multi user auth

2026-04-22 14:36:01 +00:00 · 2022-03-21 20:21:07 +01:00
parent 487d4afd70
commit a1b7ad18af
8 changed files with 116 additions and 55 deletions
--- a/packages/api/src/utility/hasPermission.js
+++ b/packages/api/src/utility/hasPermission.js
@@ -1,12 +1,56 @@
 const { compilePermissions, testPermission } = require('dbgate-tools');
+const _ = require('lodash');

-let compiled = undefined;
+const userPermissions = {};

-function hasPermission(tested) {
-  if (compiled === undefined) {
-    compiled = compilePermissions(process.env.PERMISSIONS);
+function hasPermission(tested, req) {
+  const { user } = (req && req.auth) || {};
+  const key = user || '';
+  const logins = getLogins();
+  if (!userPermissions[key] && logins) {
+    const login = logins.find(x => x.login == user);
+    userPermissions[key] = compilePermissions(login ? login.permissions : null);
  }
-  return testPermission(tested, compiled);
+  return testPermission(tested, userPermissions[key]);
 }

-module.exports = hasPermission;
+let loginsCache = null;
+let loginsLoaded = false;
+
+function getLogins() {
+  if (loginsLoaded) {
+    return loginsCache;
+  }
+
+  const res = [];
+  if (process.env.LOGIN && process.env.PASSWORD) {
+    res.push({
+      login: process.env.LOGIN,
+      password: process.env.PASSWORD,
+      permissions: process.env.PERMISSIONS,
+    });
+  }
+  if (process.env.LOGINS) {
+    const logins = _.compact(process.env.LOGINS.split(',').map(x => x.trim()));
+    for (const login of logins) {
+      const password = process.env[`LOGIN_PASSWORD_${login}`];
+      const permissions = process.env[`LOGIN_PERMISSIONS_${login}`];
+      if (password) {
+        res.push({
+          login,
+          password,
+          permissions,
+        });
+      }
+    }
+  }
+
+  loginsCache = res.length > 0 ? res : null;
+  loginsLoaded = true;
+  return loginsCache;
+}
+
+module.exports = {
+  hasPermission,
+  getLogins,
+};
--- a/packages/api/src/utility/useController.js
+++ b/packages/api/src/utility/useController.js
@@ -62,7 +62,7 @@ module.exports = function useController(app, electron, route, controller) {
        //   controller._init_called = true;
        // }
        try {
-          let params = [{ ...req.body, ...req.query }];
+          let params = [{ ...req.body, ...req.query }, req];
          if (rawParams) params = [req, res];
          const data = await controller[key](...params);
          res.json(data);