diff --git a/server-node/declarations/ExpressUser.d.ts b/server-node/declarations/ExpressUser.d.ts index e913ffa44..306fc695b 100644 --- a/server-node/declarations/ExpressUser.d.ts +++ b/server-node/declarations/ExpressUser.d.ts @@ -1,5 +1,7 @@ +type UserModel = import("../src/auth/user/user-model").User; + declare namespace Express { - interface User { - id?: number; + interface User extends UserModel { + } } \ No newline at end of file diff --git a/server-node/src/auth/checkAuthorizedMiddleware.ts b/server-node/src/auth/checkAuthorizedMiddleware.ts new file mode 100644 index 000000000..844b401ba --- /dev/null +++ b/server-node/src/auth/checkAuthorizedMiddleware.ts @@ -0,0 +1,8 @@ +import { Request, Response, NextFunction } from "express"; + +export function checkAuthorized(req: Request, res: Response, next: NextFunction) { + if(import.meta.env.VITE_AUTH_ENABLED === "False" || req.user) { + return next(); + } + return res.status(403).json({"Error": "Authentication failed."}); +} \ No newline at end of file diff --git a/server-node/src/routes/api/api-controller.ts b/server-node/src/routes/api/api-controller.ts index f865c25c2..bf4c2d3a1 100644 --- a/server-node/src/routes/api/api-controller.ts +++ b/server-node/src/routes/api/api-controller.ts @@ -1,18 +1,13 @@ import express, { Request, Response } from "express"; +import { checkAuthorized } from "../../auth/checkAuthorizedMiddleware"; + import workflow from "./workflow-controller"; import dynamicOperations from "./dynamic-operations-controller"; const router = express.Router(); -router.use((req, res, next) => { - console.log(import.meta.env.VITE_AUTH_ENABLED); - if(import.meta.env.VITE_AUTH_ENABLED === "False" || req.user) { - next(); - return; - } - res.status(403).json({"Error": "Authentication failed."}); -}); +router.use(checkAuthorized); router.get("/", (req: Request, res: Response) => { // TODO: Implement root api endpoint diff --git a/server-node/src/routes/auth/auth-controller.ts b/server-node/src/routes/auth/auth-controller.ts index 8bb44d2f2..5c762ead5 100644 --- a/server-node/src/routes/auth/auth-controller.ts +++ b/server-node/src/routes/auth/auth-controller.ts @@ -4,9 +4,10 @@ import login from "./login-controller"; import logout from "./logout-controller"; import register from "./register-controller"; import status from "./status-controller"; +import createAPIKey from "./create-api-key-controller" const router = express.Router(); -router.use("/", [login, logout, register, status]); +router.use("/", [createAPIKey, login, logout, register, status]); export default router; \ No newline at end of file diff --git a/server-node/src/routes/auth/create-api-key-controller.ts b/server-node/src/routes/auth/create-api-key-controller.ts new file mode 100644 index 000000000..356766702 --- /dev/null +++ b/server-node/src/routes/auth/create-api-key-controller.ts @@ -0,0 +1,11 @@ +import { checkAuthorized } from "../../auth/checkAuthorizedMiddleware"; +import { APIKey } from "../../auth/user/user-model"; +import express, { Request, Response } from "express"; +const router = express.Router(); + +router.post('/create-api-key', checkAuthorized, async function(req: Request, res: Response) { + const apikey: APIKey | undefined = await req.user?.createAPIKey({apikey: "test"}); //TODO: Replace with random string + res.json({apikey: apikey}); +}); + +export default router; \ No newline at end of file diff --git a/server-node/src/routes/auth/status-controller.ts b/server-node/src/routes/auth/status-controller.ts index b7b98d4f8..692557398 100644 --- a/server-node/src/routes/auth/status-controller.ts +++ b/server-node/src/routes/auth/status-controller.ts @@ -1,8 +1,9 @@ +import { checkAuthorized } from "../../auth/checkAuthorizedMiddleware"; import express, { Request, Response } from "express"; const router = express.Router(); -router.get('/status', async function(req: Request, res: Response) { - res.json({user: req.user}) +router.get('/status', checkAuthorized, async function(req: Request, res: Response) { + res.json({user: req.user}); }); export default router; \ No newline at end of file