aboutsummaryrefslogtreecommitdiffstats
path: root/app/Middleware
diff options
context:
space:
mode:
Diffstat (limited to 'app/Middleware')
-rw-r--r--app/Middleware/AllowGuestOnly.ts31
-rw-r--r--app/Middleware/Auth.ts57
-rw-r--r--app/Middleware/Dashboard.ts10
-rw-r--r--app/Middleware/SilentAuth.ts6
4 files changed, 55 insertions, 49 deletions
diff --git a/app/Middleware/AllowGuestOnly.ts b/app/Middleware/AllowGuestOnly.ts
index 5ef5c34..75bf269 100644
--- a/app/Middleware/AllowGuestOnly.ts
+++ b/app/Middleware/AllowGuestOnly.ts
@@ -1,6 +1,6 @@
1import { GuardsList } from '@ioc:Adonis/Addons/Auth' 1import { GuardsList } from '@ioc:Adonis/Addons/Auth';
2import { HttpContext } from '@adonisjs/core/http' 2import { HttpContext } from '@adonisjs/core/http';
3import { AuthenticationException } from '@adonisjs/auth/build/standalone' 3import { AuthenticationException } from '@adonisjs/auth/build/standalone';
4 4
5/** 5/**
6 * This is actually a reverted a reverted auth middleware available in ./Auth.ts 6 * This is actually a reverted a reverted auth middleware available in ./Auth.ts
@@ -10,24 +10,27 @@ export default class GuestMiddleware {
10 /** 10 /**
11 * The URL to redirect to when request is authorized 11 * The URL to redirect to when request is authorized
12 */ 12 */
13 protected redirectTo = '/dashboard' 13 protected redirectTo = '/dashboard';
14 14
15 protected async authenticate(auth: HttpContext['auth'], guards: (keyof GuardsList)[]) { 15 protected async authenticate(
16 let guardLastAttempted: string | undefined 16 auth: HttpContext['auth'],
17 guards: (keyof GuardsList)[],
18 ) {
19 let guardLastAttempted: string | undefined;
17 20
18 for (const guard of guards) { 21 for (const guard of guards) {
19 guardLastAttempted = guard 22 guardLastAttempted = guard;
20 23
21 // eslint-disable-next-line no-await-in-loop 24 // eslint-disable-next-line no-await-in-loop
22 if (await auth.use(guard).check()) { 25 if (await auth.use(guard).check()) {
23 auth.defaultGuard = guard 26 auth.defaultGuard = guard;
24 27
25 throw new AuthenticationException( 28 throw new AuthenticationException(
26 'Unauthorized access', 29 'Unauthorized access',
27 'E_UNAUTHORIZED_ACCESS', 30 'E_UNAUTHORIZED_ACCESS',
28 guardLastAttempted, 31 guardLastAttempted,
29 this.redirectTo 32 this.redirectTo,
30 ) 33 );
31 } 34 }
32 } 35 }
33 } 36 }
@@ -38,16 +41,16 @@ export default class GuestMiddleware {
38 public async handle( 41 public async handle(
39 { auth }: HttpContext, 42 { auth }: HttpContext,
40 next: () => Promise<void>, 43 next: () => Promise<void>,
41 customGuards: (keyof GuardsList)[] 44 customGuards: (keyof GuardsList)[],
42 ) { 45 ) {
43 /** 46 /**
44 * Uses the user defined guards or the default guard mentioned in 47 * Uses the user defined guards or the default guard mentioned in
45 * the config file 48 * the config file
46 */ 49 */
47 const guards = customGuards.length > 0 ? customGuards : [auth.name] 50 const guards = customGuards.length > 0 ? customGuards : [auth.name];
48 51
49 await this.authenticate(auth, guards) 52 await this.authenticate(auth, guards);
50 53
51 await next() 54 await next();
52 } 55 }
53} 56}
diff --git a/app/Middleware/Auth.ts b/app/Middleware/Auth.ts
index 29620bb..b6ff446 100644
--- a/app/Middleware/Auth.ts
+++ b/app/Middleware/Auth.ts
@@ -1,9 +1,9 @@
1import { GuardsList } from '@ioc:Adonis/Addons/Auth' 1import { GuardsList } from '@ioc:Adonis/Addons/Auth';
2import { HttpContext } from '@adonisjs/core/http' 2import { HttpContext } from '@adonisjs/core/http';
3import { AuthenticationException } from '@adonisjs/auth/build/standalone' 3import { AuthenticationException } from '@adonisjs/auth/build/standalone';
4import * as jose from 'jose' 4import * as jose from 'jose';
5import { appKey } from '#config/app' 5import { appKey } from '#config/app';
6import User from '#app/Models/User' 6import User from '#app/Models/User';
7 7
8/** 8/**
9 * Auth middleware is meant to restrict un-authenticated access to a given route 9 * Auth middleware is meant to restrict un-authenticated access to a given route
@@ -16,7 +16,7 @@ export default class AuthMiddleware {
16 /** 16 /**
17 * The URL to redirect to when request is Unauthorized 17 * The URL to redirect to when request is Unauthorized
18 */ 18 */
19 protected redirectTo = '/user/login' 19 protected redirectTo = '/user/login';
20 20
21 /** 21 /**
22 * Authenticates the current HTTP request against a custom set of defined 22 * Authenticates the current HTTP request against a custom set of defined
@@ -29,7 +29,7 @@ export default class AuthMiddleware {
29 protected async authenticate( 29 protected async authenticate(
30 auth: HttpContext['auth'], 30 auth: HttpContext['auth'],
31 guards: (keyof GuardsList)[], 31 guards: (keyof GuardsList)[],
32 request: HttpContext['request'] 32 request: HttpContext['request'],
33 ) { 33 ) {
34 /** 34 /**
35 * Hold reference to the guard last attempted within the for loop. We pass 35 * Hold reference to the guard last attempted within the for loop. We pass
@@ -37,15 +37,15 @@ export default class AuthMiddleware {
37 * it can decide the correct response behavior based upon the guard 37 * it can decide the correct response behavior based upon the guard
38 * driver 38 * driver
39 */ 39 */
40 let guardLastAttempted: string | undefined 40 let guardLastAttempted: string | undefined;
41 41
42 for (const guard of guards) { 42 for (const guard of guards) {
43 guardLastAttempted = guard 43 guardLastAttempted = guard;
44 44
45 let isLoggedIn = false 45 let isLoggedIn = false;
46 try { 46 try {
47 // eslint-disable-next-line no-await-in-loop 47 // eslint-disable-next-line no-await-in-loop
48 isLoggedIn = await auth.use(guard).check() 48 isLoggedIn = await auth.use(guard).check();
49 } catch { 49 } catch {
50 // Silent fail to allow the rest of the code to handle the error 50 // Silent fail to allow the rest of the code to handle the error
51 } 51 }
@@ -56,22 +56,25 @@ export default class AuthMiddleware {
56 * the rest of the request, since the user authenticated 56 * the rest of the request, since the user authenticated
57 * succeeded here 57 * succeeded here
58 */ 58 */
59 auth.defaultGuard = guard 59 auth.defaultGuard = guard;
60 return 60 return;
61 } 61 }
62 } 62 }
63 63
64 // Manually try authenticating using the JWT (verfiy signature required) 64 // Manually try authenticating using the JWT (verfiy signature required)
65 // Legacy support for JWTs so that the client still works (older than 2.0.0) 65 // Legacy support for JWTs so that the client still works (older than 2.0.0)
66 const authToken = request.headers().authorization?.split(' ')[1] 66 const authToken = request.headers().authorization?.split(' ')[1];
67 if (authToken) { 67 if (authToken) {
68 try { 68 try {
69 const jwt = await jose.jwtVerify(authToken, new TextEncoder().encode(appKey)) 69 const jwt = await jose.jwtVerify(
70 const { uid } = jwt.payload 70 authToken,
71 new TextEncoder().encode(appKey),
72 );
73 const { uid } = jwt.payload;
71 74
72 // @ts-expect-error 75 // @ts-expect-error
73 request.user = await User.findOrFail(uid) 76 request.user = await User.findOrFail(uid);
74 return 77 return;
75 } catch { 78 } catch {
76 // Silent fail to allow the rest of the code to handle the error 79 // Silent fail to allow the rest of the code to handle the error
77 } 80 }
@@ -84,8 +87,8 @@ export default class AuthMiddleware {
84 'Unauthorized access', 87 'Unauthorized access',
85 'E_UNAUTHORIZED_ACCESS', 88 'E_UNAUTHORIZED_ACCESS',
86 guardLastAttempted, 89 guardLastAttempted,
87 this.redirectTo 90 this.redirectTo,
88 ) 91 );
89 } 92 }
90 93
91 /** 94 /**
@@ -94,22 +97,22 @@ export default class AuthMiddleware {
94 public async handle( 97 public async handle(
95 { request, auth, response }: HttpContext, 98 { request, auth, response }: HttpContext,
96 next: () => Promise<void>, 99 next: () => Promise<void>,
97 customGuards: (keyof GuardsList)[] 100 customGuards: (keyof GuardsList)[],
98 ) { 101 ) {
99 /** 102 /**
100 * Uses the user defined guards or the default guard mentioned in 103 * Uses the user defined guards or the default guard mentioned in
101 * the config file 104 * the config file
102 */ 105 */
103 const guards = customGuards.length > 0 ? customGuards : [auth.name] 106 const guards = customGuards.length > 0 ? customGuards : [auth.name];
104 try { 107 try {
105 await this.authenticate(auth, guards, request) 108 await this.authenticate(auth, guards, request);
106 } catch (error) { 109 } catch (error) {
107 // If the user is not authenticated and it is a web endpoint, redirect to the login page 110 // If the user is not authenticated and it is a web endpoint, redirect to the login page
108 if (guards.includes('web')) { 111 if (guards.includes('web')) {
109 return response.redirect(error.redirectTo) 112 return response.redirect(error.redirectTo);
110 } 113 }
111 throw error 114 throw error;
112 } 115 }
113 await next() 116 await next();
114 } 117 }
115} 118}
diff --git a/app/Middleware/Dashboard.ts b/app/Middleware/Dashboard.ts
index f29794c..19c8cfc 100644
--- a/app/Middleware/Dashboard.ts
+++ b/app/Middleware/Dashboard.ts
@@ -1,14 +1,14 @@
1import type { HttpContext } from '@adonisjs/core/http' 1import type { HttpContext } from '@adonisjs/core/http';
2import { Config } from '@adonisjs/core/config' 2import { Config } from '@adonisjs/core/config';
3 3
4export default class Dashboard { 4export default class Dashboard {
5 public async handle({ response }: HttpContext, next: () => Promise<void>) { 5 public async handle({ response }: HttpContext, next: () => Promise<void>) {
6 if (Config.get('dashboard.enabled') === false) { 6 if (Config.get('dashboard.enabled') === false) {
7 response.send( 7 response.send(
8 'The user dashboard is disabled on this server\n\nIf you are the server owner, please set IS_DASHBOARD_ENABLED to true to enable the dashboard.' 8 'The user dashboard is disabled on this server\n\nIf you are the server owner, please set IS_DASHBOARD_ENABLED to true to enable the dashboard.',
9 ) 9 );
10 } else { 10 } else {
11 await next() 11 await next();
12 } 12 }
13 } 13 }
14} 14}
diff --git a/app/Middleware/SilentAuth.ts b/app/Middleware/SilentAuth.ts
index a7271d5..6ff7423 100644
--- a/app/Middleware/SilentAuth.ts
+++ b/app/Middleware/SilentAuth.ts
@@ -1,4 +1,4 @@
1import { HttpContext } from '@adonisjs/core/http' 1import { HttpContext } from '@adonisjs/core/http';
2 2
3/** 3/**
4 * Silent auth middleware can be used as a global middleware to silent check 4 * Silent auth middleware can be used as a global middleware to silent check
@@ -15,7 +15,7 @@ export default class SilentAuthMiddleware {
15 * Check if user is logged-in or not. If yes, then `ctx.auth.user` will be 15 * Check if user is logged-in or not. If yes, then `ctx.auth.user` will be
16 * set to the instance of the currently logged in user. 16 * set to the instance of the currently logged in user.
17 */ 17 */
18 await auth.check() 18 await auth.check();
19 await next() 19 await next();
20 } 20 }
21} 21}
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-08-28 11:25:26 +0000