mirror of
https://github.com/DeNNiiInc/dbgate.git
synced 2026-04-27 04:25:59 +00:00
better oauth handle
This commit is contained in:
Jan Prochazka
@@ -9,6 +9,16 @@ function shouldAuthorizeApi() {
|
||||
return !!process.env.OAUTH_AUTH;
|
||||
}
|
||||
|
||||
function unauthorizedResponse(req, res, text) {
|
||||
// if (req.path == getExpressPath('/config/get-settings')) {
|
||||
// return res.json({});
|
||||
// }
|
||||
// if (req.path == getExpressPath('/connections/list')) {
|
||||
// return res.json([]);
|
||||
// }
|
||||
return res.sendStatus(401).send(text);
|
||||
}
|
||||
|
||||
function authMiddleware(req, res, next) {
|
||||
const SKIP_AUTH_PATHS = ['/config/get', '/auth/oauth-token', '/stream'];
|
||||
|
||||
@@ -20,7 +30,7 @@ function authMiddleware(req, res, next) {
|
||||
}
|
||||
const authHeader = req.headers.authorization;
|
||||
if (!authHeader) {
|
||||
return res.send(401, 'missing authorization header');
|
||||
return unauthorizedResponse(req, res, 'missing authorization header');
|
||||
}
|
||||
const token = authHeader.split(' ')[1];
|
||||
try {
|
||||
@@ -28,10 +38,7 @@ function authMiddleware(req, res, next) {
|
||||
req.user = decoded;
|
||||
return next();
|
||||
} catch (err) {
|
||||
console.log('&&&&&&&&&&&&&&&&&&&&&& IUNVALID TOKEN');
|
||||
console.log(token);
|
||||
console.log(err);
|
||||
return res.sendStatus(401).send('Invalid Token');
|
||||
return unauthorizedResponse(req, res, 'invalid token');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -20,12 +20,16 @@
|
||||
import getElectron from './utility/getElectron';
|
||||
import AppStartInfo from './widgets/AppStartInfo.svelte';
|
||||
import SettingsListener from './utility/SettingsListener.svelte';
|
||||
import { handleAuthOnStartup } from './clientAuth';
|
||||
import { handleAuthOnStartup, handleOauthCallback } from './clientAuth';
|
||||
|
||||
let loadedApi = false;
|
||||
let loadedPlugins = false;
|
||||
const isOauthCallback = handleOauthCallback();
|
||||
|
||||
async function loadApi() {
|
||||
if (isOauthCallback) {
|
||||
return;
|
||||
}
|
||||
// if (shouldWaitForElectronInitialize()) {
|
||||
// setTimeout(loadApi, 100);
|
||||
// return;
|
||||
@@ -76,7 +80,7 @@
|
||||
|
||||
<ErrorHandler />
|
||||
|
||||
{#if loadedApi}
|
||||
{#if loadedApi && !isOauthCallback}
|
||||
<DataGridRowHeightMeter />
|
||||
<CommandListener />
|
||||
<PluginsProvider />
|
||||
|
||||
@@ -1,34 +1,44 @@
|
||||
import { apiCall } from './utility/api';
|
||||
import { getConfig } from './utility/metadataLoaders';
|
||||
|
||||
export async function handleAuthOnStartup(config) {
|
||||
console.log('********************* handleAuthOnStartup');
|
||||
if (config.oauth) {
|
||||
const params = new URLSearchParams(location.search);
|
||||
const sentCode = params.get('code');
|
||||
const sentState = params.get('state');
|
||||
export function handleOauthCallback() {
|
||||
const params = new URLSearchParams(location.search);
|
||||
const sentCode = params.get('code');
|
||||
const sentState = params.get('state');
|
||||
|
||||
if (
|
||||
sentCode &&
|
||||
sentState &&
|
||||
sentState.startsWith('dbg-oauth:') &&
|
||||
sentState == sessionStorage.getItem('oauthState')
|
||||
) {
|
||||
const authResp = await apiCall('auth/oauth-token', {
|
||||
code: sentCode,
|
||||
redirectUri: location.origin,
|
||||
});
|
||||
if (
|
||||
sentCode &&
|
||||
sentState &&
|
||||
sentState.startsWith('dbg-oauth:') &&
|
||||
sentState == sessionStorage.getItem('oauthState')
|
||||
) {
|
||||
sessionStorage.removeItem('oauthState');
|
||||
apiCall('auth/oauth-token', {
|
||||
code: sentCode,
|
||||
redirectUri: location.origin,
|
||||
}).then(authResp => {
|
||||
const { accessToken } = authResp;
|
||||
console.log('Got new access token:', accessToken);
|
||||
localStorage.setItem('accessToken', accessToken);
|
||||
location.replace('/');
|
||||
} else {
|
||||
if (localStorage.getItem('accessToken')) {
|
||||
return;
|
||||
}
|
||||
});
|
||||
|
||||
redirectToLogin(config);
|
||||
console.log('handleOauthCallback TRUE');
|
||||
return true;
|
||||
}
|
||||
|
||||
console.log('handleOauthCallback FALSE');
|
||||
return false;
|
||||
}
|
||||
|
||||
export async function handleAuthOnStartup(config) {
|
||||
console.log('********************* handleAuthOnStartup');
|
||||
if (config.oauth) {
|
||||
if (localStorage.getItem('accessToken')) {
|
||||
return;
|
||||
}
|
||||
|
||||
redirectToLogin(config);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -3,6 +3,7 @@ import './utility/connectionsPinger';
|
||||
import './utility/changeCurrentDbByTab';
|
||||
import './commands/stdCommands';
|
||||
import localStorageGarbageCollector from './utility/localStorageGarbageCollector';
|
||||
import { handleOauthCallback } from './clientAuth';
|
||||
|
||||
localStorageGarbageCollector();
|
||||
|
||||
|
||||
@@ -9,7 +9,7 @@ import { redirectToLogin } from '../clientAuth';
|
||||
let eventSource;
|
||||
let apiLogging = false;
|
||||
// let cacheCleanerRegistered;
|
||||
// let apiDisabled = false;
|
||||
let apiDisabled = false;
|
||||
|
||||
// export function disableApi() {
|
||||
// apiDisabled = true;
|
||||
@@ -41,6 +41,10 @@ export async function apiCall(route: string, args: {} = undefined) {
|
||||
if (apiLogging) {
|
||||
console.log('>>> API CALL', route, args);
|
||||
}
|
||||
if (apiDisabled) {
|
||||
console.log('API disabled!!', route);
|
||||
return;
|
||||
}
|
||||
|
||||
const electron = getElectron();
|
||||
if (electron) {
|
||||
@@ -57,7 +61,9 @@ export async function apiCall(route: string, args: {} = undefined) {
|
||||
body: JSON.stringify(args),
|
||||
});
|
||||
|
||||
if (resp.status == 401) {
|
||||
if (resp.status == 401 && !apiDisabled) {
|
||||
apiDisabled = true;
|
||||
console.log('Disabling API', route);
|
||||
// unauthorized
|
||||
redirectToLogin();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user