mirror of
https://github.com/umami-software/umami.git
synced 2026-02-04 12:47:13 +01:00
Refactor auth logic.
This commit is contained in:
Mike Cao
parent
edd1751b81
commit
5e2d23f18f
10 changed files with 40 additions and 30 deletions
20
lib/auth.js
20
lib/auth.js
|
|
@ -1,10 +1,10 @@
|
|||
import { validate } from 'uuid';
|
||||
import { parseSecureToken, parseToken, getItem } from 'next-basics';
|
||||
import { AUTH_TOKEN, SHARE_TOKEN_HEADER } from './constants';
|
||||
import { parseSecureToken, parseToken } from 'next-basics';
|
||||
import { getWebsite } from 'queries';
|
||||
import { secret } from './crypto';
|
||||
import { SHARE_TOKEN_HEADER } from 'lib/constants';
|
||||
import { secret } from 'lib/crypto';
|
||||
|
||||
export async function getAuthToken(req) {
|
||||
export function getAuthToken(req) {
|
||||
try {
|
||||
const token = req.headers.authorization;
|
||||
|
||||
|
|
@ -14,13 +14,15 @@ export async function getAuthToken(req) {
|
|||
}
|
||||
}
|
||||
|
||||
export function getAuthHeader() {
|
||||
const token = getItem(AUTH_TOKEN);
|
||||
|
||||
return token ? { authorization: `Bearer ${token}` } : {};
|
||||
export function getShareToken(req) {
|
||||
try {
|
||||
return parseSecureToken(req.headers[SHARE_TOKEN_HEADER], secret());
|
||||
} catch {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
export async function isValidToken(token, validation) {
|
||||
export function isValidToken(token, validation) {
|
||||
try {
|
||||
const result = parseToken(token, secret());
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import { createMiddleware, unauthorized, badRequest, serverError } from 'next-basics';
|
||||
import cors from 'cors';
|
||||
import { getSession } from './session';
|
||||
import { getAuthToken } from './auth';
|
||||
import { getAuthToken, getShareToken } from './auth';
|
||||
|
||||
export const useCors = createMiddleware(cors());
|
||||
|
||||
|
|
@ -27,11 +27,12 @@ export const useSession = createMiddleware(async (req, res, next) => {
|
|||
|
||||
export const useAuth = createMiddleware(async (req, res, next) => {
|
||||
const token = await getAuthToken(req);
|
||||
const shareToken = await getShareToken(req);
|
||||
|
||||
if (!token) {
|
||||
return unauthorized(res);
|
||||
}
|
||||
|
||||
req.auth = token;
|
||||
req.auth = { ...token, shareToken };
|
||||
next();
|
||||
});
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ export async function getSession(req) {
|
|||
|
||||
let websiteId = null;
|
||||
|
||||
// Check if websites exists
|
||||
// Check if website exists
|
||||
if (redis.enabled) {
|
||||
websiteId = Number(await redis.get(`website:${websiteUuid}`));
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue