swaf/src/auth/AuthComponent.ts

import ApplicationComponent from "../ApplicationComponent";
import {NextFunction, Request, Response} from "express";
import AuthGuard from "./AuthGuard";
import Controller from "../Controller";
import {ForbiddenHttpError} from "../HttpError";
import Middleware from "../Middleware";
import User from "./models/User";
import AuthProof from "./AuthProof";

export default class AuthComponent extends ApplicationComponent {
    private readonly authGuard: AuthGuard<AuthProof<User>>;

    public constructor(authGuard: AuthGuard<AuthProof<User>>) {
        super();
        this.authGuard = authGuard;
    }

    public async init(): Promise<void> {
        this.use(AuthMiddleware);
    }

    public getAuthGuard(): AuthGuard<AuthProof<User>> {
        return this.authGuard;
    }
}

export class AuthMiddleware extends Middleware {
    private authGuard?: AuthGuard<AuthProof<User>>;
    private user: User | null = null;

    protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {
        this.authGuard = this.app.as(AuthComponent).getAuthGuard();

        const proof = await this.authGuard.isAuthenticated(req.getSession());
        if (proof) {
            this.user = await proof.getResource();
            res.locals.user = this.user;
        }

        next();
    }

    public getUser(): User | null {
        return this.user;
    }

    public getAuthGuard(): AuthGuard<AuthProof<User>> {
        if (!this.authGuard) throw new Error('AuthGuard was not initialized.');
        return this.authGuard;
    }
}

export class RequireRequestAuthMiddleware extends Middleware {
    protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {
        const proof = await req.as(AuthMiddleware).getAuthGuard().isAuthenticatedViaRequest(req);
        if (!proof) {
            req.flash('error', `You must be logged in to access ${req.url}.`);
            res.redirect(Controller.route('auth', undefined, {
                redirect_uri: req.url,
            }));
            return;
        }

        next();
    }
}

export class RequireAuthMiddleware extends Middleware {
    protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {
        const authGuard = req.as(AuthMiddleware).getAuthGuard();
        // Via request

        if (await authGuard.isAuthenticatedViaRequest(req)) {
            next();
            return;
        }

        // Via session
        if (!await authGuard.isAuthenticated(req.getSession())) {
            req.flash('error', `You must be logged in to access ${req.url}.`);
            res.redirect(Controller.route('auth', undefined, {
                redirect_uri: req.url,
            }));
            return;
        }

        next();
    }
}

export class RequireGuestMiddleware extends Middleware {
    protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {
        if (await req.as(AuthMiddleware).getAuthGuard().isAuthenticated(req.getSession())) {
            res.redirectBack();
            return;
        }

        next();
    }
}

export class RequireAdminMiddleware extends Middleware {
    protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {
        const user = req.as(AuthMiddleware).getUser();
        if (!user || !user.is_admin) {
            throw new ForbiddenHttpError('secret tool', req.url);
        }

        next();
    }
}
Add auth utils parts 2020-04-24 12:12:27 +02:00			`import ApplicationComponent from "../ApplicationComponent";`
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`import {NextFunction, Request, Response} from "express";`
Add auth utils parts 2020-04-24 12:12:27 +02:00			`import AuthGuard from "./AuthGuard";`
			`import Controller from "../Controller";`
			`import {ForbiddenHttpError} from "../HttpError";`
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`import Middleware from "../Middleware";`
			`import User from "./models/User";`
			`import AuthProof from "./AuthProof";`
Add auth utils parts 2020-04-24 12:12:27 +02:00
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`export default class AuthComponent extends ApplicationComponent {`
			`private readonly authGuard: AuthGuard<AuthProof<User>>;`
Add auth utils parts 2020-04-24 12:12:27 +02:00
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`public constructor(authGuard: AuthGuard<AuthProof<User>>) {`
Add auth utils parts 2020-04-24 12:12:27 +02:00			`super();`
			`this.authGuard = authGuard;`
			`}`

Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`public async init(): Promise<void> {`
			`this.use(AuthMiddleware);`
Add auth utils parts 2020-04-24 12:12:27 +02:00			`}`
Add AuthComponent.getAuthGuard() 2020-09-23 08:46:37 +02:00
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`public getAuthGuard(): AuthGuard<AuthProof<User>> {`
Add AuthComponent.getAuthGuard() 2020-09-23 08:46:37 +02:00			`return this.authGuard;`
			`}`
Add auth utils parts 2020-04-24 12:12:27 +02:00			`}`

Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`export class AuthMiddleware extends Middleware {`
			`private authGuard?: AuthGuard<AuthProof<User>>;`
			`private user: User \| null = null;`
Add optional user approval mode 2020-06-16 11:12:58 +02:00
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {`
			`this.authGuard = this.app.as(AuthComponent).getAuthGuard();`

Add many eslint rules and fix all linting issues 2020-09-25 23:42:15 +02:00			`const proof = await this.authGuard.isAuthenticated(req.getSession());`
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`if (proof) {`
			`this.user = await proof.getResource();`
			`res.locals.user = this.user;`
			`}`
Add auth utils parts 2020-04-24 12:12:27 +02:00
Add support for authenticating user against custom request-proof matching 2020-06-14 11:59:02 +02:00			`next();`
Reduce the amount of SQL requests made for authentication 2020-07-28 11:47:20 +02:00			`}`
Add support for authenticating user against custom request-proof matching 2020-06-14 11:59:02 +02:00
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`public getUser(): User \| null {`
			`return this.user;`
Add auth utils parts 2020-04-24 12:12:27 +02:00			`}`
Reduce the amount of SQL requests made for authentication 2020-07-28 11:47:20 +02:00
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`public getAuthGuard(): AuthGuard<AuthProof<User>> {`
			`if (!this.authGuard) throw new Error('AuthGuard was not initialized.');`
			`return this.authGuard;`
Add auth utils parts 2020-04-24 12:12:27 +02:00			`}`
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`}`

			`export class RequireRequestAuthMiddleware extends Middleware {`
			`protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {`
			`const proof = await req.as(AuthMiddleware).getAuthGuard().isAuthenticatedViaRequest(req);`
			`if (!proof) {`
			req.flash('error', `You must be logged in to access ${req.url}.`);
			`res.redirect(Controller.route('auth', undefined, {`
			`redirect_uri: req.url,`
			`}));`
			`return;`
			`}`
Add auth utils parts 2020-04-24 12:12:27 +02:00
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`next();`
Add auth utils parts 2020-04-24 12:12:27 +02:00			`}`
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`}`

			`export class RequireAuthMiddleware extends Middleware {`
			`protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {`
			`const authGuard = req.as(AuthMiddleware).getAuthGuard();`
			`// Via request`

			`if (await authGuard.isAuthenticatedViaRequest(req)) {`
			`next();`
			`return;`
			`}`

			`// Via session`
Add many eslint rules and fix all linting issues 2020-09-25 23:42:15 +02:00			`if (!await authGuard.isAuthenticated(req.getSession())) {`
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			req.flash('error', `You must be logged in to access ${req.url}.`);
			`res.redirect(Controller.route('auth', undefined, {`
			`redirect_uri: req.url,`
			`}));`
			`return;`
			`}`
Add auth utils parts 2020-04-24 12:12:27 +02:00
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`next();`
			`}`
			`}`

			`export class RequireGuestMiddleware extends Middleware {`
			`protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {`
Add many eslint rules and fix all linting issues 2020-09-25 23:42:15 +02:00			`if (await req.as(AuthMiddleware).getAuthGuard().isAuthenticated(req.getSession())) {`
Improve middleware definition and cleanup code 2020-09-25 22:03:22 +02:00			`res.redirectBack();`
			`return;`
			`}`

			`next();`
			`}`
			`}`

			`export class RequireAdminMiddleware extends Middleware {`
			`protected async handle(req: Request, res: Response, next: NextFunction): Promise<void> {`
			`const user = req.as(AuthMiddleware).getUser();`
			`if (!user \|\| !user.is_admin) {`
			`throw new ForbiddenHttpError('secret tool', req.url);`
			`}`

			`next();`
			`}`
			`}`