foltik
/
shimapan
miroir de https://github.com/Foltik/Shimapan
1
0
Bifurcation 0
Code Tickets 0 Versions 0 Wiki Activité
A simple file sharing site with an easy to use API and online panel.
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
244 Révisions
2 Branches
29MB
Aborescence: e4684384ea
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de 'e4684384ea'
${ noResults }
shimapan/app/util/auth.js

74 lignes
2.5KB
Brut Annotations Historique 

  1. const ModelPath = '../models/';

  2. const Key = require(ModelPath + 'Key.js');

  3. const User = require(ModelPath + 'User.js');

  4. 

  5. const fs = require('fs').promises;

  6. const wrap = require('./wrap.js');

  7. const verifyScope = require('./verifyScope.js');

  8. 

  9. const checkSession = (req, scope, status) => {

  10.     if (req.isAuthenticated()) {

  11.         status.authenticated = true;

  12.         if (!scope || verifyScope(req.session.passport.scope, scope)) {

  13.             req.username = req.session.passport.user;

  14.             req.displayname = req.session.passport.displayname;

  15.             req.scope = req.session.passport.scope;

  16.             req.key = null;

  17.             status.permission = true;

  18.         }

  19.     }

  20. };

  21. 

  22. const checkKey = async (req, scope, status) => {

  23.     if (req.body.key) {

  24.         const key = await Key.findOne({key: req.body.key});

  25.         if (key) {

  26.             status.authenticated = true;

  27.             if (!scope || verifyScope(key.scope, scope)) {

  28.                 req.username = key.issuer;

  29.                 req.displayname = key.issuer;

  30.                 req.scope = key.scope;

  31.                 req.key = key.key;

  32.                 status.permission = true;

  33.             }

  34.         } else {

  35.             // Log failure

  36.             await fs.appendFile('auth.log', `${new Date().toISOString()} key ${req.connection.remoteAddress}\n`);

  37.         }

  38.     }

  39. };

  40. 

  41. // Middleware that checks for authentication by either API key or session

  42. // sets req.username, req.displayname, req.scope, and req.key if authenticated properly,

  43. // otherwise throws an error code.

  44. // If the user is banned, also throw an error.

  45. const requireAuth = scope =>

  46.     wrap(async (req, res, next) => {

  47.         const status = {

  48.             authenticated: false,

  49.             permission: false

  50.         };

  51. 

  52.         // First, check the session

  53.         checkSession(req, scope, status);

  54.         // If not authenticated yet, check for a key

  55.         if (!status.authenticated)

  56.             await checkKey(req, scope, status);

  57. 

  58.         if (!status.authenticated)

  59.             return res.status(401).json({message: 'Unauthorized.'});

  60.         else if (!status.permission)

  61.             return res.status(403).json({message: 'Forbidden.'});

  62. 

  63.         // Check if the user is banned

  64.         const user = await User.findOne({username: req.username});

  65.         if(user && user.banned)

  66.             return res.status(403).json({message: 'Forbidden.'});

  67. 

  68.         next();

  69.     });

  70. 

  71. module.exports.checkSession = checkSession;

  72. module.exports.checkKey = checkKey;

  73. module.exports.requireAuth = requireAuth;