From fc3e2adc8279af2397e4b3a5fa96c5c4b5098094 Mon Sep 17 00:00:00 2001 From: Felix Kaspar Date: Thu, 30 May 2024 01:03:15 +0200 Subject: [PATCH] enforced authentication for APIs, vite .env configuration for auth & jobs --- server-node/.env | 10 ++--- server-node/declarations/ProcessEnv.d.ts | 9 +++++ server-node/src/auth/auth-controller.ts.ts | 2 +- server-node/src/data/sequelize-relations.ts | 4 +- server-node/src/index.ts | 39 +++++++++++-------- server-node/src/jobs/jobs-controller.ts | 3 +- server-node/src/routes/api/api-controller.ts | 9 +++++ .../api/dynamic-operations-controller.ts | 1 - 8 files changed, 48 insertions(+), 29 deletions(-) create mode 100644 server-node/declarations/ProcessEnv.d.ts diff --git a/server-node/.env b/server-node/.env index 91f8fbf67..47d4009f1 100644 --- a/server-node/.env +++ b/server-node/.env @@ -1,7 +1,7 @@ -JOBS_ENABLED=True -JOBS_DIR="./jobs" +VITE_JOBS_ENABLED=True +VITE_JOBS_DIR="./jobs" -AUTH_ENABLED=True -AUTH_SESSION_SECRET="default-secret" +VITE_AUTH_ENABLED=True +VITE_AUTH_SESSION_SECRET="default-secret" -SEQUELIZE_LOGGING=False \ No newline at end of file +VITE_SEQUELIZE_LOGGING=False \ No newline at end of file diff --git a/server-node/declarations/ProcessEnv.d.ts b/server-node/declarations/ProcessEnv.d.ts new file mode 100644 index 000000000..119b1e42a --- /dev/null +++ b/server-node/declarations/ProcessEnv.d.ts @@ -0,0 +1,9 @@ +declare namespace NodeJS { + export interface ProcessEnv { + JOBS_ENABLED: "True" | "False", + JOBS_DIR: string, + AUTH_ENABLED: "True" | "False", + AUTH_SESSION_SECRET: string, + SEQUELIZE_LOGGING: "True" | "False" + } +} \ No newline at end of file diff --git a/server-node/src/auth/auth-controller.ts.ts b/server-node/src/auth/auth-controller.ts.ts index 2f0b2af40..20101c224 100644 --- a/server-node/src/auth/auth-controller.ts.ts +++ b/server-node/src/auth/auth-controller.ts.ts @@ -6,7 +6,7 @@ import { Express } from "express"; export function connect(app: Express) { app.use(session({ - secret: process.env.SESSION_SECRET || "default-secret", + secret: import.meta.env.VITE_SESSION_SECRET || "default-secret", resave: false, saveUninitialized: false })); diff --git a/server-node/src/data/sequelize-relations.ts b/server-node/src/data/sequelize-relations.ts index c2dd59953..a0a53c7df 100644 --- a/server-node/src/data/sequelize-relations.ts +++ b/server-node/src/data/sequelize-relations.ts @@ -1,10 +1,8 @@ -import 'dotenv/config'; - import { Sequelize, DataTypes } from "sequelize"; //TODO: Make this configurable const sequelize = new Sequelize("sqlite::memory:", { - logging: process.env.SEQUELIZE_LOGGING === "True" ? console.log : false + logging: import.meta.env.VITE_SEQUELIZE_LOGGING === "True" ? console.log : false }); import { User, AccessRule, APIKey, Password } from "../auth/user/user-model"; diff --git a/server-node/src/index.ts b/server-node/src/index.ts index 6887517da..c63688311 100644 --- a/server-node/src/index.ts +++ b/server-node/src/index.ts @@ -1,5 +1,3 @@ -import 'dotenv/config'; - /* * translation */ @@ -27,14 +25,14 @@ console.log("Available Modules: ", listOperatorNames()); * jobs */ -if(process.env.JOBS_ENABLED === "True") +if(import.meta.env.VITE_JOBS_ENABLED === "True") import("./jobs/jobs-controller"); /** * database */ -if(process.env.AUTH_ENABLED === "True") +if(import.meta.env.VITE_AUTH_ENABLED === "True") import("./data/sequelize-relations"); /* @@ -45,22 +43,29 @@ import express from "express"; const app = express(); const PORT = 8000; -/* - * auth -*/ - -if(process.env.AUTH_ENABLED === "True") - import("./auth/auth-controller.ts").then(router => router.connect(app)); - -/* - * api -*/ - import api from "./routes/api/api-controller"; -app.use("/api", api); + +/* +* auth +*/ + +console.log(import.meta.env) + +if(import.meta.env.VITE_AUTH_ENABLED === "True") { + import("./auth/auth-controller.ts").then(router => router.connect(app)).finally(() => { + /* + * api + */ + + app.use("/api", api); + }); +} +else { + app.use("/api", api); +} // viteNode -if (import.meta.env.PROD) { +if (import.meta.env.VITE_PROD) { app.listen(PORT, () => { console.log(`http://localhost:${PORT}`); }); diff --git a/server-node/src/jobs/jobs-controller.ts b/server-node/src/jobs/jobs-controller.ts index 958ca200f..16a66f14d 100644 --- a/server-node/src/jobs/jobs-controller.ts +++ b/server-node/src/jobs/jobs-controller.ts @@ -1,11 +1,10 @@ import { traverseOperations } from '@stirling-pdf/shared-operations/src/workflow/traverseOperations'; import { PdfFile, RepresentationType } from '@stirling-pdf/shared-operations/src/wrappers/PdfFile'; -import 'dotenv/config'; import fs from 'fs'; import path from "path"; import toml from 'toml'; -const jobsDir = process.env.JOBS_DIR; +const jobsDir = import.meta.env.VITE_JOBS_DIR; // TODO: Also remove watched folders const watchedFolders: { diff --git a/server-node/src/routes/api/api-controller.ts b/server-node/src/routes/api/api-controller.ts index 44589dd25..f865c25c2 100644 --- a/server-node/src/routes/api/api-controller.ts +++ b/server-node/src/routes/api/api-controller.ts @@ -5,6 +5,15 @@ import dynamicOperations from "./dynamic-operations-controller"; const router = express.Router(); +router.use((req, res, next) => { + console.log(import.meta.env.VITE_AUTH_ENABLED); + if(import.meta.env.VITE_AUTH_ENABLED === "False" || req.user) { + next(); + return; + } + res.status(403).json({"Error": "Authentication failed."}); +}); + router.get("/", (req: Request, res: Response) => { // TODO: Implement root api endpoint res.status(501).json({"Error": "Unfinished Endpoint. This sould probably send some api docs?"}); diff --git a/server-node/src/routes/api/dynamic-operations-controller.ts b/server-node/src/routes/api/dynamic-operations-controller.ts index afd79182e..a8e04dbac 100644 --- a/server-node/src/routes/api/dynamic-operations-controller.ts +++ b/server-node/src/routes/api/dynamic-operations-controller.ts @@ -3,7 +3,6 @@ const router = express.Router(); import multer from "multer"; const upload = multer(); import { getOperatorByName } from "@stirling-pdf/shared-operations/src/workflow/operatorAccessor"; -import { Operator } from "@stirling-pdf/shared-operations/src/functions"; import { PdfFile } from "@stirling-pdf/shared-operations/src/wrappers/PdfFile"; import { respondWithPdfFiles } from "../../utils/response-utils";