Browse Source

fix: return unauthorized if token is expired

pull/2338/head
Wing-Kam Wong 3 years ago
parent
commit
3f0d6dd78f
  1. 23
      packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts

23
packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts

@ -2,10 +2,14 @@ import projectAcl from '../../utils/projectAcl';
import { NextFunction, Request, Response } from 'express'; import { NextFunction, Request, Response } from 'express';
import catchError, { NcError } from './catchError'; import catchError, { NcError } from './catchError';
import extractProjectIdAndAuthenticate from './extractProjectIdAndAuthenticate'; import extractProjectIdAndAuthenticate from './extractProjectIdAndAuthenticate';
import NocoCache from '../../cache/NocoCache';
import Noco from '../../Noco';
import { CacheGetType, CacheScope, MetaTable } from '../../utils/globals';
export default function(handlerFn, permissionName) { export default function(handlerFn, permissionName) {
return [ return [
extractProjectIdAndAuthenticate, extractProjectIdAndAuthenticate,
catchError(function authMiddleware(req, _res, next) { catchError(async function authMiddleware(req, _res, next) {
const roles = req?.session?.passport?.user?.roles; const roles = req?.session?.passport?.user?.roles;
if ( if (
!( !(
@ -20,6 +24,23 @@ export default function(handlerFn, permissionName) {
) { ) {
NcError.unauthorized('Unauthorized access'); NcError.unauthorized('Unauthorized access');
} }
// check if the token is still valid
const email = req?.session?.passport?.user?.email;
let user =
email &&
(await NocoCache.get(
`${CacheScope.USER}:${email}`,
CacheGetType.TYPE_OBJECT
));
if (!user) {
user = await Noco.ncMeta.metaGet2(null, null, MetaTable.USERS, {
email
});
}
if (user.token_expired) {
NcError.unauthorized('Token Expired. Please login again.');
}
next(); next();
}), }),
// @ts-ignore // @ts-ignore

Loading…
Cancel
Save