mirror of
https://github.com/umami-software/umami.git
synced 2026-02-04 04:37:11 +01:00
Refactor authentication and token handling.
This commit is contained in:
Mike Cao
parent
1a8c7c42f4
commit
67732b9b5a
7 changed files with 50 additions and 70 deletions
|
|
@ -1,4 +1,4 @@
|
|||
import { getRandomChars, parseSecureToken, parseToken } from 'next-basics';
|
||||
import { parseSecureToken, parseToken } from 'next-basics';
|
||||
import { getUser, getWebsite } from 'queries';
|
||||
import debug from 'debug';
|
||||
import { SHARE_TOKEN_HEADER, TYPE_USER, TYPE_WEBSITE } from 'lib/constants';
|
||||
|
|
@ -6,10 +6,6 @@ import { secret } from 'lib/crypto';
|
|||
|
||||
const log = debug('umami:auth');
|
||||
|
||||
export function generateAuthToken() {
|
||||
return `auth:${getRandomChars(32)}`;
|
||||
}
|
||||
|
||||
export function getAuthToken(req) {
|
||||
const token = req.headers.authorization;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
import { createMiddleware, unauthorized, badRequest } from 'next-basics';
|
||||
import { createMiddleware, unauthorized, badRequest, parseSecureToken } from 'next-basics';
|
||||
import debug from 'debug';
|
||||
import cors from 'cors';
|
||||
import { findSession } from 'lib/session';
|
||||
import { parseAuthToken, parseShareToken, getAuthToken } from 'lib/auth';
|
||||
import redis from 'lib/redis';
|
||||
import { parseShareToken, getAuthToken } from 'lib/auth';
|
||||
import { secret } from './crypto';
|
||||
|
||||
const log = debug('umami:middleware');
|
||||
|
||||
|
|
@ -22,7 +22,8 @@ export const useSession = createMiddleware(async (req, res, next) => {
|
|||
});
|
||||
|
||||
export const useAuth = createMiddleware(async (req, res, next) => {
|
||||
const token = redis.enabled ? await redis.get(getAuthToken(req)) : await parseAuthToken(req);
|
||||
const token = getAuthToken(req);
|
||||
const payload = parseSecureToken(token, secret());
|
||||
const shareToken = await parseShareToken(req);
|
||||
|
||||
if (!token && !shareToken) {
|
||||
|
|
@ -30,6 +31,6 @@ export const useAuth = createMiddleware(async (req, res, next) => {
|
|||
return unauthorized(res);
|
||||
}
|
||||
|
||||
req.auth = { ...token, shareToken };
|
||||
req.auth = { ...payload, shareToken };
|
||||
next();
|
||||
});
|
||||
|
|
|
|||
12
lib/redis.js
12
lib/redis.js
|
|
@ -9,7 +9,7 @@ let redis;
|
|||
const enabled = Boolean(process.env.REDIS_URL);
|
||||
|
||||
function getClient() {
|
||||
if (!process.env.REDIS_URL) {
|
||||
if (!enabled) {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
@ -32,7 +32,11 @@ function getClient() {
|
|||
async function get(key) {
|
||||
await connect();
|
||||
|
||||
return JSON.parse(await redis.get(key));
|
||||
try {
|
||||
return JSON.parse(await redis.get(key));
|
||||
} catch {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
async function set(key, value) {
|
||||
|
|
@ -48,8 +52,8 @@ async function del(key) {
|
|||
}
|
||||
|
||||
async function connect() {
|
||||
if (!redis) {
|
||||
redis = process.env.REDIS_URL && (global[REDIS] || getClient());
|
||||
if (!redis && enabled) {
|
||||
redis = global[REDIS] || getClient();
|
||||
}
|
||||
|
||||
return redis;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue