adding auth object to context rather than separate booleans
This commit is contained in:
parent
1f92c9cd14
commit
c5efdbc3d0
|
@ -136,7 +136,7 @@ exports.performLocalFileProcessing = async function(ctx) {
|
|||
}
|
||||
|
||||
exports.serveApp = async function(ctx) {
|
||||
const mainOrAuth = ctx.isAuthenticated ? "main" : "unauthenticated"
|
||||
const mainOrAuth = ctx.auth.authenticated ? "main" : "unauthenticated"
|
||||
|
||||
// default to homedir
|
||||
const appPath = resolve(
|
||||
|
@ -154,7 +154,7 @@ exports.serveApp = async function(ctx) {
|
|||
// only set the appId cookie for /appId .. we COULD check for valid appIds
|
||||
// but would like to avoid that DB hit
|
||||
const looksLikeAppId = /^(app_)?[0-9a-f]{32}$/.test(appId)
|
||||
if (looksLikeAppId && !ctx.isAuthenticated) {
|
||||
if (looksLikeAppId && !ctx.auth.authenticated) {
|
||||
const anonUser = {
|
||||
userId: "ANON",
|
||||
accessLevelId: ANON_LEVEL_ID,
|
||||
|
@ -200,7 +200,7 @@ exports.serveAttachment = async function(ctx) {
|
|||
|
||||
exports.serveAppAsset = async function(ctx) {
|
||||
// default to homedir
|
||||
const mainOrAuth = ctx.isAuthenticated ? "main" : "unauthenticated"
|
||||
const mainOrAuth = ctx.auth.authenticated ? "main" : "unauthenticated"
|
||||
|
||||
const appPath = resolve(
|
||||
budibaseAppsDir(),
|
||||
|
|
|
@ -24,6 +24,7 @@ app.use(
|
|||
)
|
||||
|
||||
app.context.eventEmitter = eventEmitter
|
||||
app.context.auth = {}
|
||||
|
||||
// api routes
|
||||
app.use(api.routes())
|
||||
|
|
|
@ -20,8 +20,10 @@ module.exports = async (ctx, next) => {
|
|||
if (builderToken) {
|
||||
try {
|
||||
const jwtPayload = jwt.verify(builderToken, ctx.config.jwtSecret)
|
||||
ctx.apiKey = jwtPayload.apiKey
|
||||
ctx.isAuthenticated = jwtPayload.accessLevelId === BUILDER_LEVEL_ID
|
||||
ctx.auth = {
|
||||
apiKey: jwtPayload.apiKey,
|
||||
authenticated: jwtPayload.accessLevelId === BUILDER_LEVEL_ID,
|
||||
}
|
||||
ctx.user = {
|
||||
...jwtPayload,
|
||||
accessLevel: await getAccessLevel(
|
||||
|
@ -38,14 +40,13 @@ module.exports = async (ctx, next) => {
|
|||
}
|
||||
|
||||
if (!appToken) {
|
||||
ctx.isAuthenticated = false
|
||||
ctx.auth.authenticated = false
|
||||
await next()
|
||||
return
|
||||
}
|
||||
|
||||
try {
|
||||
const jwtPayload = jwt.verify(appToken, ctx.config.jwtSecret)
|
||||
ctx.apiKey = jwtPayload.apiKey
|
||||
ctx.user = {
|
||||
...jwtPayload,
|
||||
accessLevel: await getAccessLevel(
|
||||
|
@ -53,7 +54,10 @@ module.exports = async (ctx, next) => {
|
|||
jwtPayload.accessLevelId
|
||||
),
|
||||
}
|
||||
ctx.isAuthenticated = ctx.user.accessLevelId !== ANON_LEVEL_ID
|
||||
ctx.auth = {
|
||||
authenticated: ctx.user.accessLevelId !== ANON_LEVEL_ID,
|
||||
apiKey: jwtPayload.apiKey,
|
||||
}
|
||||
} catch (err) {
|
||||
ctx.throw(err.status || STATUS_CODES.FORBIDDEN, err.text)
|
||||
}
|
||||
|
|
|
@ -20,9 +20,11 @@ module.exports = (permName, getItemId) => async (ctx, next) => {
|
|||
})
|
||||
|
||||
if (apiKeyInfo) {
|
||||
ctx.isAuthenticated = true
|
||||
ctx.externalWebhook = true
|
||||
ctx.apiKey = ctx.headers["x-api-key"]
|
||||
ctx.auth = {
|
||||
authenticated: true,
|
||||
external: true,
|
||||
apiKey: ctx.headers["x-api-key"],
|
||||
}
|
||||
ctx.user = {
|
||||
instanceId: ctx.headers["x-instanceid"],
|
||||
}
|
||||
|
@ -32,7 +34,7 @@ module.exports = (permName, getItemId) => async (ctx, next) => {
|
|||
ctx.throw(403, "API key invalid")
|
||||
}
|
||||
|
||||
if (!ctx.isAuthenticated) {
|
||||
if (!ctx.auth.authenticated) {
|
||||
ctx.throw(403, "Session not authenticated")
|
||||
}
|
||||
|
||||
|
|
|
@ -55,7 +55,7 @@ module.exports = async (ctx, next) => {
|
|||
return next()
|
||||
}
|
||||
try {
|
||||
await usageQuota.update(ctx.apiKey, property, usage)
|
||||
await usageQuota.update(ctx.auth.apiKey, property, usage)
|
||||
return next()
|
||||
} catch (err) {
|
||||
ctx.throw(403, err)
|
||||
|
|
Loading…
Reference in New Issue