From dd0b4baef5bee8bd2caf1e2cc52d8eef5092a94b Mon Sep 17 00:00:00 2001 From: Martin McKeaveney Date: Mon, 12 Apr 2021 12:02:28 +0100 Subject: [PATCH] in progress - currentapp token --- packages/auth/src/middleware/authenticated.js | 4 + .../src/api/controllers/static/index.js | 2 +- .../server/src/middleware/authenticated.js | 134 +++++++++--------- packages/server/src/middleware/authorized.js | 1 - .../src/utilities/builder/setBuilderToken.js | 41 +++--- 5 files changed, 93 insertions(+), 89 deletions(-) diff --git a/packages/auth/src/middleware/authenticated.js b/packages/auth/src/middleware/authenticated.js index 0c77fbbd17..3301cfbd89 100644 --- a/packages/auth/src/middleware/authenticated.js +++ b/packages/auth/src/middleware/authenticated.js @@ -15,6 +15,8 @@ async function setCurrentAppContext(ctx) { return } + console.log("THE APP ID", appId) + const currentAppCookie = getCookie(ctx, Cookies.CurrentApp, { decrypt: true }) const appIdChanged = appId && currentAppCookie.appId !== appId if (appIdChanged) { @@ -45,6 +47,8 @@ module.exports = async (ctx, next) => { ctx.appId = await setCurrentAppContext(ctx) + console.log("CONTEXT", ctx) + await next() } catch (err) { console.log(err) diff --git a/packages/server/src/api/controllers/static/index.js b/packages/server/src/api/controllers/static/index.js index 71e20923a8..a1edd4643a 100644 --- a/packages/server/src/api/controllers/static/index.js +++ b/packages/server/src/api/controllers/static/index.js @@ -36,7 +36,7 @@ const COMP_LIB_BASE_APP_VERSION = "0.2.5" exports.serveBuilder = async function(ctx) { let builderPath = resolve(TOP_LEVEL_PATH, "builder") if (ctx.file === "index.html") { - await setBuilderToken(ctx) + // await setBuilderToken(ctx) } await send(ctx, ctx.file, { root: builderPath }) } diff --git a/packages/server/src/middleware/authenticated.js b/packages/server/src/middleware/authenticated.js index cbb6ba55c8..848670d67a 100644 --- a/packages/server/src/middleware/authenticated.js +++ b/packages/server/src/middleware/authenticated.js @@ -1,73 +1,73 @@ -const jwt = require("jsonwebtoken") -const STATUS_CODES = require("../utilities/statusCodes") -const { getRole, getBuiltinRoles } = require("../utilities/security/roles") -const { AuthTypes } = require("../constants") -const { - getAppId, - getCookieName, - clearCookie, - setCookie, - isClient, -} = require("../utilities") +// const jwt = require("jsonwebtoken") +// const STATUS_CODES = require("../utilities/statusCodes") +// const { getRole, getBuiltinRoles } = require("../utilities/security/roles") +// const { AuthTypes } = require("../constants") +// const { +// getAppId, +// getCookieName, +// clearCookie, +// setCookie, +// isClient, +// } = require("../utilities") -module.exports = async (ctx, next) => { - if (ctx.path === "/builder") { - await next() - return - } +// module.exports = async (ctx, next) => { +// if (ctx.path === "/builder") { +// await next() +// return +// } - // do everything we can to make sure the appId is held correctly - // we hold it in state as a - let appId = getAppId(ctx) - const cookieAppId = ctx.cookies.get(getCookieName("currentapp")) - const builtinRoles = getBuiltinRoles() - if (appId && cookieAppId !== appId) { - setCookie(ctx, appId, "currentapp") - } else if (cookieAppId) { - appId = cookieAppId - } - let token, authType - if (!isClient(ctx)) { - token = ctx.cookies.get(getCookieName()) - authType = AuthTypes.BUILDER - } +// // do everything we can to make sure the appId is held correctly +// // we hold it in state as a +// let appId = getAppId(ctx) +// const cookieAppId = ctx.cookies.get(getCookieName("currentapp")) +// const builtinRoles = getBuiltinRoles() +// if (appId && cookieAppId !== appId) { +// setCookie(ctx, appId, "currentapp") +// } else if (cookieAppId) { +// appId = cookieAppId +// } +// let token, authType +// if (!isClient(ctx)) { +// token = ctx.cookies.get(getCookieName()) +// authType = AuthTypes.BUILDER +// } - if (!token && appId) { - token = ctx.cookies.get(getCookieName(appId)) - authType = AuthTypes.APP - } +// if (!token && appId) { +// token = ctx.cookies.get(getCookieName(appId)) +// authType = AuthTypes.APP +// } - if (!token) { - ctx.auth.authenticated = false - ctx.appId = appId - ctx.user = { - role: builtinRoles.PUBLIC, - } - await next() - return - } +// if (!token) { +// ctx.auth.authenticated = false +// ctx.appId = appId +// ctx.user = { +// role: builtinRoles.PUBLIC, +// } +// await next() +// return +// } - try { - ctx.auth.authenticated = authType - const jwtPayload = jwt.verify(token, ctx.config.jwtSecret) - ctx.appId = appId - ctx.auth.apiKey = jwtPayload.apiKey - ctx.user = { - ...jwtPayload, - role: await getRole(appId, jwtPayload.roleId), - } - // appId no longer carried in user, make sure - delete ctx.user.appId - } catch (err) { - console.log(err) - if (authType === AuthTypes.BUILDER) { - clearCookie(ctx) - ctx.status = 200 - return - } else { - ctx.throw(err.status || STATUS_CODES.FORBIDDEN, err.text) - } - } +// try { +// ctx.auth.authenticated = authType +// const jwtPayload = jwt.verify(token, ctx.config.jwtSecret) +// ctx.appId = appId +// ctx.auth.apiKey = jwtPayload.apiKey +// ctx.user = { +// ...jwtPayload, +// role: await getRole(appId, jwtPayload.roleId), +// } +// // appId no longer carried in user, make sure +// delete ctx.user.appId +// } catch (err) { +// console.log(err) +// if (authType === AuthTypes.BUILDER) { +// clearCookie(ctx) +// ctx.status = 200 +// return +// } else { +// ctx.throw(err.status || STATUS_CODES.FORBIDDEN, err.text) +// } +// } - await next() -} +// await next() +// } diff --git a/packages/server/src/middleware/authorized.js b/packages/server/src/middleware/authorized.js index a124d396d6..d66df3b7f7 100644 --- a/packages/server/src/middleware/authorized.js +++ b/packages/server/src/middleware/authorized.js @@ -40,7 +40,6 @@ module.exports = (permType, permLevel = null) => async (ctx, next) => { const role = ctx.user.role const isAdmin = ADMIN_ROLES.includes(role._id) - // const isAuthed = ctx.auth.authenticated const isAuthed = ctx.isAuthenticated const { basePermissions, permissions } = await getUserPermissions( diff --git a/packages/server/src/utilities/builder/setBuilderToken.js b/packages/server/src/utilities/builder/setBuilderToken.js index 42730fd2ea..c8fc54cd12 100644 --- a/packages/server/src/utilities/builder/setBuilderToken.js +++ b/packages/server/src/utilities/builder/setBuilderToken.js @@ -3,30 +3,31 @@ const env = require("../../environment") const CouchDB = require("../../db") const jwt = require("jsonwebtoken") const { DocumentTypes, SEPARATOR } = require("../../db/utils") -const { setCookie, clearCookie } = require("../index") -const APP_PREFIX = DocumentTypes.APP + SEPARATOR +const { setCookie } = require("@budibase/auth") +// const { setCookie, clearCookie } = require("../index") +// const APP_PREFIX = DocumentTypes.APP + SEPARATOR module.exports = async (ctx, appId, version) => { - const builderUser = { - userId: "BUILDER", - roleId: BUILTIN_ROLE_IDS.BUILDER, - version, - } - if (env.BUDIBASE_API_KEY) { - builderUser.apiKey = env.BUDIBASE_API_KEY - } - const token = jwt.sign(builderUser, ctx.config.jwtSecret, { - expiresIn: "30 days", - }) + // const builderUser = { + // userId: "BUILDER", + // roleId: BUILTIN_ROLE_IDS.BUILDER, + // version, + // } + // if (env.BUDIBASE_API_KEY) { + // builderUser.apiKey = env.BUDIBASE_API_KEY + // } + // const token = jwt.sign(builderUser, ctx.config.jwtSecret, { + // expiresIn: "30 days", + // }) // set the builder token - setCookie(ctx, token, "builder") + // setCookie(ctx, token, "builder") setCookie(ctx, appId, "currentapp") // need to clear all app tokens or else unable to use the app in the builder - let allDbNames = await CouchDB.allDbs() - allDbNames.map(dbName => { - if (dbName.startsWith(APP_PREFIX)) { - clearCookie(ctx, dbName) - } - }) + // let allDbNames = await CouchDB.allDbs() + // allDbNames.map(dbName => { + // if (dbName.startsWith(APP_PREFIX)) { + // clearCookie(ctx, dbName) + // } + // }) }