Add authentication middleware
Signed-off-by: Fred Boniface <fred@fjla.uk>
This commit is contained in:
parent
b69e34e2b5
commit
1064db3d2f
10
app.js
10
app.js
@ -9,7 +9,10 @@ console.log(`Initialising OwlBoard`)
|
||||
// External Requires
|
||||
const express = require('express');
|
||||
const app = express();
|
||||
|
||||
// Middleware
|
||||
const compression = require('compression')
|
||||
const authenticate= require('./src/middlewares/auth.middlewares')
|
||||
|
||||
// Internal Requires
|
||||
const log = require('./src/utils/log.utils'); // Log Helper
|
||||
@ -46,11 +49,11 @@ app.use((err, req, res, next) => {
|
||||
return;
|
||||
});
|
||||
|
||||
// Express Submodules:
|
||||
// Middleware:
|
||||
app.use(express.json()); //JSON Parsing for POST Requests
|
||||
app.use(compression()) // Compress API Data if supported by client
|
||||
|
||||
// Express Routes
|
||||
// Unauthenticated Routes
|
||||
app.use('/api/v1/list', listRtr);
|
||||
app.use('/api/v1/ldb', ldbRtr);
|
||||
app.use('/api/v1/kube', kubeRtr);
|
||||
@ -58,6 +61,9 @@ app.use('/api/v1/find', findRtr);
|
||||
app.use('/api/v1/issue', issueRtr);
|
||||
app.use('/api/v1/stats', statRtr)
|
||||
|
||||
// Authented Routes
|
||||
app.use('/api/v1/ldbs', authenticate)
|
||||
|
||||
// Start Express
|
||||
app.listen(srvPort, srvListen, (error) =>{
|
||||
if(!error) {
|
||||
|
25
src/middlewares/auth.middlewares.js
Normal file
25
src/middlewares/auth.middlewares.js
Normal file
@ -0,0 +1,25 @@
|
||||
const utils = require('../utils/auth.utils')
|
||||
const log = require('../utils/log.utils')
|
||||
|
||||
module.exports = async function authCheck(req, res, next) {
|
||||
log.out(`authMiddlewares: Checking authentication`, "INFO")
|
||||
try {
|
||||
var uuid = req.headers.uuid
|
||||
} catch(err) {
|
||||
log.out(`authMiddlewares: No authentication attempted`, "INFO")
|
||||
err.status = 401
|
||||
return next(err)
|
||||
}
|
||||
try {
|
||||
var result = await utils.isAuthed(uuid) | false
|
||||
if (!result) {
|
||||
const err = new Error("Unauthorised");
|
||||
err.status = 401
|
||||
return next(err)
|
||||
} else {
|
||||
return next()
|
||||
}
|
||||
} catch(err) {
|
||||
return next(err)
|
||||
}
|
||||
}
|
@ -3,11 +3,15 @@ const crypto = require('crypto')
|
||||
const db = require('../services/dbAccess.services')
|
||||
|
||||
// Checks users registration key against issued keys
|
||||
async function checkUser(key) { // Needs testing
|
||||
async function isAuthed(key) { // Needs testing
|
||||
return false;
|
||||
q = {uuid: key};
|
||||
res = db.query("registrations", q);
|
||||
log.out(`authUtils.checkUser: DB Query answer: ${await res}`)
|
||||
return await res
|
||||
|
||||
// Do something here to determine if authorised or not and simply return a BOOL
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// Creates an API key for a user
|
||||
@ -15,7 +19,7 @@ async function generateKey() { // Needs testing
|
||||
return crypto.randomUUID()
|
||||
};
|
||||
|
||||
module.export = {
|
||||
checkUser,
|
||||
module.exports = {
|
||||
isAuthed,
|
||||
generateKey
|
||||
}
|
Loading…
Reference in New Issue
Block a user