Some more logging, moving middlewares to backend-core.

This commit is contained in:
mike12345567 2022-08-04 19:03:50 +01:00
parent a05e21ee4b
commit 65e8af01f5
12 changed files with 28 additions and 52 deletions

View File

@ -19,6 +19,8 @@ const {
csrf,
internalApi,
adminOnly,
builderOnly,
builderOrAdmin,
joiValidator,
} = require("./middleware")
@ -176,5 +178,7 @@ module.exports = {
updateUserOAuth,
ssoCallbackUrl,
adminOnly,
builderOnly,
builderOrAdmin,
joiValidator,
}

View File

@ -81,7 +81,7 @@ module.exports = (
const session = await getSession(userId, sessionId)
if (!session) {
error = "No session found"
error = `Session not found - ${userId} - ${sessionId}`
} else {
try {
if (opts && opts.populateUser) {

View File

@ -10,6 +10,8 @@ const internalApi = require("./internalApi")
const datasourceGoogle = require("./passport/datasource/google")
const csrf = require("./csrf")
const adminOnly = require("./adminOnly")
const builderOrAdmin = require("./builderOrAdmin")
const builderOnly = require("./builderOnly")
const joiValidator = require("./joi-validator")
module.exports = {
google,
@ -27,5 +29,7 @@ module.exports = {
},
csrf,
adminOnly,
builderOnly,
builderOrAdmin,
joiValidator,
}

View File

@ -1,6 +1,7 @@
const redis = require("../redis/init")
const { v4: uuidv4 } = require("uuid")
const { logWarn } = require("../logging")
const env = require("../environment")
// a week in seconds
const EXPIRY_SECONDS = 86400 * 7
@ -34,17 +35,21 @@ async function invalidateSessions(userId, sessionIds = null) {
}))
}
if (sessions && sessions.length > 0) {
const client = await redis.getSessionClient()
const promises = []
for (let session of sessions) {
promises.push(client.delete(session.key))
}
if (!env.isTest()) {
logWarn(
`Invalidating sessions for ${userId} - ${sessions
.map(session => session.key)
.join(", ")}`
)
}
await Promise.all(promises)
}
} catch (err) {
console.error(`Error invalidating sessions: ${err}`)
}

View File

@ -1,6 +1,6 @@
const Router = require("@koa/router")
const controller = require("../../controllers/global/roles")
const builderOrAdmin = require("../../../middleware/builderOrAdmin")
const { builderOrAdmin } = require("@budibase/backend-core/auth")
const router = Router()

View File

@ -1,6 +1,6 @@
const Router = require("@koa/router")
const controller = require("../../controllers/global/self")
const builderOnly = require("../../../middleware/builderOnly")
const { builderOnly } = require("@budibase/backend-core/auth")
const { users } = require("../validation")
const router = Router()

View File

@ -6,7 +6,7 @@ const Joi = require("joi")
const cloudRestricted = require("../../../middleware/cloudRestricted")
const { users } = require("../validation")
const selfController = require("../../controllers/global/self")
const builderOrAdmin = require("../../../middleware/builderOrAdmin")
const { builderOrAdmin } = require("@budibase/backend-core/auth")
const router = Router()

View File

@ -1,4 +1,4 @@
import joiValidator from "../../../middleware/joi-validator"
const { joiValidator } = require("@budibase/backend-core/auth")
import Joi from "joi"
let schema: any = {

View File

@ -1,9 +0,0 @@
module.exports = async (ctx, next) => {
if (
!ctx.internal &&
(!ctx.user || !ctx.user.admin || !ctx.user.admin.global)
) {
ctx.throw(403, "Admin user only endpoint.")
}
return next()
}

View File

@ -1,28 +0,0 @@
function validate(schema, property) {
// Return a Koa middleware function
return (ctx, next) => {
if (!schema) {
return next()
}
let params = null
if (ctx[property] != null) {
params = ctx[property]
} else if (ctx.request[property] != null) {
params = ctx.request[property]
}
const { error } = schema.validate(params)
if (error) {
ctx.throw(400, `Invalid ${property} - ${error.message}`)
return
}
return next()
}
}
module.exports.body = schema => {
return validate(schema, "body")
}
module.exports.params = schema => {
return validate(schema, "params")
}