Add new profile endpoint

Add some logging output for auth failures
2023-04-07 23:01:56 +02:00
parent 0453e461c9
commit 1e2bb83447
53 changed files with 3547 additions and 18 deletions
--- a/Backend/src/api/middlewares/client.ts
+++ b/Backend/src/api/middlewares/client.ts
@ -5,6 +5,7 @@ import { validateJWT } from "../../keys";
 import User from "../../models/user";
 import Mail from "../../models/mail";
 import { OAuthJWT } from "../../helper/jwt";
+import Logging from "@hibas123/nodelogging";

 export function GetClientAuthMiddleware(
   checksecret = true,
@ -67,13 +68,16 @@ export function GetClientApiAuthMiddleware(permissions?: string[]) {
   return async (req: Request, res: Response, next: NextFunction) => {
      try {
         const invalid_err = new RequestError(
-            req.__("You are not logged in or your login is expired"),
+            req.__("Unauthorized"),
            HttpStatusCode.UNAUTHORIZED
         );
         let token =
            (req.query.access_token as string) ||
            (req.headers.authorization as string);
-         if (!token) throw invalid_err;
+         if (!token) {
+            Logging.debug("No token found. Searched in query (access_token) and header (authorization)");
+            throw invalid_err;
+         }

         if (token.toLowerCase().startsWith("bearer "))
            token = token.substring(7);
@ -82,22 +86,31 @@ export function GetClientApiAuthMiddleware(permissions?: string[]) {
         try {
            data = await validateJWT(token);
         } catch (err) {
+            Logging.debug("Invalid JWT", err.message);
            throw invalid_err;
         }

         let user = await User.findOne({ uid: data.user });

-         if (!user) throw invalid_err;
+         if (!user) {
+            Logging.debug("User not found");
+            throw invalid_err;
+         }

         let client = await Client.findOne({ client_id: data.application });
-         if (!client) throw invalid_err;
+         if (!client) {
+            Logging.debug("Client not found");
+            throw invalid_err;
+         }

         if (
            permissions &&
            (!data.permissions ||
               !permissions.every((e) => data.permissions.indexOf(e) >= 0))
-         )
+         ) {
+            Logging.debug("Invalid permissions");
            throw invalid_err;
+         }

         req.user = user;
         req.client = client;