mirror of
https://github.com/Unleash/unleash.git
synced 2025-02-14 00:19:16 +01:00
53354224fc
Upgrades biome to 1.6.1, and updates husky pre-commit hook. Most changes here are making type imports explicit.
43 lines
1.5 KiB
TypeScript
43 lines
1.5 KiB
TypeScript
import type { IAuthRequest } from '../routes/unleash-types';
|
|
import type { NextFunction, Response } from 'express';
|
|
import type { LogProvider } from '../logger';
|
|
import { AuthenticationRequired } from '../server-impl';
|
|
import UnauthorizedError from '../error/unauthorized-error';
|
|
|
|
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
|
|
const authorizationMiddleware = (
|
|
getLogger: LogProvider,
|
|
baseUriPath: string,
|
|
): any => {
|
|
const logger = getLogger('/middleware/authorization-middleware.ts');
|
|
logger.debug('Enabling Authorization middleware');
|
|
|
|
return async (req: IAuthRequest, res: Response, next: NextFunction) => {
|
|
if (req.session?.user) {
|
|
req.user = req.session.user;
|
|
return next();
|
|
}
|
|
if (req.user) {
|
|
return next();
|
|
}
|
|
if (req.header('authorization')) {
|
|
// API clients should get 401 with a basic body
|
|
const error = new UnauthorizedError(
|
|
'You must log in to use Unleash.',
|
|
);
|
|
return res.status(error.statusCode).json(error);
|
|
}
|
|
|
|
const path = `${baseUriPath}/auth/simple/login`;
|
|
const error = new AuthenticationRequired({
|
|
message: `You must log in to use Unleash. Your request had no authorization header, so we could not authorize you. Try logging in at ${path}`,
|
|
type: 'password',
|
|
path,
|
|
});
|
|
|
|
return res.status(error.statusCode).json(error);
|
|
};
|
|
};
|
|
|
|
export default authorizationMiddleware;
|