From a213014a0b9b9c35f5885249445ccea9c829ef32 Mon Sep 17 00:00:00 2001 From: Fred Boniface Date: Fri, 7 Apr 2023 14:39:45 +0100 Subject: [PATCH] It is a silly idea leaving a 404 to mean successful Signed-off-by: Fred Boniface --- app.js | 28 ++++++++++++++-------------- src/middlewares/auth.middlewares.js | 4 +++- 2 files changed, 17 insertions(+), 15 deletions(-) diff --git a/app.js b/app.js index 593238f..d39fb3e 100644 --- a/app.js +++ b/app.js @@ -17,15 +17,15 @@ const rateLimit = require('express-rate-limit') const authenticate= require('./src/middlewares/auth.middlewares') // Internal Requires -const log = require('./src/utils/log.utils'); // Log Helper -const version = require('./src/configs/version.configs'); // Version Strings -const listRtr = require('./src/routes/list.routes'); // /list endpoints -const ldbRtr = require('./src/routes/ldb.routes'); // /ldb endpoints -const kubeRtr = require('./src/routes/kube.routes'); // /kube endpoints -const findRtr = require('./src/routes/find.routes'); // /find endpoints -const issueRtr = require('./src/routes/issue.routes') // /issue endpoints -const statRtr = require('./src/routes/stats.routes'); // /stat endpoints -const regRtr = require('./src/routes/registration.routes'); // /auth endpoints +const log = require('./src/utils/log.utils'); // Log Helper +const version = require('./src/configs/version.configs'); // Version Strings +const listRtr = require('./src/routes/list.routes'); // /list endpoints +const ldbRtr = require('./src/routes/ldb.routes'); // /ldb endpoints +const kubeRtr = require('./src/routes/kube.routes'); // /kube endpoints +const findRtr = require('./src/routes/find.routes'); // /find endpoints +const issueRtr = require('./src/routes/issue.routes'); // /issue endpoints +const statRtr = require('./src/routes/stats.routes'); // /stat endpoints +const regRtr = require('./src/routes/registration.routes'); // /registration endpoints // Set Server Configurations const srvListen = process.env.OWL_SRV_LISTEN || "0.0.0.0" @@ -70,17 +70,17 @@ app.use('/api/v1/ldb', ldbRtr); app.use('/api/v1/kube', kubeRtr); app.use('/api/v1/find', findRtr); app.use('/api/v1/issue', issueRtr); -app.use('/api/v1/stats', statRtr) -app.use('/api/v1/register', regRtr) +app.use('/api/v1/stats', statRtr); +app.use('/api/v1/register', regRtr); // Authented Routes app.use('/api/v1/ldbs', authenticate) -app.use('/api/v1/auth/test', authenticate) // Returns 401 if auth failed, 404 if successful. +app.use('/api/v1/auth/test', authenticate, (req, res) => res.status(200)) // Returns 401 if auth failed, 200 if successful. // Number of proxies: -app.set('trust proxy', 3) +app.set('trust proxy', 4) mode === "development" - ? app.get('/api/v1/ip', (request, response) => response.send(request.ip)) + ? app.get('/api/v1/ip', (req, res) => res.send(req.ip)) : null // Start Express diff --git a/src/middlewares/auth.middlewares.js b/src/middlewares/auth.middlewares.js index a97d0b0..2290340 100644 --- a/src/middlewares/auth.middlewares.js +++ b/src/middlewares/auth.middlewares.js @@ -6,7 +6,7 @@ module.exports = async function authCheck(req, res, next) { try { var uuid = req.headers.uuid } catch(err) { - log.out(`authMiddlewares: No authentication attempted`, "INFO") + log.out(`authMiddlewares: No authentication attempted`, "info") err.status = 401 return next(err) } @@ -15,8 +15,10 @@ module.exports = async function authCheck(req, res, next) { if (!result) { const err = new Error("Unauthorised"); err.status = 401 + log.out(`authMiddlewares: Authentication attempted with incorrect key`, "warn") return next(err) } else { + log.out(`authMiddlewares: User authenticated`, "info") return next() } } catch(err) {