From d242115bb57bf8e67254559d8e23203b4723b8bf Mon Sep 17 00:00:00 2001 From: camargo Date: Wed, 13 Sep 2023 09:18:53 -0700 Subject: [PATCH] Remove change role endpoint --- src/packages/auth/functions.ts | 51 +--------------------------------- src/packages/auth/routes.ts | 37 +----------------------- src/packages/auth/types.ts | 1 - 3 files changed, 2 insertions(+), 87 deletions(-) diff --git a/src/packages/auth/functions.ts b/src/packages/auth/functions.ts index 77d7b39..fe036a4 100644 --- a/src/packages/auth/functions.ts +++ b/src/packages/auth/functions.ts @@ -91,18 +91,12 @@ export function decodeJwt(authorizationHeader: string | undefined): JwtDecode { } } -export function generateJwt( - username: string, - defaultRole: string, - allowedRoles: string[], - activeRole?: string, -): string | null { +export function generateJwt(username: string, defaultRole: string, allowedRoles: string[]): string | null { try { const { HASURA_GRAPHQL_JWT_SECRET, JWT_EXPIRATION } = getEnv(); const { key, type }: JwtSecret = JSON.parse(HASURA_GRAPHQL_JWT_SECRET); const options: jwt.SignOptions = { algorithm: type as Algorithm, expiresIn: JWT_EXPIRATION }; const payload: JwtPayload = { - activeRole: activeRole && allowedRoles.includes(activeRole) ? activeRole : defaultRole, 'https://hasura.io/jwt/claims': { 'x-hasura-allowed-roles': allowedRoles, 'x-hasura-default-role': defaultRole, @@ -182,46 +176,3 @@ export async function session(authorizationHeader: string | undefined): Promise< return { message: `Authentication is disabled`, success: true }; } } - -export async function changeRole( - authorizationHeader: string | undefined, - role: string | undefined, -): Promise { - const { AUTH_TYPE } = getEnv(); - const { jwtErrorMessage, jwtPayload } = decodeJwt(authorizationHeader); - - try { - if (jwtPayload) { - const { - username, - 'https://hasura.io/jwt/claims': { - 'x-hasura-allowed-roles': allowedRoles, - 'x-hasura-default-role': defaultRole, - }, - } = jwtPayload; - - if (AUTH_TYPE === 'cam') { - return { - message: 'Role change successful', - success: true, - token: generateJwt(username, defaultRole as string, allowedRoles as string[], role), - }; - } else { - return { - message: 'Authentication is disabled', - success: true, - token: generateJwt(username, defaultRole as string, allowedRoles as string[], role), - }; - } - } else { - return { message: jwtErrorMessage, success: false, token: null }; - } - } catch (error) { - logger.error(error); - return { - message: 'An unexpected error occurred', - success: false, - token: null, - }; - } -} diff --git a/src/packages/auth/routes.ts b/src/packages/auth/routes.ts index 06daaf8..c3a3c94 100644 --- a/src/packages/auth/routes.ts +++ b/src/packages/auth/routes.ts @@ -1,7 +1,7 @@ import type { Express } from 'express'; import rateLimit from 'express-rate-limit'; import { getEnv } from '../../env.js'; -import { changeRole, login, session } from './functions.js'; +import { login, session } from './functions.js'; export default (app: Express) => { const { RATE_LIMITER_LOGIN_MAX } = getEnv(); @@ -67,39 +67,4 @@ export default (app: Express) => { const response = await session(authorizationHeader); res.json(response); }); - - /** - * @swagger - * /auth/changeRole: - * post: - * security: - * - bearerAuth: [] - * consumes: - * - application/json - * produces: - * - application/json - * requestBody: - * description: User's desired role - * required: true - * content: - * application/json: - * schema: - * type: object - * properties: - * role: - * type: string - * responses: - * 200: - * description: AuthResponse - * summary: Changes a user's role in the session - * tags: - * - Auth - */ - app.post('/auth/changeRole', async (req, res) => { - const authorizationHeader = req.get('authorization'); - const { body } = req; - const { role: requestedRole } = body; - const response = await changeRole(authorizationHeader, requestedRole); - res.json(response); - }); }; diff --git a/src/packages/auth/types.ts b/src/packages/auth/types.ts index a059fec..47ed4db 100644 --- a/src/packages/auth/types.ts +++ b/src/packages/auth/types.ts @@ -6,7 +6,6 @@ export type JwtDecode = { }; export type JwtPayload = { - activeRole: string; 'https://hasura.io/jwt/claims': Record; username: string; };