Temp account portal logging

This commit is contained in:
Rory Powell 2021-09-28 10:15:48 +01:00
parent 6a05c9e067
commit aa428881e7
1 changed files with 25 additions and 0 deletions

View File

@ -10,10 +10,15 @@ function finalise(
{ authenticated, user, internal, version, publicEndpoint } = {} { authenticated, user, internal, version, publicEndpoint } = {}
) { ) {
ctx.publicEndpoint = publicEndpoint || false ctx.publicEndpoint = publicEndpoint || false
console.log("Temp Auth Middleware: public endoint", ctx.publicEndpoint)
ctx.isAuthenticated = authenticated || false ctx.isAuthenticated = authenticated || false
console.log("Temp Auth Middleware: isAuthenticated", ctx.isAuthenticated)
ctx.user = user ctx.user = user
console.log("Temp Auth Middleware: user", ctx.user)
ctx.internal = internal || false ctx.internal = internal || false
console.log("Temp Auth Middleware: internal", ctx.internal)
ctx.version = version ctx.version = version
console.log("Temp Auth Middleware: version", ctx.version)
} }
/** /**
@ -27,40 +32,50 @@ module.exports = (
) => { ) => {
const noAuthOptions = noAuthPatterns ? buildMatcherRegex(noAuthPatterns) : [] const noAuthOptions = noAuthPatterns ? buildMatcherRegex(noAuthPatterns) : []
return async (ctx, next) => { return async (ctx, next) => {
console.log("Temp Auth Middleware: Start auth middleware")
let publicEndpoint = false let publicEndpoint = false
const version = ctx.request.headers[Headers.API_VER] const version = ctx.request.headers[Headers.API_VER]
// the path is not authenticated // the path is not authenticated
const found = matches(ctx, noAuthOptions) const found = matches(ctx, noAuthOptions)
if (found) { if (found) {
console.log("Temp Auth Middleware: Public endpoint found")
publicEndpoint = true publicEndpoint = true
} }
try { try {
console.log("Temp Auth Middleware: Parsing cookie")
// check the actual user is authenticated first // check the actual user is authenticated first
const authCookie = getCookie(ctx, Cookies.Auth) const authCookie = getCookie(ctx, Cookies.Auth)
let authenticated = false, let authenticated = false,
user = null, user = null,
internal = false internal = false
if (authCookie) { if (authCookie) {
console.log("Temp Auth Middleware: Auth cookie found")
let error = null let error = null
const sessionId = authCookie.sessionId, const sessionId = authCookie.sessionId,
userId = authCookie.userId userId = authCookie.userId
console.log("Temp Auth Middleware: Getting session")
const session = await getSession(userId, sessionId) const session = await getSession(userId, sessionId)
if (!session) { if (!session) {
error = "No session found" error = "No session found"
} else { } else {
try { try {
console.log("Temp Auth Middleware: Getting user")
if (opts && opts.populateUser) { if (opts && opts.populateUser) {
console.log("Temp Auth Middleware: Populate user function found")
user = await getUser( user = await getUser(
userId, userId,
session.tenantId, session.tenantId,
opts.populateUser(ctx) opts.populateUser(ctx)
) )
} else { } else {
console.log("Temp Auth Middleware: Getting user from DB")
user = await getUser(userId, session.tenantId) user = await getUser(userId, session.tenantId)
} }
delete user.password delete user.password
console.log("Temp Auth Middleware: User is authenticated")
authenticated = true authenticated = true
} catch (err) { } catch (err) {
console.log("Temp Auth Middleware: Holy shit there was an error")
error = err error = err
} }
} }
@ -69,6 +84,7 @@ module.exports = (
// remove the cookie as the user does not exist anymore // remove the cookie as the user does not exist anymore
clearCookie(ctx, Cookies.Auth) clearCookie(ctx, Cookies.Auth)
} else { } else {
console.log("Temp Auth Middleware: No error")
// make sure we denote that the session is still in use // make sure we denote that the session is still in use
await updateSessionTTL(session) await updateSessionTTL(session)
} }
@ -87,14 +103,23 @@ module.exports = (
if (authenticated !== true) { if (authenticated !== true) {
authenticated = false authenticated = false
} }
console.log("Temp Auth Middleware: Auth status", {
authenticated,
user,
internal,
version,
publicEndpoint,
})
// isAuthenticated is a function, so use a variable to be able to check authed state // isAuthenticated is a function, so use a variable to be able to check authed state
finalise(ctx, { authenticated, user, internal, version, publicEndpoint }) finalise(ctx, { authenticated, user, internal, version, publicEndpoint })
return next() return next()
} catch (err) { } catch (err) {
console.log("Temp Auth Middleware: Error:", err)
// allow configuring for public access // allow configuring for public access
if ((opts && opts.publicAllowed) || publicEndpoint) { if ((opts && opts.publicAllowed) || publicEndpoint) {
finalise(ctx, { authenticated: false, version, publicEndpoint }) finalise(ctx, { authenticated: false, version, publicEndpoint })
} else { } else {
console.log("Temp Auth Middleware: Throwing error status", err.status)
ctx.throw(err.status || 403, err) ctx.throw(err.status || 403, err)
} }
} }