Add new profile endpoint
Add some logging output for auth failures
This commit is contained in:
@ -5,6 +5,7 @@ import { validateJWT } from "../../keys";
|
||||
import User from "../../models/user";
|
||||
import Mail from "../../models/mail";
|
||||
import { OAuthJWT } from "../../helper/jwt";
|
||||
import Logging from "@hibas123/nodelogging";
|
||||
|
||||
export function GetClientAuthMiddleware(
|
||||
checksecret = true,
|
||||
@ -67,13 +68,16 @@ export function GetClientApiAuthMiddleware(permissions?: string[]) {
|
||||
return async (req: Request, res: Response, next: NextFunction) => {
|
||||
try {
|
||||
const invalid_err = new RequestError(
|
||||
req.__("You are not logged in or your login is expired"),
|
||||
req.__("Unauthorized"),
|
||||
HttpStatusCode.UNAUTHORIZED
|
||||
);
|
||||
let token =
|
||||
(req.query.access_token as string) ||
|
||||
(req.headers.authorization as string);
|
||||
if (!token) throw invalid_err;
|
||||
if (!token) {
|
||||
Logging.debug("No token found. Searched in query (access_token) and header (authorization)");
|
||||
throw invalid_err;
|
||||
}
|
||||
|
||||
if (token.toLowerCase().startsWith("bearer "))
|
||||
token = token.substring(7);
|
||||
@ -82,22 +86,31 @@ export function GetClientApiAuthMiddleware(permissions?: string[]) {
|
||||
try {
|
||||
data = await validateJWT(token);
|
||||
} catch (err) {
|
||||
Logging.debug("Invalid JWT", err.message);
|
||||
throw invalid_err;
|
||||
}
|
||||
|
||||
let user = await User.findOne({ uid: data.user });
|
||||
|
||||
if (!user) throw invalid_err;
|
||||
if (!user) {
|
||||
Logging.debug("User not found");
|
||||
throw invalid_err;
|
||||
}
|
||||
|
||||
let client = await Client.findOne({ client_id: data.application });
|
||||
if (!client) throw invalid_err;
|
||||
if (!client) {
|
||||
Logging.debug("Client not found");
|
||||
throw invalid_err;
|
||||
}
|
||||
|
||||
if (
|
||||
permissions &&
|
||||
(!data.permissions ||
|
||||
!permissions.every((e) => data.permissions.indexOf(e) >= 0))
|
||||
)
|
||||
) {
|
||||
Logging.debug("Invalid permissions");
|
||||
throw invalid_err;
|
||||
}
|
||||
|
||||
req.user = user;
|
||||
req.client = client;
|
||||
|
Reference in New Issue
Block a user