better typing, authorization middleware, test for creating apikeys

2025-06-22 15:35:03 +00:00 · 2024-05-30 03:19:47 +02:00 · 2024-05-30 03:19:47 +02:00 · 28862d70ca
commit 28862d70ca
parent 187b7b3e78
6 changed files with 31 additions and 13 deletions
--- a/server-node/declarations/ExpressUser.d.ts
+++ b/server-node/declarations/ExpressUser.d.ts
@ -1,5 +1,7 @@
+type UserModel = import("../src/auth/user/user-model").User;
+
 declare namespace Express {
-    interface User {
-        id?: number;
+    interface User extends UserModel {
+        
    }
 }
--- a/server-node/src/auth/checkAuthorizedMiddleware.ts
+++ b/server-node/src/auth/checkAuthorizedMiddleware.ts
@ -0,0 +1,8 @@
+import { Request, Response, NextFunction } from "express";
+
+export function checkAuthorized(req: Request, res: Response, next: NextFunction) {
+    if(import.meta.env.VITE_AUTH_ENABLED === "False" || req.user) {
+        return next();
+    }
+    return res.status(403).json({"Error": "Authentication failed."});
+}
--- a/server-node/src/routes/api/api-controller.ts
+++ b/server-node/src/routes/api/api-controller.ts
@ -1,18 +1,13 @@
 import express, { Request, Response } from "express";

+import { checkAuthorized } from "../../auth/checkAuthorizedMiddleware";
+
 import workflow from "./workflow-controller";
 import dynamicOperations from "./dynamic-operations-controller";

 const router = express.Router();

-router.use((req, res, next) => {
-    console.log(import.meta.env.VITE_AUTH_ENABLED);
-    if(import.meta.env.VITE_AUTH_ENABLED === "False" || req.user) {
-        next();
-        return;
-    }
-    res.status(403).json({"Error": "Authentication failed."});
-});
+router.use(checkAuthorized);

 router.get("/", (req: Request, res: Response) => {
    // TODO: Implement root api endpoint
--- a/server-node/src/routes/auth/auth-controller.ts
+++ b/server-node/src/routes/auth/auth-controller.ts
@ -4,9 +4,10 @@ import login from "./login-controller";
 import logout from "./logout-controller";
 import register from "./register-controller";
 import status from "./status-controller";
+import createAPIKey from "./create-api-key-controller"

 const router = express.Router();

-router.use("/", [login, logout, register, status]);
+router.use("/", [createAPIKey, login, logout, register, status]);

 export default router;
--- a/server-node/src/routes/auth/create-api-key-controller.ts
+++ b/server-node/src/routes/auth/create-api-key-controller.ts
@ -0,0 +1,11 @@
+import { checkAuthorized } from "../../auth/checkAuthorizedMiddleware";
+import { APIKey } from "../../auth/user/user-model";
+import express, { Request, Response } from "express";
+const router = express.Router();
+
+router.post('/create-api-key', checkAuthorized, async function(req: Request, res: Response) {
+    const apikey: APIKey | undefined = await req.user?.createAPIKey({apikey: "test"}); //TODO: Replace with random string
+    res.json({apikey: apikey});
+});
+
+export default router;
--- a/server-node/src/routes/auth/status-controller.ts
+++ b/server-node/src/routes/auth/status-controller.ts
@ -1,8 +1,9 @@
+import { checkAuthorized } from "../../auth/checkAuthorizedMiddleware";
 import express, { Request, Response } from "express";
 const router = express.Router();

-router.get('/status', async function(req: Request, res: Response) {
-    res.json({user: req.user})
+router.get('/status', checkAuthorized, async function(req: Request, res: Response) {
+    res.json({user: req.user});
 });

 export default router;