MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

in progress - currentapp token

This commit is contained in:
Martin McKeaveney 2021-04-12 12:02:28 +01:00
parent ce55f99a0a
commit dd0b4baef5
5 changed files with 93 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
packages/auth/src/middleware/authenticated.js
View File

@ -15,6 +15,8 @@ async function setCurrentAppContext(ctx) {
return return
} }
console.log("THE APP ID", appId)
const currentAppCookie = getCookie(ctx, Cookies.CurrentApp, { decrypt: true }) const currentAppCookie = getCookie(ctx, Cookies.CurrentApp, { decrypt: true })
const appIdChanged = appId && currentAppCookie.appId !== appId const appIdChanged = appId && currentAppCookie.appId !== appId
if (appIdChanged) { if (appIdChanged) {
@ -45,6 +47,8 @@ module.exports = async (ctx, next) => {
ctx.appId = await setCurrentAppContext(ctx) ctx.appId = await setCurrentAppContext(ctx)
console.log("CONTEXT", ctx)
await next() await next()
} catch (err) { } catch (err) {
console.log(err) console.log(err)

2
packages/server/src/api/controllers/static/index.js
View File

@ -36,7 +36,7 @@ const COMP_LIB_BASE_APP_VERSION = "0.2.5"
exports.serveBuilder = async function(ctx) { exports.serveBuilder = async function(ctx) {
let builderPath = resolve(TOP_LEVEL_PATH, "builder") let builderPath = resolve(TOP_LEVEL_PATH, "builder")
if (ctx.file === "index.html") { if (ctx.file === "index.html") {
await setBuilderToken(ctx) // await setBuilderToken(ctx)
} }
await send(ctx, ctx.file, { root: builderPath }) await send(ctx, ctx.file, { root: builderPath })
} }

134
packages/server/src/middleware/authenticated.js
View File

@ -1,73 +1,73 @@
const jwt = require("jsonwebtoken") // const jwt = require("jsonwebtoken")
const STATUS_CODES = require("../utilities/statusCodes") // const STATUS_CODES = require("../utilities/statusCodes")
const { getRole, getBuiltinRoles } = require("../utilities/security/roles") // const { getRole, getBuiltinRoles } = require("../utilities/security/roles")
const { AuthTypes } = require("../constants") // const { AuthTypes } = require("../constants")
const { // const {
getAppId, // getAppId,
getCookieName, // getCookieName,
clearCookie, // clearCookie,
setCookie, // setCookie,
isClient, // isClient,
} = require("../utilities") // } = require("../utilities")
module.exports = async (ctx, next) => { // module.exports = async (ctx, next) => {
if (ctx.path === "/builder") { // if (ctx.path === "/builder") {
await next() // await next()
return // return
} // }
// do everything we can to make sure the appId is held correctly // // do everything we can to make sure the appId is held correctly
// we hold it in state as a // // we hold it in state as a
let appId = getAppId(ctx) // let appId = getAppId(ctx)
const cookieAppId = ctx.cookies.get(getCookieName("currentapp")) // const cookieAppId = ctx.cookies.get(getCookieName("currentapp"))
const builtinRoles = getBuiltinRoles() // const builtinRoles = getBuiltinRoles()
if (appId && cookieAppId !== appId) { // if (appId && cookieAppId !== appId) {
setCookie(ctx, appId, "currentapp") // setCookie(ctx, appId, "currentapp")
} else if (cookieAppId) { // } else if (cookieAppId) {
appId = cookieAppId // appId = cookieAppId
} // }
let token, authType // let token, authType
if (!isClient(ctx)) { // if (!isClient(ctx)) {
token = ctx.cookies.get(getCookieName()) // token = ctx.cookies.get(getCookieName())
authType = AuthTypes.BUILDER // authType = AuthTypes.BUILDER
} // }
if (!token && appId) { // if (!token && appId) {
token = ctx.cookies.get(getCookieName(appId)) // token = ctx.cookies.get(getCookieName(appId))
authType = AuthTypes.APP // authType = AuthTypes.APP
} // }
if (!token) { // if (!token) {
ctx.auth.authenticated = false // ctx.auth.authenticated = false
ctx.appId = appId // ctx.appId = appId
ctx.user = { // ctx.user = {
role: builtinRoles.PUBLIC, // role: builtinRoles.PUBLIC,
} // }
await next() // await next()
return // return
} // }
try { // try {
ctx.auth.authenticated = authType // ctx.auth.authenticated = authType
const jwtPayload = jwt.verify(token, ctx.config.jwtSecret) // const jwtPayload = jwt.verify(token, ctx.config.jwtSecret)
ctx.appId = appId // ctx.appId = appId
ctx.auth.apiKey = jwtPayload.apiKey // ctx.auth.apiKey = jwtPayload.apiKey
ctx.user = { // ctx.user = {
...jwtPayload, // ...jwtPayload,
role: await getRole(appId, jwtPayload.roleId), // role: await getRole(appId, jwtPayload.roleId),
} // }
// appId no longer carried in user, make sure // // appId no longer carried in user, make sure
delete ctx.user.appId // delete ctx.user.appId
} catch (err) { // } catch (err) {
console.log(err) // console.log(err)
if (authType === AuthTypes.BUILDER) { // if (authType === AuthTypes.BUILDER) {
clearCookie(ctx) // clearCookie(ctx)
ctx.status = 200 // ctx.status = 200
return // return
} else { // } else {
ctx.throw(err.status || STATUS_CODES.FORBIDDEN, err.text) // ctx.throw(err.status || STATUS_CODES.FORBIDDEN, err.text)
} // }
} // }
await next() // await next()
} // }

1
packages/server/src/middleware/authorized.js
View File

@ -40,7 +40,6 @@ module.exports = (permType, permLevel = null) => async (ctx, next) => {
const role = ctx.user.role const role = ctx.user.role
const isAdmin = ADMIN_ROLES.includes(role._id) const isAdmin = ADMIN_ROLES.includes(role._id)
// const isAuthed = ctx.auth.authenticated
const isAuthed = ctx.isAuthenticated const isAuthed = ctx.isAuthenticated
const { basePermissions, permissions } = await getUserPermissions( const { basePermissions, permissions } = await getUserPermissions(

41
packages/server/src/utilities/builder/setBuilderToken.js
View File

@ -3,30 +3,31 @@ const env = require("../../environment")
const CouchDB = require("../../db") const CouchDB = require("../../db")
const jwt = require("jsonwebtoken") const jwt = require("jsonwebtoken")
const { DocumentTypes, SEPARATOR } = require("../../db/utils") const { DocumentTypes, SEPARATOR } = require("../../db/utils")
const { setCookie, clearCookie } = require("../index") const { setCookie } = require("@budibase/auth")
const APP_PREFIX = DocumentTypes.APP + SEPARATOR // const { setCookie, clearCookie } = require("../index")
// const APP_PREFIX = DocumentTypes.APP + SEPARATOR
module.exports = async (ctx, appId, version) => { module.exports = async (ctx, appId, version) => {
const builderUser = { // const builderUser = {
userId: "BUILDER", // userId: "BUILDER",
roleId: BUILTIN_ROLE_IDS.BUILDER, // roleId: BUILTIN_ROLE_IDS.BUILDER,
version, // version,
} // }
if (env.BUDIBASE_API_KEY) { // if (env.BUDIBASE_API_KEY) {
builderUser.apiKey = env.BUDIBASE_API_KEY // builderUser.apiKey = env.BUDIBASE_API_KEY
} // }
const token = jwt.sign(builderUser, ctx.config.jwtSecret, { // const token = jwt.sign(builderUser, ctx.config.jwtSecret, {
expiresIn: "30 days", // expiresIn: "30 days",
}) // })
// set the builder token // set the builder token
setCookie(ctx, token, "builder") // setCookie(ctx, token, "builder")
setCookie(ctx, appId, "currentapp") setCookie(ctx, appId, "currentapp")
// need to clear all app tokens or else unable to use the app in the builder // need to clear all app tokens or else unable to use the app in the builder
let allDbNames = await CouchDB.allDbs() // let allDbNames = await CouchDB.allDbs()
allDbNames.map(dbName => { // allDbNames.map(dbName => {
if (dbName.startsWith(APP_PREFIX)) { // if (dbName.startsWith(APP_PREFIX)) {
clearCookie(ctx, dbName) // clearCookie(ctx, dbName)
} // }
}) // })
} }