dennii/dbgate
1
0
Fork 0
mirror of https://github.com/DeNNiiInc/dbgate.git synced 2026-04-18 03:16:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
38a80ec69538ec27ba2836baafebc0f02fb2791e
dbgate/packages/api/src/controllers/auth.js
Jan Prochazka 38a80ec695 admin login
2024-07-26 16:40:17 +02:00

78 lines
2.1 KiB
JavaScript
Raw Blame History

const axios = require('axios');
const jwt = require('jsonwebtoken');
const getExpressPath = require('../utility/getExpressPath');
const { getLogger } = require('dbgate-tools');
const AD = require('activedirectory2').promiseWrapper;
const crypto = require('crypto');
const { getTokenSecret, getTokenLifetime } = require('../auth/authCommon');
const { getAuthProvider } = require('../auth/authProvider');
const { create } = require('lodash');
const logger = getLogger('auth');
function unauthorizedResponse(req, res, text) {
// if (req.path == getExpressPath('/config/get-settings')) {
// return res.json({});
// }
// if (req.path == getExpressPath('/connections/list')) {
// return res.json([]);
// }
return res.sendStatus(401).send(text);
}
function authMiddleware(req, res, next) {
const SKIP_AUTH_PATHS = ['/config/get', '/auth/oauth-token', '/auth/login', '/stream'];
if (!getAuthProvider().shouldAuthorizeApi()) {
return next();
}
let skipAuth = !!SKIP_AUTH_PATHS.find(x => req.path == getExpressPath(x));
const authHeader = req.headers.authorization;
if (!authHeader) {
if (skipAuth) {
return next();
}
return unauthorizedResponse(req, res, 'missing authorization header');
}
const token = authHeader.split(' ')[1];
try {
const decoded = jwt.verify(token, getTokenSecret());
req.user = decoded;
return next();
} catch (err) {
if (skipAuth) {
return next();
}
logger.error({ err }, 'Sending invalid token error');
return unauthorizedResponse(req, res, 'invalid token');
}
}
module.exports = {
oauthToken_meta: true,
async oauthToken(params) {
return getAuthProvider().oauthToken(params);
},
login_meta: true,
async login(params) {
const { login, password, isAdminPage } = params;
if (isAdminPage) {
if (process.env.ADMIN_PASSWORD && process.env.ADMIN_PASSWORD == password) {
return {
accessToken: jwt.sign({ login: 'admin' }, getTokenSecret(), { expiresIn: getTokenLifetime() }),
};
}
return { error: 'Login failed' };
}
return getAuthProvider().login(login, password);
},
authMiddleware,
};
Reference in New Issue View Git Blame Copy Permalink