
"webhooks/schema",
]
router router
.use( .use(
compress({ compress({
@ -38,7 +31,11 @@ router
}) })
.use("/health", ctx => (ctx.status = 200)) .use("/health", ctx => (ctx.status = 200))
.use("/version", ctx => (ctx.body = pkg.version)) .use("/version", ctx => (ctx.body = pkg.version))
.use(buildAuthMiddleware(NO_AUTH_ENDPOINTS)) .use(
buildAuthMiddleware(null, {
publicAllowed: true,
})
)
.use(currentApp) .use(currentApp)
// error handling middleware // error handling middleware

View File

@ -1,8 +1,8 @@
const authPkg = require("@budibase/auth") const authPkg = require("@budibase/auth")
const { google } = require("@budibase/auth/src/middleware") const { google } = require("@budibase/auth/src/middleware")
const { Configs } = require("../../constants") const { Configs } = require("../../../constants")
const CouchDB = require("../../db") const CouchDB = require("../../../db")
const { sendEmail } = require("../../utilities/email") const { sendEmail } = require("../../../utilities/email")
const { clearCookie, getGlobalUserByEmail } = authPkg.utils const { clearCookie, getGlobalUserByEmail } = authPkg.utils
const { Cookies } = authPkg.constants const { Cookies } = authPkg.constants
const { passport } = authPkg.auth const { passport } = authPkg.auth

View File

@ -5,10 +5,22 @@ const { routes } = require("./routes")
const { buildAuthMiddleware } = require("@budibase/auth").auth const { buildAuthMiddleware } = require("@budibase/auth").auth
const NO_AUTH_ENDPOINTS = [ const NO_AUTH_ENDPOINTS = [
"/api/admin/users/first", {
"/api/admin/auth", route: "/api/admin/users/first",
"/api/admin/auth/google", method: "POST",
"/api/admin/auth/google/callback", },
{
route: "/api/admin/auth",
method: "POST",
},
{
route: "/api/admin/auth/google",
method: "GET",
},
{
route: "/api/admin/auth/google/callback",
method: "GET",
},
] ]
const router = new Router() const router = new Router()

View File

@ -1,6 +1,6 @@
const Router = require("@koa/router") const Router = require("@koa/router")
const authController = require("../controllers/auth") const authController = require("../../controllers/admin/auth")
const joiValidator = require("../../middleware/joi-validator") const joiValidator = require("../../../middleware/joi-validator")
const Joi = require("joi") const Joi = require("joi")
const router = Router() const router = Router()

View File

@ -3,7 +3,7 @@ const configRoutes = require("./admin/configs")
const groupRoutes = require("./admin/groups") const groupRoutes = require("./admin/groups")
const templateRoutes = require("./admin/templates") const templateRoutes = require("./admin/templates")
const emailRoutes = require("./admin/email") const emailRoutes = require("./admin/email")
const authRoutes = require("./auth") const authRoutes = require("./admin/auth")
const appRoutes = require("./app") const appRoutes = require("./app")
exports.routes = [ exports.routes = [