diff --git a/src/lib/middleware.ts b/src/lib/middleware.ts deleted file mode 100644 index 464370169..000000000 --- a/src/lib/middleware.ts +++ /dev/null @@ -1,155 +0,0 @@ -import cors from 'cors'; -import debug from 'debug'; -import redis from '@umami/redis-client'; -import { getAuthToken, parseShareToken } from 'lib/auth'; -import { ROLES } from 'lib/constants'; -import { secret } from 'lib/crypto'; -import { findSession } from 'lib/session'; -import { - badRequest, - createMiddleware, - forbidden, - parseSecureToken, - tooManyRequest, - unauthorized, -} from 'next-basics'; -import { NextApiRequestCollect } from 'pages/api/send'; -import { getUserById } from '../queries'; -import NextAuth from "next-auth" -import CognitoProvider from "next-auth/providers/cognito"; -import { to } from '@react-spring/web'; - - -export const authOptions = { - providers: [ - CognitoProvider({ - clientId: process.env.COGNITO_CLIENT_ID, - clientSecret: process.env.COGNITO_CLIENT_SECRET , - issuer: process.env.COGNITO_DOMAIN , - idToken: true, - name: 'Cognito', - checks: 'nonce', - }), - ], - callbacks: { - async jwt({ token, user, account }) { - console.log("in next auth::::",token) - if (account) { - if (account['provider'] === 'cognito') { - var tokenParsed = JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString()); - console.log("token parsed",tokenParsed ) - // token.refreshToken = account?.refresh_token; - // token.accessTokenExpires = account.expires_at * 1000; - console.log("token parsed::::",tokenParsed['cognito:username'],tokenParsed['iat']) - return { userId: tokenParsed['cognito:username'], iat: tokenParsed['iat'] }; - } - } - // Return previous token if the access token has not expired yet - if ((Date.now()) < (token.accessTokenExpires ?? 0)) { - return token; - } - - // Access token has expired, try to update it - }, - } -} - - - -export default NextAuth(authOptions) - -const log = debug('umami:middleware'); - -export const useCors = createMiddleware( - cors({ - // Cache CORS preflight request 24 hours by default - maxAge: Number(process.env.CORS_MAX_AGE) || 86400, - }), -); - -export const useSession = createMiddleware(async (req, res, next) => { - try { - const session = await findSession(req as NextApiRequestCollect); - - if (!session) { - log('useSession: Session not found'); - return badRequest(res, 'Session not found.'); - } - - (req as any).session = session; - } catch (e: any) { - if (e.message === 'Usage Limit.') { - return tooManyRequest(res, e.message); - } - if (e.message.startsWith('Website not found:')) { - return forbidden(res, e.message); - } - return badRequest(res, e.message); - } - - next(); -}); - -export const useAuth = createMiddleware(async (req, res, next) => { - const token = getAuthToken(req); - //console.log("got auth token",token) - const payload = parseSecureToken(token, secret()); - const shareToken = await parseShareToken(req as any); - //console.log("got shareToken",shareToken); - let cognitoPayload = {}; - if(!payload){ - cognitoPayload = await authOptions.callbacks.jwt({token:token,user:"",account:{provider:"cognito"}}); - } - console.log("cognito auth payload",cognitoPayload) - console.log("umami auth payload ",payload); - let user = null; - const { userId, authKey, grant } = payload || cognitoPayload || {}; - - if (userId) { - user = await getUserById(userId); - } else if (redis.enabled && authKey) { - const key = await redis.client.get(authKey); - - if (key?.userId) { - user = await getUserById(key.userId); - } - } - - if (process.env.NODE_ENV === 'development') { - log('useAuth:', { token, shareToken, payload, user, grant }); - } - - if (!user?.id && !shareToken) { - log('useAuth: User not authorized'); - return unauthorized(res); - } - - if (user) { - user.isAdmin = user.role === ROLES.admin; - } - - (req as any).auth = { - user, - grant, - token, - shareToken, - authKey, - }; - - next(); -}); - -export const useValidate = async (schema, req, res) => { - return createMiddleware(async (req: any, res, next) => { - try { - const rules = schema[req.method]; - if (rules) { - rules.validateSync({ ...req.query, ...req.body }); - } - } catch (e: any) { - return badRequest(res, e.message); - } - - next(); - })(req, res); -};