unleash.unleash/src/lib/middleware/api-token-middleware.ts

/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
import { ApiTokenType } from '../types/models/api-token';
import { IUnleashConfig } from '../types/option';

const isClientApi = ({ path }) => {
    return path && path.startsWith('/api/client');
};

export const TOKEN_TYPE_ERROR_MESSAGE =
    'invalid token: expected an admin token but got a client token instead';

const apiAccessMiddleware = (
    {
        getLogger,
        authentication,
    }: Pick<IUnleashConfig, 'getLogger' | 'authentication'>,
    { apiTokenService }: any,
): any => {
    const logger = getLogger('/middleware/api-token.ts');
    logger.debug('Enabling api-token middleware');

    if (!authentication.enableApiToken) {
        return (req, res, next) => next();
    }

    return (req, res, next) => {
        if (req.user) {
            return next();
        }

        try {
            const apiToken = req.header('authorization');
            const apiUser = apiTokenService.getUserForToken(apiToken);

            if (apiUser) {
                if (apiUser.type === ApiTokenType.CLIENT && !isClientApi(req)) {
                    res.status(403).send({ message: TOKEN_TYPE_ERROR_MESSAGE });
                    return;
                }
                req.user = apiUser;
            }
        } catch (error) {
            logger.error(error);
        }

        next();
    };
};

export default apiAccessMiddleware;
Feat: Api-Tokens (#774) fixes: #774 2021-03-29 19:58:11 +02:00			`/* eslint-disable @typescript-eslint/explicit-module-boundary-types */`
Feat/api key scoping (#941) Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai> 2021-09-15 20:28:10 +02:00			`import { ApiTokenType } from '../types/models/api-token';`
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`import { IUnleashConfig } from '../types/option';`
Feat: Api-Tokens (#774) fixes: #774 2021-03-29 19:58:11 +02:00
Feat/api key scoping (#941) Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai> 2021-09-15 20:28:10 +02:00			`const isClientApi = ({ path }) => {`
			`return path && path.startsWith('/api/client');`
			`};`

refactor: improve token type error message (#1709) 2022-06-17 09:00:13 +02:00			`export const TOKEN_TYPE_ERROR_MESSAGE =`
			`'invalid token: expected an admin token but got a client token instead';`

Feat: Api-Tokens (#774) fixes: #774 2021-03-29 19:58:11 +02:00			`const apiAccessMiddleware = (`
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`{`
			`getLogger,`
			`authentication,`
			`}: Pick<IUnleashConfig, 'getLogger' \| 'authentication'>,`
Feat: Api-Tokens (#774) fixes: #774 2021-03-29 19:58:11 +02:00			`{ apiTokenService }: any,`
			`): any => {`
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`const logger = getLogger('/middleware/api-token.ts');`
Feat/api key scoping (#941) Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai> 2021-09-15 20:28:10 +02:00			`logger.debug('Enabling api-token middleware');`
Feat: Api-Tokens (#774) fixes: #774 2021-03-29 19:58:11 +02:00
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`if (!authentication.enableApiToken) {`
Feat: Api-Tokens (#774) fixes: #774 2021-03-29 19:58:11 +02:00			`return (req, res, next) => next();`
			`}`

			`return (req, res, next) => {`
Feat/api key scoping (#941) Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai> 2021-09-15 20:28:10 +02:00			`if (req.user) {`
Feat: Api-Tokens (#774) fixes: #774 2021-03-29 19:58:11 +02:00			`return next();`
			`}`

			`try {`
fix: User should require a ID field set (#799) 2021-04-22 23:40:52 +02:00			`const apiToken = req.header('authorization');`
			`const apiUser = apiTokenService.getUserForToken(apiToken);`
refactor: improve token type error message (#1709) 2022-06-17 09:00:13 +02:00
fix: User should require a ID field set (#799) 2021-04-22 23:40:52 +02:00			`if (apiUser) {`
Feat/api key scoping (#941) Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai> 2021-09-15 20:28:10 +02:00			`if (apiUser.type === ApiTokenType.CLIENT && !isClientApi(req)) {`
refactor: improve token type error message (#1709) 2022-06-17 09:00:13 +02:00			`res.status(403).send({ message: TOKEN_TYPE_ERROR_MESSAGE });`
			`return;`
Feat/api key scoping (#941) Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai> 2021-09-15 20:28:10 +02:00			`}`
fix: User should require a ID field set (#799) 2021-04-22 23:40:52 +02:00			`req.user = apiUser;`
Feat: Api-Tokens (#774) fixes: #774 2021-03-29 19:58:11 +02:00			`}`
			`} catch (error) {`
			`logger.error(error);`
			`}`

refactor: improve token type error message (#1709) 2022-06-17 09:00:13 +02:00			`next();`
Feat: Api-Tokens (#774) fixes: #774 2021-03-29 19:58:11 +02:00			`};`
			`};`

			`export default apiAccessMiddleware;`