Browse Source

feat: update token based strategy

Signed-off-by: Pranav C <pranavxc@gmail.com>
pull/4134/head
Pranav C 2 years ago
parent
commit
f7327a74fa
  1. 64
      packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts

64
packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts

@ -1,3 +1,4 @@
import { OrgUserRoles } from '../../../../enums/OrgUserRoles';
import User from '../../../models/User'; import User from '../../../models/User';
import ProjectUser from '../../../models/ProjectUser'; import ProjectUser from '../../../models/ProjectUser';
import { promisify } from 'util'; import { promisify } from 'util';
@ -27,20 +28,45 @@ import Plugin from '../../../models/Plugin';
export function initStrategies(router): void { export function initStrategies(router): void {
passport.use( passport.use(
'authtoken', 'authtoken',
new AuthTokenStrategy({ headerFields: ['xc-token'] }, (token, done) => { new AuthTokenStrategy(
ApiToken.getByToken(token) { headerFields: ['xc-token'], passReqToCallback: true },
.then((apiToken) => { (req, token, done) => {
if (apiToken) { ApiToken.getByToken(token)
done(null, { roles: 'editor' }); .then((apiToken) => {
} else { if (!apiToken) {
return done({ msg: 'Invalid tok' }); return done({ msg: 'Invalid tok' });
} }
})
.catch((e) => { if (!apiToken.fk_user_id) return done(null, { roles: 'editor' });
console.log(e); User.get(apiToken.fk_user_id)
done({ msg: 'Invalid tok' }); .then((user) => {
}); if (req.ncProjectId) {
}) ProjectUser.get(req.ncProjectId, user.id)
.then(async (projectUser) => {
user.roles = projectUser?.roles || 'user';
user.roles =
user.roles === 'owner' ? 'owner,creator' : user.roles;
// + (user.roles ? `,${user.roles}` : '');
// todo : cache
// await NocoCache.set(`${CacheScope.USER}:${key}`, user);
done(null, user);
})
.catch((e) => done(e));
} else {
return done(null, user);
}
})
.catch((e) => {
console.log(e);
done({ msg: 'User not found' });
});
})
.catch((e) => {
console.log(e);
done({ msg: 'Invalid token' });
});
}
)
); );
passport.serializeUser(function ( passport.serializeUser(function (
@ -92,11 +118,11 @@ export function initStrategies(router): void {
}, },
async (req, jwtPayload, done) => { async (req, jwtPayload, done) => {
// todo: improve this // todo: improve this
// if (req.roles.split(',').includes(OrgUserRoles.SUPER)) { if (jwtPayload.roles?.split(',').includes(OrgUserRoles.SUPER)) {
// return User.getByEma,il(jwtPayload?.email).then(async (user) => { return User.getByEmail(jwtPayload?.email).then(async (user) => {
// return done(null, { ...user, roles: 'owner,creator' }); return done(null, { ...user, roles: 'owner,creator' });
// }); });
// } }
const keyVals = [jwtPayload?.email]; const keyVals = [jwtPayload?.email];
if (req.ncProjectId) { if (req.ncProjectId) {

Loading…
Cancel
Save