Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-31 00:16:47 +01:00
Code Issues Projects Releases Wiki Activity
105747293e
unleash.unleash/src/lib/middleware/pat-middleware.ts

39 lines
1.2 KiB
TypeScript
Raw Normal View History

Personal access token middleware (#2069) * Middleware first version * Middleware tests * Add tests * Finish middleware tests * Add type for request * Add flagresolver * Fix snapshot * Update flags and tests * Put it back as default * Update snapshot
2022-09-28 15:53:56 +02:00
import { IUnleashConfig } from '../types';
import { IAuthRequest } from '../routes/unleash-types';
fix: log missing user at warn level (#3735) When using PATs if the user that the PAT is for has been removed, we currently log the missing user at ERROR level. Since this is not something our SREs can fix, this PR downgrades the NotFoundError to WARN, instead of ERROR.
2023-05-10 13:31:42 +02:00
import NotFoundError from '../error/notfound-error';
Personal access token middleware (#2069) * Middleware first version * Middleware tests * Add tests * Finish middleware tests * Add type for request * Add flagresolver * Fix snapshot * Update flags and tests * Put it back as default * Update snapshot
2022-09-28 15:53:56 +02:00
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
const patMiddleware = (
refactor: remove PAT experimental flag (#2299)
2022-10-31 10:38:30 +01:00
{ getLogger }: Pick<IUnleashConfig, 'getLogger'>,
feat: add the account abstraction logic (#2918) https://linear.app/unleash/issue/2-579/improve-user-like-behaviour-for-service-accounts-accounts-concept Builds on top of https://github.com/Unleash/unleash/pull/2917 by moving the responsibility of handling both account types from `users` to `accounts`. Ideally: - `users` - Should only handle users; - `service-accounts` - Should only handle service accounts; - `accounts` - Should handle any type of account; This should hopefully also provide a good building block in case we later decide to refactor this further down the `accounts` path.
2023-01-18 17:08:07 +01:00
{ accountService }: any,
Personal access token middleware (#2069) * Middleware first version * Middleware tests * Add tests * Finish middleware tests * Add type for request * Add flagresolver * Fix snapshot * Update flags and tests * Put it back as default * Update snapshot
2022-09-28 15:53:56 +02:00
): any => {
const logger = getLogger('/middleware/pat-middleware.ts');
logger.debug('Enabling PAT middleware');
return async (req: IAuthRequest, res, next) => {
try {
const apiToken = req.header('authorization');
if (apiToken?.startsWith('user:')) {
feat: add the account abstraction logic (#2918) https://linear.app/unleash/issue/2-579/improve-user-like-behaviour-for-service-accounts-accounts-concept Builds on top of https://github.com/Unleash/unleash/pull/2917 by moving the responsibility of handling both account types from `users` to `accounts`. Ideally: - `users` - Should only handle users; - `service-accounts` - Should only handle service accounts; - `accounts` - Should handle any type of account; This should hopefully also provide a good building block in case we later decide to refactor this further down the `accounts` path.
2023-01-18 17:08:07 +01:00
const user =
await accountService.getAccountByPersonalAccessToken(
apiToken,
);
Personal access token middleware (#2069) * Middleware first version * Middleware tests * Add tests * Finish middleware tests * Add type for request * Add flagresolver * Fix snapshot * Update flags and tests * Put it back as default * Update snapshot
2022-09-28 15:53:56 +02:00
req.user = user;
feat: add the account abstraction logic (#2918) https://linear.app/unleash/issue/2-579/improve-user-like-behaviour-for-service-accounts-accounts-concept Builds on top of https://github.com/Unleash/unleash/pull/2917 by moving the responsibility of handling both account types from `users` to `accounts`. Ideally: - `users` - Should only handle users; - `service-accounts` - Should only handle service accounts; - `accounts` - Should handle any type of account; This should hopefully also provide a good building block in case we later decide to refactor this further down the `accounts` path.
2023-01-18 17:08:07 +01:00
accountService.addPATSeen(apiToken);
Personal access token middleware (#2069) * Middleware first version * Middleware tests * Add tests * Finish middleware tests * Add type for request * Add flagresolver * Fix snapshot * Update flags and tests * Put it back as default * Update snapshot
2022-09-28 15:53:56 +02:00
}
} catch (error) {
fix: log missing user at warn level (#3735) When using PATs if the user that the PAT is for has been removed, we currently log the missing user at ERROR level. Since this is not something our SREs can fix, this PR downgrades the NotFoundError to WARN, instead of ERROR.
2023-05-10 13:31:42 +02:00
if (error instanceof NotFoundError) {
logger.warn(
'Tried to use a PAT token for user that no longer existed',
error,
);
} else {
logger.error(error);
}
Personal access token middleware (#2069) * Middleware first version * Middleware tests * Add tests * Finish middleware tests * Add type for request * Add flagresolver * Fix snapshot * Update flags and tests * Put it back as default * Update snapshot
2022-09-28 15:53:56 +02:00
}
next();
};
};
export default patMiddleware;
Reference in New Issue Copy Permalink