Re-implement a working auth middleware

Signed-off-by: Fred Boniface <fred@fjla.uk>
This commit is contained in:
Fred Boniface 2024-02-05 19:55:10 +00:00
parent e1ba881be4
commit 88cf7d3d15
7 changed files with 148 additions and 43 deletions

1
app.js
View File

@ -27,6 +27,7 @@ const live2Rtr = require("./src/routes/live.routes"); // API Version 2 Routes
const tt2Rtr = require("./src/routes/timetable.routes"); // API Version 2
const user2Rtr = require("./src/routes/user.routes"); // API Version 2 Routes
const miscRtr = require("./src/routes/misc.routes"); // Non-Public API Routes
const testRtr = require("./src/routes/test.routes");
// Set Server Configurations
const srvListen = process.env.OWL_SRV_LISTEN || "0.0.0.0";

89
package-lock.json generated
View File

@ -25,6 +25,7 @@
},
"devDependencies": {
"@owlboard/ts-types": "^0.1.8",
"@types/express": "^4.17.21",
"@types/jest": "^29.5.3",
"eslint": "^8.39.0",
"jest": "^29.6.2",
@ -2636,6 +2637,49 @@
"@babel/types": "^7.20.7"
}
},
"node_modules/@types/body-parser": {
"version": "1.19.5",
"resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.5.tgz",
"integrity": "sha512-fB3Zu92ucau0iQ0JMCFQE7b/dv8Ot07NI3KaZIkIUNXq82k4eBAqUaneXfleGY9JWskeS9y+u0nXMyspcuQrCg==",
"dev": true,
"dependencies": {
"@types/connect": "*",
"@types/node": "*"
}
},
"node_modules/@types/connect": {
"version": "3.4.38",
"resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.38.tgz",
"integrity": "sha512-K6uROf1LD88uDQqJCktA4yzL1YYAK6NgfsI0v/mTgyPKWsX1CnJ0XPSDhViejru1GcRkLWb8RlzFYJRqGUbaug==",
"dev": true,
"dependencies": {
"@types/node": "*"
}
},
"node_modules/@types/express": {
"version": "4.17.21",
"resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz",
"integrity": "sha512-ejlPM315qwLpaQlQDTjPdsUFSc6ZsP4AN6AlWnogPjQ7CVi7PYF3YVz+CY3jE2pwYf7E/7HlDAN0rV2GxTG0HQ==",
"dev": true,
"dependencies": {
"@types/body-parser": "*",
"@types/express-serve-static-core": "^4.17.33",
"@types/qs": "*",
"@types/serve-static": "*"
}
},
"node_modules/@types/express-serve-static-core": {
"version": "4.17.43",
"resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.43.tgz",
"integrity": "sha512-oaYtiBirUOPQGSWNGPWnzyAFJ0BP3cwvN4oWZQY+zUBwpVIGsKUkpBpSztp74drYcjavs7SKFZ4DX1V2QeN8rg==",
"dev": true,
"dependencies": {
"@types/node": "*",
"@types/qs": "*",
"@types/range-parser": "*",
"@types/send": "*"
}
},
"node_modules/@types/graceful-fs": {
"version": "4.1.6",
"resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.6.tgz",
@ -2645,6 +2689,12 @@
"@types/node": "*"
}
},
"node_modules/@types/http-errors": {
"version": "2.0.4",
"resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.4.tgz",
"integrity": "sha512-D0CFMMtydbJAegzOyHjtiKPLlvnm3iTZyZRSZoLq2mRhDdmLfIWOCYPfQJ4cu2erKghU++QvjcUjp/5h7hESpA==",
"dev": true
},
"node_modules/@types/istanbul-lib-coverage": {
"version": "2.0.4",
"resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz",
@ -2679,11 +2729,50 @@
"pretty-format": "^29.0.0"
}
},
"node_modules/@types/mime": {
"version": "1.3.5",
"resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz",
"integrity": "sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w==",
"dev": true
},
"node_modules/@types/node": {
"version": "20.6.2",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.6.2.tgz",
"integrity": "sha512-Y+/1vGBHV/cYk6OI1Na/LHzwnlNCAfU3ZNGrc1LdRe/LAIbdDPTTv/HU3M7yXN448aTVDq3eKRm2cg7iKLb8gw=="
},
"node_modules/@types/qs": {
"version": "6.9.11",
"resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.11.tgz",
"integrity": "sha512-oGk0gmhnEJK4Yyk+oI7EfXsLayXatCWPHary1MtcmbAifkobT9cM9yutG/hZKIseOU0MqbIwQ/u2nn/Gb+ltuQ==",
"dev": true
},
"node_modules/@types/range-parser": {
"version": "1.2.7",
"resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz",
"integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==",
"dev": true
},
"node_modules/@types/send": {
"version": "0.17.4",
"resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz",
"integrity": "sha512-x2EM6TJOybec7c52BX0ZspPodMsQUd5L6PRwOunVyVUhXiBSKf3AezDL8Dgvgt5o0UfKNfuA0eMLr2wLT4AiBA==",
"dev": true,
"dependencies": {
"@types/mime": "^1",
"@types/node": "*"
}
},
"node_modules/@types/serve-static": {
"version": "1.15.5",
"resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.5.tgz",
"integrity": "sha512-PDRk21MnK70hja/YF8AHfC7yIsiQHn1rcXx7ijCFBX/k+XQJhQT/gw3xekXKJvx+5SXaMMS8oqQy09Mzvz2TuQ==",
"dev": true,
"dependencies": {
"@types/http-errors": "*",
"@types/mime": "*",
"@types/node": "*"
}
},
"node_modules/@types/stack-utils": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.1.tgz",

View File

@ -34,6 +34,7 @@
},
"devDependencies": {
"@owlboard/ts-types": "^0.1.8",
"@types/express": "^4.17.21",
"@types/jest": "^29.5.3",
"eslint": "^8.39.0",
"jest": "^29.6.2",

View File

@ -17,12 +17,12 @@ async function getByHeadcodeToday(req, res, next) {
}
async function get(req, res, next) {
/* if (!req.isAuthed) {
if (!req.isAuthed) {
const err = new Error("Unauthorized");
err.status = 401;
next(err);
} -_-_-_ TEMP DISABLE AUTH _-_-_-
*/ let date = req.params.date;
}
let date = req.params.date;
let searchType = req.params.searchType;
let id = req.params.id;
try {

View File

@ -1,40 +0,0 @@
const utils = require("../utils/auth.utils");
const logger = require("../utils/logger.utils");
module.exports = async function authCheck(req, res, next) {
//log.out("authMiddlewares: Checking authentication", "dbug");
logger.logger.debug("Auth check starting");
if (process.env.NODE_ENV === "development") {
logger.logger.warn("DEVELOPMENT MODE - AUTHENTICATION DISABLED");
res.isAuthed = true;
return next();
}
try {
var uuid = req.headers.uuid;
} catch (err) {
logger.logger.warn("Unable to read UUID header - Not authenticated");
req.isAuthed = false;
return next();
}
try {
var result = (await utils.isAuthed(uuid)) || false;
if (!result) {
req.isAuthed = false;
//log.out("authMiddlewares: User !isAuthed", "dbug");
logger.logger.debug("Auth denied");
} else {
req.isAuthed = true;
//log.out("authMiddlewares: User isAuthed", "dbug");
logger.logger.debug("Auth successful");
}
return next();
} catch (err) {
/*log.out(
"authMiddlewares: Unable to check auth, default to !isAuthed",
"warn"
);*/
logger.logger.error(err, `Auth check failed`);
req.isAuthed = false;
return next(err);
}
};

View File

@ -0,0 +1,42 @@
import { NextFunction, Request, Response } from "express";
const utils = require("../utils/auth.utils");
const logger = require("../utils/logger.utils");
module.exports = async function authCheck(req: Request, res: Response, next: NextFunction) {
logger.logger.debug("auth.middleware: Auth check begun");
if (process.env.NODE_ENV === "development") {
req.isAuthed = true;
logger.logger.warn("auth.middleware: DEV MODE - Access Granted");
next();
} else {
const id: string | string[] | undefined = req.headers.uuid;
if (typeof id === 'undefined') {
req.isAuthed = false;
logger.logger.info("auth.middleware: Authentication failed");
next();
} else if (typeof id === 'string') {
const authCheck = await utils.isAuthed(id) || false;
if (authCheck) {
req.isAuthed = true;
logger.logger.info("auth.middleware: Authentication Successful");
next();
} else {
req.isAuthed = false;
logger.logger.info("auth.middleware: Authentication Failed");
next();
}
} else if (Array.isArray(id)) {
const authCheck = await utils.isAuthed(id[0]) || false;
if (authCheck) {
req.isAuthed = true;
logger.logger.warn("auth.middleware: UUID Passed as Array - Authentication Successful");
next();
} else {
req.isAuthed = false;
logger.logger.warn("auth.middleware: UUID Passed as Array - Authentication Failed");
next();
}
}
}
};

12
src/types/index.d.ts vendored Normal file
View File

@ -0,0 +1,12 @@
// src/types/express/index.d.ts
// to make the file a module and avoid the TypeScript error
export {}
declare global {
namespace Express {
export interface Request {
isAuthed: boolean;
}
}
}