mirror of
https://github.com/DeNNiiInc/dbgate.git
synced 2026-04-29 15:43:59 +00:00
better oauth handle
This commit is contained in:
Jan Prochazka
@@ -9,6 +9,16 @@ function shouldAuthorizeApi() {
|
|||||||
return !!process.env.OAUTH_AUTH;
|
return !!process.env.OAUTH_AUTH;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function unauthorizedResponse(req, res, text) {
|
||||||
|
// if (req.path == getExpressPath('/config/get-settings')) {
|
||||||
|
// return res.json({});
|
||||||
|
// }
|
||||||
|
// if (req.path == getExpressPath('/connections/list')) {
|
||||||
|
// return res.json([]);
|
||||||
|
// }
|
||||||
|
return res.sendStatus(401).send(text);
|
||||||
|
}
|
||||||
|
|
||||||
function authMiddleware(req, res, next) {
|
function authMiddleware(req, res, next) {
|
||||||
const SKIP_AUTH_PATHS = ['/config/get', '/auth/oauth-token', '/stream'];
|
const SKIP_AUTH_PATHS = ['/config/get', '/auth/oauth-token', '/stream'];
|
||||||
|
|
||||||
@@ -20,7 +30,7 @@ function authMiddleware(req, res, next) {
|
|||||||
}
|
}
|
||||||
const authHeader = req.headers.authorization;
|
const authHeader = req.headers.authorization;
|
||||||
if (!authHeader) {
|
if (!authHeader) {
|
||||||
return res.send(401, 'missing authorization header');
|
return unauthorizedResponse(req, res, 'missing authorization header');
|
||||||
}
|
}
|
||||||
const token = authHeader.split(' ')[1];
|
const token = authHeader.split(' ')[1];
|
||||||
try {
|
try {
|
||||||
@@ -28,10 +38,7 @@ function authMiddleware(req, res, next) {
|
|||||||
req.user = decoded;
|
req.user = decoded;
|
||||||
return next();
|
return next();
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
console.log('&&&&&&&&&&&&&&&&&&&&&& IUNVALID TOKEN');
|
return unauthorizedResponse(req, res, 'invalid token');
|
||||||
console.log(token);
|
|
||||||
console.log(err);
|
|
||||||
return res.sendStatus(401).send('Invalid Token');
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -20,12 +20,16 @@
|
|||||||
import getElectron from './utility/getElectron';
|
import getElectron from './utility/getElectron';
|
||||||
import AppStartInfo from './widgets/AppStartInfo.svelte';
|
import AppStartInfo from './widgets/AppStartInfo.svelte';
|
||||||
import SettingsListener from './utility/SettingsListener.svelte';
|
import SettingsListener from './utility/SettingsListener.svelte';
|
||||||
import { handleAuthOnStartup } from './clientAuth';
|
import { handleAuthOnStartup, handleOauthCallback } from './clientAuth';
|
||||||
|
|
||||||
let loadedApi = false;
|
let loadedApi = false;
|
||||||
let loadedPlugins = false;
|
let loadedPlugins = false;
|
||||||
|
const isOauthCallback = handleOauthCallback();
|
||||||
|
|
||||||
async function loadApi() {
|
async function loadApi() {
|
||||||
|
if (isOauthCallback) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
// if (shouldWaitForElectronInitialize()) {
|
// if (shouldWaitForElectronInitialize()) {
|
||||||
// setTimeout(loadApi, 100);
|
// setTimeout(loadApi, 100);
|
||||||
// return;
|
// return;
|
||||||
@@ -76,7 +80,7 @@
|
|||||||
|
|
||||||
<ErrorHandler />
|
<ErrorHandler />
|
||||||
|
|
||||||
{#if loadedApi}
|
{#if loadedApi && !isOauthCallback}
|
||||||
<DataGridRowHeightMeter />
|
<DataGridRowHeightMeter />
|
||||||
<CommandListener />
|
<CommandListener />
|
||||||
<PluginsProvider />
|
<PluginsProvider />
|
||||||
|
|||||||
@@ -1,9 +1,7 @@
|
|||||||
import { apiCall } from './utility/api';
|
import { apiCall } from './utility/api';
|
||||||
import { getConfig } from './utility/metadataLoaders';
|
import { getConfig } from './utility/metadataLoaders';
|
||||||
|
|
||||||
export async function handleAuthOnStartup(config) {
|
export function handleOauthCallback() {
|
||||||
console.log('********************* handleAuthOnStartup');
|
|
||||||
if (config.oauth) {
|
|
||||||
const params = new URLSearchParams(location.search);
|
const params = new URLSearchParams(location.search);
|
||||||
const sentCode = params.get('code');
|
const sentCode = params.get('code');
|
||||||
const sentState = params.get('state');
|
const sentState = params.get('state');
|
||||||
@@ -14,22 +12,34 @@ export async function handleAuthOnStartup(config) {
|
|||||||
sentState.startsWith('dbg-oauth:') &&
|
sentState.startsWith('dbg-oauth:') &&
|
||||||
sentState == sessionStorage.getItem('oauthState')
|
sentState == sessionStorage.getItem('oauthState')
|
||||||
) {
|
) {
|
||||||
const authResp = await apiCall('auth/oauth-token', {
|
sessionStorage.removeItem('oauthState');
|
||||||
|
apiCall('auth/oauth-token', {
|
||||||
code: sentCode,
|
code: sentCode,
|
||||||
redirectUri: location.origin,
|
redirectUri: location.origin,
|
||||||
});
|
}).then(authResp => {
|
||||||
const { accessToken } = authResp;
|
const { accessToken } = authResp;
|
||||||
console.log('Got new access token:', accessToken);
|
console.log('Got new access token:', accessToken);
|
||||||
localStorage.setItem('accessToken', accessToken);
|
localStorage.setItem('accessToken', accessToken);
|
||||||
location.replace('/');
|
location.replace('/');
|
||||||
} else {
|
});
|
||||||
|
|
||||||
|
console.log('handleOauthCallback TRUE');
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
console.log('handleOauthCallback FALSE');
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
export async function handleAuthOnStartup(config) {
|
||||||
|
console.log('********************* handleAuthOnStartup');
|
||||||
|
if (config.oauth) {
|
||||||
if (localStorage.getItem('accessToken')) {
|
if (localStorage.getItem('accessToken')) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
redirectToLogin(config);
|
redirectToLogin(config);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function redirectToLogin(config = null) {
|
export async function redirectToLogin(config = null) {
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import './utility/connectionsPinger';
|
|||||||
import './utility/changeCurrentDbByTab';
|
import './utility/changeCurrentDbByTab';
|
||||||
import './commands/stdCommands';
|
import './commands/stdCommands';
|
||||||
import localStorageGarbageCollector from './utility/localStorageGarbageCollector';
|
import localStorageGarbageCollector from './utility/localStorageGarbageCollector';
|
||||||
|
import { handleOauthCallback } from './clientAuth';
|
||||||
|
|
||||||
localStorageGarbageCollector();
|
localStorageGarbageCollector();
|
||||||
|
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ import { redirectToLogin } from '../clientAuth';
|
|||||||
let eventSource;
|
let eventSource;
|
||||||
let apiLogging = false;
|
let apiLogging = false;
|
||||||
// let cacheCleanerRegistered;
|
// let cacheCleanerRegistered;
|
||||||
// let apiDisabled = false;
|
let apiDisabled = false;
|
||||||
|
|
||||||
// export function disableApi() {
|
// export function disableApi() {
|
||||||
// apiDisabled = true;
|
// apiDisabled = true;
|
||||||
@@ -41,6 +41,10 @@ export async function apiCall(route: string, args: {} = undefined) {
|
|||||||
if (apiLogging) {
|
if (apiLogging) {
|
||||||
console.log('>>> API CALL', route, args);
|
console.log('>>> API CALL', route, args);
|
||||||
}
|
}
|
||||||
|
if (apiDisabled) {
|
||||||
|
console.log('API disabled!!', route);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
const electron = getElectron();
|
const electron = getElectron();
|
||||||
if (electron) {
|
if (electron) {
|
||||||
@@ -57,7 +61,9 @@ export async function apiCall(route: string, args: {} = undefined) {
|
|||||||
body: JSON.stringify(args),
|
body: JSON.stringify(args),
|
||||||
});
|
});
|
||||||
|
|
||||||
if (resp.status == 401) {
|
if (resp.status == 401 && !apiDisabled) {
|
||||||
|
apiDisabled = true;
|
||||||
|
console.log('Disabling API', route);
|
||||||
// unauthorized
|
// unauthorized
|
||||||
redirectToLogin();
|
redirectToLogin();
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user