From 0300c85c15088e3ff2756b344a0adbd3ca235fd3 Mon Sep 17 00:00:00 2001 From: MCMXC <16797721+mcmxcdev@users.noreply.github.com> Date: Sat, 10 Feb 2024 18:19:14 -0700 Subject: refactor: project maintenance - work in progress --- app/Middleware/AllowGuestOnly.ts | 33 ++++++++++------------ app/Middleware/Auth.ts | 61 +++++++++++++++++++--------------------- app/Middleware/Dashboard.ts | 15 ++++------ app/Middleware/SilentAuth.ts | 11 +++----- 4 files changed, 54 insertions(+), 66 deletions(-) (limited to 'app/Middleware') diff --git a/app/Middleware/AllowGuestOnly.ts b/app/Middleware/AllowGuestOnly.ts index ee43571..5ef5c34 100644 --- a/app/Middleware/AllowGuestOnly.ts +++ b/app/Middleware/AllowGuestOnly.ts @@ -1,6 +1,6 @@ -import { GuardsList } from '@ioc:Adonis/Addons/Auth'; -import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext'; -import { AuthenticationException } from '@adonisjs/auth/build/standalone'; +import { GuardsList } from '@ioc:Adonis/Addons/Auth' +import { HttpContext } from '@adonisjs/core/http' +import { AuthenticationException } from '@adonisjs/auth/build/standalone' /** * This is actually a reverted a reverted auth middleware available in ./Auth.ts @@ -10,27 +10,24 @@ export default class GuestMiddleware { /** * The URL to redirect to when request is authorized */ - protected redirectTo = '/dashboard'; + protected redirectTo = '/dashboard' - protected async authenticate( - auth: HttpContextContract['auth'], - guards: (keyof GuardsList)[], - ) { - let guardLastAttempted: string | undefined; + protected async authenticate(auth: HttpContext['auth'], guards: (keyof GuardsList)[]) { + let guardLastAttempted: string | undefined for (const guard of guards) { - guardLastAttempted = guard; + guardLastAttempted = guard // eslint-disable-next-line no-await-in-loop if (await auth.use(guard).check()) { - auth.defaultGuard = guard; + auth.defaultGuard = guard throw new AuthenticationException( 'Unauthorized access', 'E_UNAUTHORIZED_ACCESS', guardLastAttempted, - this.redirectTo, - ); + this.redirectTo + ) } } } @@ -39,18 +36,18 @@ export default class GuestMiddleware { * Handle request */ public async handle( - { auth }: HttpContextContract, + { auth }: HttpContext, next: () => Promise, - customGuards: (keyof GuardsList)[], + customGuards: (keyof GuardsList)[] ) { /** * Uses the user defined guards or the default guard mentioned in * the config file */ - const guards = customGuards.length > 0 ? customGuards : [auth.name]; + const guards = customGuards.length > 0 ? customGuards : [auth.name] - await this.authenticate(auth, guards); + await this.authenticate(auth, guards) - await next(); + await next() } } diff --git a/app/Middleware/Auth.ts b/app/Middleware/Auth.ts index d0b212c..29620bb 100644 --- a/app/Middleware/Auth.ts +++ b/app/Middleware/Auth.ts @@ -1,9 +1,9 @@ -import { GuardsList } from '@ioc:Adonis/Addons/Auth'; -import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext'; -import { AuthenticationException } from '@adonisjs/auth/build/standalone'; -import * as jose from 'jose'; -import { appKey } from 'Config/app'; -import User from 'App/Models/User'; +import { GuardsList } from '@ioc:Adonis/Addons/Auth' +import { HttpContext } from '@adonisjs/core/http' +import { AuthenticationException } from '@adonisjs/auth/build/standalone' +import * as jose from 'jose' +import { appKey } from '#config/app' +import User from '#app/Models/User' /** * Auth middleware is meant to restrict un-authenticated access to a given route @@ -16,7 +16,7 @@ export default class AuthMiddleware { /** * The URL to redirect to when request is Unauthorized */ - protected redirectTo = '/user/login'; + protected redirectTo = '/user/login' /** * Authenticates the current HTTP request against a custom set of defined @@ -27,9 +27,9 @@ export default class AuthMiddleware { * during the current request. */ protected async authenticate( - auth: HttpContextContract['auth'], + auth: HttpContext['auth'], guards: (keyof GuardsList)[], - request: HttpContextContract['request'], + request: HttpContext['request'] ) { /** * Hold reference to the guard last attempted within the for loop. We pass @@ -37,15 +37,15 @@ export default class AuthMiddleware { * it can decide the correct response behavior based upon the guard * driver */ - let guardLastAttempted: string | undefined; + let guardLastAttempted: string | undefined for (const guard of guards) { - guardLastAttempted = guard; + guardLastAttempted = guard - let isLoggedIn = false; + let isLoggedIn = false try { // eslint-disable-next-line no-await-in-loop - isLoggedIn = await auth.use(guard).check(); + isLoggedIn = await auth.use(guard).check() } catch { // Silent fail to allow the rest of the code to handle the error } @@ -56,25 +56,22 @@ export default class AuthMiddleware { * the rest of the request, since the user authenticated * succeeded here */ - auth.defaultGuard = guard; - return; + auth.defaultGuard = guard + return } } // Manually try authenticating using the JWT (verfiy signature required) // Legacy support for JWTs so that the client still works (older than 2.0.0) - const authToken = request.headers().authorization?.split(' ')[1]; + const authToken = request.headers().authorization?.split(' ')[1] if (authToken) { try { - const jwt = await jose.jwtVerify( - authToken, - new TextEncoder().encode(appKey), - ); - const { uid } = jwt.payload; + const jwt = await jose.jwtVerify(authToken, new TextEncoder().encode(appKey)) + const { uid } = jwt.payload // @ts-expect-error - request.user = await User.findOrFail(uid); - return; + request.user = await User.findOrFail(uid) + return } catch { // Silent fail to allow the rest of the code to handle the error } @@ -87,32 +84,32 @@ export default class AuthMiddleware { 'Unauthorized access', 'E_UNAUTHORIZED_ACCESS', guardLastAttempted, - this.redirectTo, - ); + this.redirectTo + ) } /** * Handle request */ public async handle( - { request, auth, response }: HttpContextContract, + { request, auth, response }: HttpContext, next: () => Promise, - customGuards: (keyof GuardsList)[], + customGuards: (keyof GuardsList)[] ) { /** * Uses the user defined guards or the default guard mentioned in * the config file */ - const guards = customGuards.length > 0 ? customGuards : [auth.name]; + const guards = customGuards.length > 0 ? customGuards : [auth.name] try { - await this.authenticate(auth, guards, request); + await this.authenticate(auth, guards, request) } catch (error) { // If the user is not authenticated and it is a web endpoint, redirect to the login page if (guards.includes('web')) { - return response.redirect(error.redirectTo); + return response.redirect(error.redirectTo) } - throw error; + throw error } - await next(); + await next() } } diff --git a/app/Middleware/Dashboard.ts b/app/Middleware/Dashboard.ts index 62deea0..f29794c 100644 --- a/app/Middleware/Dashboard.ts +++ b/app/Middleware/Dashboard.ts @@ -1,17 +1,14 @@ -import type { HttpContextContract } from '@ioc:Adonis/Core/HttpContext'; -import Config from '@ioc:Adonis/Core/Config'; +import type { HttpContext } from '@adonisjs/core/http' +import { Config } from '@adonisjs/core/config' export default class Dashboard { - public async handle( - { response }: HttpContextContract, - next: () => Promise, - ) { + public async handle({ response }: HttpContext, next: () => Promise) { if (Config.get('dashboard.enabled') === false) { response.send( - 'The user dashboard is disabled on this server\n\nIf you are the server owner, please set IS_DASHBOARD_ENABLED to true to enable the dashboard.', - ); + 'The user dashboard is disabled on this server\n\nIf you are the server owner, please set IS_DASHBOARD_ENABLED to true to enable the dashboard.' + ) } else { - await next(); + await next() } } } diff --git a/app/Middleware/SilentAuth.ts b/app/Middleware/SilentAuth.ts index ee73ec4..a7271d5 100644 --- a/app/Middleware/SilentAuth.ts +++ b/app/Middleware/SilentAuth.ts @@ -1,4 +1,4 @@ -import { HttpContextContract } from '@ioc:Adonis/Core/HttpContext'; +import { HttpContext } from '@adonisjs/core/http' /** * Silent auth middleware can be used as a global middleware to silent check @@ -10,15 +10,12 @@ export default class SilentAuthMiddleware { /** * Handle request */ - public async handle( - { auth }: HttpContextContract, - next: () => Promise, - ) { + public async handle({ auth }: HttpContext, next: () => Promise) { /** * Check if user is logged-in or not. If yes, then `ctx.auth.user` will be * set to the instance of the currently logged in user. */ - await auth.check(); - await next(); + await auth.check() + await next() } } -- cgit v1.2.3-70-g09d2