watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2025-12-08 05:12:36 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Refactor authentication and token handling.

Browse source
This commit is contained in:
Mike Cao 2022-11-08 22:58:52 -08:00
parent 1a8c7c42f4
commit 67732b9b5a
7 changed files with 50 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

11
lib/middleware.js
View file

@ -1,9 +1,9 @@
import { createMiddleware, unauthorized, badRequest } from 'next-basics';
import { createMiddleware, unauthorized, badRequest, parseSecureToken } from 'next-basics';
import debug from 'debug';
import cors from 'cors';
import { findSession } from 'lib/session';
import { parseAuthToken, parseShareToken, getAuthToken } from 'lib/auth';
import redis from 'lib/redis';
import { parseShareToken, getAuthToken } from 'lib/auth';
import { secret } from './crypto';
const log = debug('umami:middleware');
@ -22,7 +22,8 @@ export const useSession = createMiddleware(async (req, res, next) => {
});
export const useAuth = createMiddleware(async (req, res, next) => {
const token = redis.enabled ? await redis.get(getAuthToken(req)) : await parseAuthToken(req);
const token = getAuthToken(req);
const payload = parseSecureToken(token, secret());
const shareToken = await parseShareToken(req);
if (!token && !shareToken) {
@ -30,6 +31,6 @@ export const useAuth = createMiddleware(async (req, res, next) => {
return unauthorized(res);
}
req.auth = { ...token, shareToken };
req.auth = { ...payload, shareToken };
next();
});