Add authentication middleware

Signed-off-by: Fred Boniface <fred@fjla.uk>
This commit is contained in:
Fred Boniface 2023-04-05 00:58:48 +01:00
parent b69e34e2b5
commit 1064db3d2f
3 changed files with 41 additions and 6 deletions

10
app.js
View File

@ -9,7 +9,10 @@ console.log(`Initialising OwlBoard`)
// External Requires
const express = require('express');
const app = express();
// Middleware
const compression = require('compression')
const authenticate= require('./src/middlewares/auth.middlewares')
// Internal Requires
const log = require('./src/utils/log.utils'); // Log Helper
@ -46,11 +49,11 @@ app.use((err, req, res, next) => {
return;
});
// Express Submodules:
// Middleware:
app.use(express.json()); //JSON Parsing for POST Requests
app.use(compression()) // Compress API Data if supported by client
// Express Routes
// Unauthenticated Routes
app.use('/api/v1/list', listRtr);
app.use('/api/v1/ldb', ldbRtr);
app.use('/api/v1/kube', kubeRtr);
@ -58,6 +61,9 @@ app.use('/api/v1/find', findRtr);
app.use('/api/v1/issue', issueRtr);
app.use('/api/v1/stats', statRtr)
// Authented Routes
app.use('/api/v1/ldbs', authenticate)
// Start Express
app.listen(srvPort, srvListen, (error) =>{
if(!error) {

View File

@ -0,0 +1,25 @@
const utils = require('../utils/auth.utils')
const log = require('../utils/log.utils')
module.exports = async function authCheck(req, res, next) {
log.out(`authMiddlewares: Checking authentication`, "INFO")
try {
var uuid = req.headers.uuid
} catch(err) {
log.out(`authMiddlewares: No authentication attempted`, "INFO")
err.status = 401
return next(err)
}
try {
var result = await utils.isAuthed(uuid) | false
if (!result) {
const err = new Error("Unauthorised");
err.status = 401
return next(err)
} else {
return next()
}
} catch(err) {
return next(err)
}
}

View File

@ -3,11 +3,15 @@ const crypto = require('crypto')
const db = require('../services/dbAccess.services')
// Checks users registration key against issued keys
async function checkUser(key) { // Needs testing
async function isAuthed(key) { // Needs testing
return false;
q = {uuid: key};
res = db.query("registrations", q);
log.out(`authUtils.checkUser: DB Query answer: ${await res}`)
return await res
// Do something here to determine if authorised or not and simply return a BOOL
return
}
// Creates an API key for a user
@ -15,7 +19,7 @@ async function generateKey() { // Needs testing
return crypto.randomUUID()
};
module.export = {
checkUser,
module.exports = {
isAuthed,
generateKey
}