-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OV-8: protect routing #33
Merged
nikita-remeslov
merged 30 commits into
task/OV-5-JWT-token
from
task/OV-8-protect-routing
Aug 28, 2024
Merged
Changes from 28 commits
Commits
Show all changes
30 commits
Select commit
Hold shift + click to select a range
8ce8243
OV-8: + empty auth jwt plugin
Sanchousina 44b2532
OV-8: + register plugins
Sanchousina da1397e
OV-8: + dependencies
Sanchousina 5af5016
OV-8: * merging with OV-5
Sanchousina 9721153
OV-8: + findById method to Repository type
Sanchousina 89ec60b
OV-8: + findById method to Service type
Sanchousina b707dc3
OV-8: + findById method to user service and repository
Sanchousina 5e46444
OV-8: * userId to number
Sanchousina 50245d6
OV-8: + http codes to http code enum
Sanchousina ee3a4e5
OV-8: + hook and error messages enums for auth plugin
Sanchousina 508cd31
Merge remote-tracking branch 'origin/task/OV-5-JWT-token' into task/O…
Sanchousina 8eb1aae
OV-8: * export user entity
Sanchousina 3561451
OV-8: * implement auth jwt plugin
Sanchousina f034695
OV-8: + white routes constant
Sanchousina 36a220e
OV-8: * refactor checking for white route
Sanchousina 9e4004b
OV-8: * use white routes constant
Sanchousina 502aad9
OV-8: * extract fastify module augmentation into file
Sanchousina a9e0c53
Merge remote-tracking branch 'origin/next' into task/OV-8-protect-rou…
Sanchousina 218665a
OV-8: * modify find user method instead of adding findById
Sanchousina 2f9f951
OV-8: * move dependencies to backend
Sanchousina 9f17f91
OV-8: * white routes constant to include path method
Sanchousina 3aaf539
OV-8: + route type
Sanchousina dbfec2d
OV-8: * checking if route is in white list with method
Sanchousina 5a24c65
Merge remote-tracking branch 'origin/task/OV-5-JWT-token' into task/O…
Sanchousina b4fbbde
OV-8: + util function for checking route in white routes
Sanchousina a88eca1
OV-8: * modify find method in user repository instead of findById
Sanchousina 1ac2392
OV-8: * use id instead of userId in types for repository and service
Sanchousina 0354932
OV-8: - remove commented code
Sanchousina e9b8425
OV-8: * rename find to findById in service and repository
Sanchousina 9e20e1c
Merge remote-tracking branch origin/task/OV-5-JWT-token into task/OV-…
Sanchousina File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,2 @@ | ||
| export { USER_PASSWORD_SALT_ROUNDS } from './user.constants.js'; | ||
| export { WHITE_ROUTES } from './white-routes.constants.js'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| import { ApiPath, AuthApiPath } from 'shared'; | ||
|
|
||
| const WHITE_ROUTES = [ | ||
| { | ||
| path: `/api/v1${ApiPath.AUTH}${AuthApiPath.SIGN_IN}`, | ||
| method: 'POST', | ||
| }, | ||
| { | ||
| path: `/api/v1${ApiPath.AUTH}${AuthApiPath.SIGN_UP}`, | ||
| method: 'POST', | ||
| }, | ||
| ]; | ||
|
|
||
| export { WHITE_ROUTES }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| import fp from 'fastify-plugin'; | ||
| import { HttpCode, HttpError, HttpHeader } from 'shared'; | ||
|
|
||
| import { userService } from '~/bundles/users/users.js'; | ||
| import { tokenService } from '~/common/services/services.js'; | ||
|
|
||
| import { ErrorMessage, Hook } from './enums/enums.js'; | ||
| import { type Route } from './types/types.js'; | ||
| import { isRouteInWhiteList } from './utils/utils.js'; | ||
|
|
||
| type Options = { | ||
| routesWhiteList: Route[]; | ||
| }; | ||
|
|
||
| const authenticateJWT = fp<Options>((fastify, { routesWhiteList }, done) => { | ||
| fastify.decorateRequest('user', null); | ||
|
|
||
| fastify.addHook(Hook.PRE_HANDLER, async (request) => { | ||
| if (isRouteInWhiteList(routesWhiteList, request)) { | ||
| return; | ||
| } | ||
|
|
||
| const authHeader = request.headers[HttpHeader.AUTHORIZATION]; | ||
|
|
||
| if (!authHeader) { | ||
| throw new HttpError({ | ||
| message: ErrorMessage.MISSING_TOKEN, | ||
| status: HttpCode.UNAUTHORIZED, | ||
| }); | ||
| } | ||
|
|
||
| const [, token] = authHeader.split(' '); | ||
|
|
||
| const userId = await tokenService.getUserIdFromToken(token as string); | ||
|
|
||
| if (!userId) { | ||
| throw new HttpError({ | ||
| message: ErrorMessage.INVALID_TOKEN, | ||
| status: HttpCode.UNAUTHORIZED, | ||
| }); | ||
| } | ||
|
|
||
| const user = await userService.find(userId); | ||
|
|
||
| if (!user) { | ||
| throw new HttpError({ | ||
| message: ErrorMessage.MISSING_USER, | ||
| status: HttpCode.BAD_REQUEST, | ||
| }); | ||
| } | ||
|
|
||
| request.user = user; | ||
| }); | ||
|
|
||
| done(); | ||
| }); | ||
|
|
||
| export { authenticateJWT }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| export { ErrorMessage } from './error-message.enum.js'; | ||
| export { Hook } from './hook.enum.js'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| const ErrorMessage = { | ||
| MISSING_TOKEN: 'You are not logged in', | ||
| INVALID_TOKEN: 'Token is no longer valid. Please log in again.', | ||
| MISSING_USER: 'User with this id does not exist.', | ||
| } as const; | ||
|
|
||
| export { ErrorMessage }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| const Hook = { | ||
| PRE_HANDLER: 'preHandler', | ||
| } as const; | ||
|
|
||
| export { Hook }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| type Route = { | ||
| path: string; | ||
| method: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE'; | ||
| }; | ||
|
|
||
| export { type Route }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| export { type Route } from './route.type.js'; |
15 changes: 15 additions & 0 deletions
15
backend/src/common/plugins/auth/utils/check-white-routes.util.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| import { type FastifyRequest } from 'fastify'; | ||
|
|
||
| import { type Route } from '../types/types.js'; | ||
|
|
||
| const isRouteInWhiteList = ( | ||
| routesWhiteList: Route[], | ||
| request: FastifyRequest, | ||
| ): boolean => { | ||
| return routesWhiteList.some( | ||
| (route) => | ||
| route.path === request.url && route.method === request.method, | ||
| ); | ||
| }; | ||
|
|
||
| export { isRouteInWhiteList }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| export { isRouteInWhiteList } from './check-white-routes.util.js'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| export { authenticateJWT } from './auth/auth-jwt.plugin.js'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| import 'fastify'; | ||
|
|
||
| import { type UserEntity } from '~/bundles/users/users.js'; | ||
|
|
||
| declare module 'fastify' { | ||
| interface FastifyRequest { | ||
| user: UserEntity; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we should accept any params here, or we should rename it to findById
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Renamed it to findById