enforced authentication for APIs, vite .env configuration for auth & jobs

2025-06-22 15:35:03 +00:00 · 2024-05-30 01:03:15 +02:00 · 2024-05-30 01:03:15 +02:00 · fc3e2adc82
commit fc3e2adc82
parent c19bc8d07a
8 changed files with 48 additions and 29 deletions
--- a/server-node/.env
+++ b/server-node/.env
@ -1,7 +1,7 @@
-JOBS_ENABLED=True
-JOBS_DIR="./jobs"
+VITE_JOBS_ENABLED=True
+VITE_JOBS_DIR="./jobs"

-AUTH_ENABLED=True
-AUTH_SESSION_SECRET="default-secret"
+VITE_AUTH_ENABLED=True
+VITE_AUTH_SESSION_SECRET="default-secret"

-SEQUELIZE_LOGGING=False
+VITE_SEQUELIZE_LOGGING=False
--- a/server-node/declarations/ProcessEnv.d.ts
+++ b/server-node/declarations/ProcessEnv.d.ts
@ -0,0 +1,9 @@
+declare namespace NodeJS {
+    export interface ProcessEnv {
+        JOBS_ENABLED: "True" | "False",
+        JOBS_DIR: string,
+        AUTH_ENABLED: "True" | "False",
+        AUTH_SESSION_SECRET: string,
+        SEQUELIZE_LOGGING:  "True" | "False"
+    }
+}
--- a/server-node/src/auth/auth-controller.ts.ts
+++ b/server-node/src/auth/auth-controller.ts.ts
@ -6,7 +6,7 @@ import { Express } from "express";

 export function connect(app: Express) {
    app.use(session({
-        secret: process.env.SESSION_SECRET || "default-secret",
+        secret: import.meta.env.VITE_SESSION_SECRET || "default-secret",
        resave: false,
        saveUninitialized: false
    }));
--- a/server-node/src/data/sequelize-relations.ts
+++ b/server-node/src/data/sequelize-relations.ts
@ -1,10 +1,8 @@
-import 'dotenv/config';
-
 import { Sequelize, DataTypes } from "sequelize";

 //TODO: Make this configurable
 const sequelize = new Sequelize("sqlite::memory:", {
-    logging: process.env.SEQUELIZE_LOGGING === "True" ? console.log : false
+    logging: import.meta.env.VITE_SEQUELIZE_LOGGING === "True" ? console.log : false
 });

 import { User, AccessRule, APIKey, Password } from "../auth/user/user-model";
--- a/server-node/src/index.ts
+++ b/server-node/src/index.ts
@ -1,5 +1,3 @@
-import 'dotenv/config';
-
 /*
 * translation
 */
@ -27,14 +25,14 @@ console.log("Available Modules: ", listOperatorNames());
 * jobs
 */

-if(process.env.JOBS_ENABLED === "True")
+if(import.meta.env.VITE_JOBS_ENABLED === "True")
    import("./jobs/jobs-controller");

 /**
 * database
 */

-if(process.env.AUTH_ENABLED === "True")
+if(import.meta.env.VITE_AUTH_ENABLED === "True")
    import("./data/sequelize-relations");

 /*
@ -45,22 +43,29 @@ import express from "express";
 const app = express();
 const PORT = 8000;

-/*
- * auth
-*/
-
-if(process.env.AUTH_ENABLED === "True")
-    import("./auth/auth-controller.ts").then(router => router.connect(app));
-
-/*
- * api
-*/
-
 import api from "./routes/api/api-controller";
-app.use("/api", api);
+
+/*
+* auth
+*/
+
+console.log(import.meta.env)
+
+if(import.meta.env.VITE_AUTH_ENABLED === "True") {
+    import("./auth/auth-controller.ts").then(router => router.connect(app)).finally(() => {
+        /*
+        * api
+        */
+
+        app.use("/api", api);
+    });
+}
+else {
+    app.use("/api", api);
+}

 // viteNode
-if (import.meta.env.PROD) {
+if (import.meta.env.VITE_PROD) {
    app.listen(PORT, () => {
        console.log(`http://localhost:${PORT}`);
    });
--- a/server-node/src/jobs/jobs-controller.ts
+++ b/server-node/src/jobs/jobs-controller.ts
@ -1,11 +1,10 @@
 import { traverseOperations } from '@stirling-pdf/shared-operations/src/workflow/traverseOperations';
 import { PdfFile, RepresentationType } from '@stirling-pdf/shared-operations/src/wrappers/PdfFile';
-import 'dotenv/config';
 import fs from 'fs';
 import path from "path";
 import toml from 'toml';

-const jobsDir = process.env.JOBS_DIR;
+const jobsDir = import.meta.env.VITE_JOBS_DIR;

 // TODO: Also remove watched folders
 const watchedFolders: { 
--- a/server-node/src/routes/api/api-controller.ts
+++ b/server-node/src/routes/api/api-controller.ts
@ -5,6 +5,15 @@ import dynamicOperations from "./dynamic-operations-controller";

 const router = express.Router();

+router.use((req, res, next) => {
+    console.log(import.meta.env.VITE_AUTH_ENABLED);
+    if(import.meta.env.VITE_AUTH_ENABLED === "False" || req.user) {
+        next();
+        return;
+    }
+    res.status(403).json({"Error": "Authentication failed."});
+});
+
 router.get("/", (req: Request, res: Response) => {
    // TODO: Implement root api endpoint
    res.status(501).json({"Error": "Unfinished Endpoint. This sould probably send some api docs?"});
--- a/server-node/src/routes/api/dynamic-operations-controller.ts
+++ b/server-node/src/routes/api/dynamic-operations-controller.ts
@ -3,7 +3,6 @@ const router = express.Router();
 import multer from "multer";
 const upload = multer();
 import { getOperatorByName } from "@stirling-pdf/shared-operations/src/workflow/operatorAccessor";
-import { Operator } from "@stirling-pdf/shared-operations/src/functions";

 import { PdfFile } from "@stirling-pdf/shared-operations/src/wrappers/PdfFile";
 import { respondWithPdfFiles } from "../../utils/response-utils";