2023-05-06 21:54:51 +01:00
3 changed files with 41 additions and 6 deletions
--- a/app.js
+++ b/app.js
@ -9,7 +9,10 @@ console.log(`Initialising OwlBoard`)
 // External Requires
 const express     = require('express');
 const app         = express();
+
+// Middleware
 const compression = require('compression')
+const authenticate= require('./src/middlewares/auth.middlewares')

 // Internal Requires
 const log      = require('./src/utils/log.utils');          // Log Helper
@ -46,11 +49,11 @@ app.use((err, req, res, next) => {
  return;
 });

-// Express Submodules:
+// Middleware:
 app.use(express.json()); //JSON Parsing for POST Requests
 app.use(compression()) // Compress API Data if supported by client

-// Express Routes
+// Unauthenticated Routes
 app.use('/api/v1/list', listRtr);
 app.use('/api/v1/ldb', ldbRtr);
 app.use('/api/v1/kube', kubeRtr);
@ -58,6 +61,9 @@ app.use('/api/v1/find', findRtr);
 app.use('/api/v1/issue', issueRtr);
 app.use('/api/v1/stats', statRtr)

+// Authented Routes
+app.use('/api/v1/ldbs', authenticate)
+
 // Start Express
 app.listen(srvPort, srvListen, (error) =>{
  if(!error) {
--- a/src/middlewares/auth.middlewares.js
+++ b/src/middlewares/auth.middlewares.js
@ -0,0 +1,25 @@
+const utils = require('../utils/auth.utils')
+const log   = require('../utils/log.utils')
+
+module.exports = async function authCheck(req, res, next) {
+    log.out(`authMiddlewares: Checking authentication`, "INFO")
+    try {
+        var uuid = req.headers.uuid
+    } catch(err) {
+        log.out(`authMiddlewares: No authentication attempted`, "INFO")
+        err.status = 401
+        return next(err)
+    }
+    try {
+        var result = await utils.isAuthed(uuid) | false
+        if (!result) {
+            const err = new Error("Unauthorised");
+            err.status = 401
+            return next(err)
+        } else {
+            return next()
+        }
+    } catch(err) {
+        return next(err)
+    }
+}
--- a/src/utils/auth.utils.js
+++ b/src/utils/auth.utils.js
@ -3,11 +3,15 @@ const crypto = require('crypto')
 const db = require('../services/dbAccess.services')

 // Checks users registration key against issued keys
-async function checkUser(key) {  // Needs testing
+async function isAuthed(key) {  // Needs testing
+    return false;
    q = {uuid: key};
    res = db.query("registrations", q);
    log.out(`authUtils.checkUser: DB Query answer: ${await res}`)
-    return await res
+    
+    // Do something here to determine if authorised or not and simply return a BOOL
+    
+    return
 }

 // Creates an API key for a user
@ -15,7 +19,7 @@ async function generateKey() {  // Needs testing
    return crypto.randomUUID()
 };

-module.export = {
-    checkUser,
+module.exports = {
+    isAuthed,
    generateKey
 }