From 331360098fff99e200ad9ac41d767b769227270a Mon Sep 17 00:00:00 2001 From: Felix Kaspar Date: Mon, 27 May 2024 20:36:38 +0200 Subject: [PATCH] passport user auth with session, bearer api-key --- package-lock.json | 10 ++++++++ server-node/package.json | 1 + server-node/src/auth/passport-config.ts | 24 +++++++++++++++++--- server-node/src/auth/user/user-controller.ts | 2 +- server-node/src/index.ts | 4 +++- 5 files changed, 36 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 4eaeb719a..8c8ddc296 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7364,6 +7364,15 @@ "url": "https://github.com/sponsors/jaredhanson" } }, + "node_modules/passport-headerapikey": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/passport-headerapikey/-/passport-headerapikey-1.2.2.tgz", + "integrity": "sha512-4BvVJRrWsNJPrd3UoZfcnnl4zvUWYKEtfYkoDsaOKBsrWHYmzTApCjs7qUbncOLexE9ul0IRiYBFfBG0y9IVQA==", + "dependencies": { + "lodash": "^4.17.15", + "passport-strategy": "^1.0.0" + } + }, "node_modules/passport-local": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/passport-local/-/passport-local-1.0.0.tgz", @@ -10250,6 +10259,7 @@ "jsqr": "^1.4.0", "multer": "^1.4.5-lts.1", "passport": "^0.7.0", + "passport-headerapikey": "^1.2.2", "passport-local": "^1.0.0", "pdf-lib": "^1.17.1", "rollup-plugin-copy": "^3.5.0", diff --git a/server-node/package.json b/server-node/package.json index a6e4a13af..c3be89363 100644 --- a/server-node/package.json +++ b/server-node/package.json @@ -36,6 +36,7 @@ "jsqr": "^1.4.0", "multer": "^1.4.5-lts.1", "passport": "^0.7.0", + "passport-headerapikey": "^1.2.2", "passport-local": "^1.0.0", "pdf-lib": "^1.17.1", "rollup-plugin-copy": "^3.5.0", diff --git a/server-node/src/auth/passport-config.ts b/server-node/src/auth/passport-config.ts index a2ddc291e..f06f1ee43 100644 --- a/server-node/src/auth/passport-config.ts +++ b/server-node/src/auth/passport-config.ts @@ -1,8 +1,10 @@ -import LocalStrategy from "passport-local"; import * as User from "./user/user-controller"; +import { Strategy as LocalStrategy} from "passport-local"; +import { HeaderAPIKeyStrategy as HeaderAPIKeyStrategy } from "passport-headerapikey"; + export function initialize(passport: typeof import("passport")) { - passport.use("local", new LocalStrategy.Strategy( + passport.use("local", new LocalStrategy( function(username, password, done) { User.findOne({ username: username }, function (err, user) { if (err) { @@ -19,8 +21,24 @@ export function initialize(passport: typeof import("passport")) { } )); + passport.use(new HeaderAPIKeyStrategy( + { header: 'Authorization', prefix: 'Bearer ' }, + false, + function(apikey, done) { + User.findOne({ apikey: apikey }, function (err, user) { + if (err) { + return done(err); + } + if (!user) { + return done(null, false); + } + return done(null, user); + }); + } + )); + passport.serializeUser((user, done) => { - done(null, user.id) + done(null, user.id) //TODO: Extend Express.User to include id wich is set by passport }); passport.deserializeUser((id: number, done) => { diff --git a/server-node/src/auth/user/user-controller.ts b/server-node/src/auth/user/user-controller.ts index 3e09650a4..7b83500a0 100644 --- a/server-node/src/auth/user/user-controller.ts +++ b/server-node/src/auth/user/user-controller.ts @@ -1,6 +1,6 @@ import { User } from "./user-model"; -export function findOne(params: {id?: number, username?: string}, cb: (err: Error | null, user: User) => void): undefined { +export function findOne(params: {id?: number, username?: string, apikey?: string}, cb: (err: Error | null, user: User) => void): undefined { //TODO: replace with db connection. cb(null, { id: 1, diff --git a/server-node/src/index.ts b/server-node/src/index.ts index 2b7ac0e04..ff74c6d9d 100644 --- a/server-node/src/index.ts +++ b/server-node/src/index.ts @@ -51,7 +51,9 @@ app.use(session({ })); app.use(passport.initialize()); -app.use(passport.session()); +app.use(passport.authenticate(['headerapikey', 'session'], { + session: false, // Only set a session on the login request. +})); initialize(passport);