-import * as express from 'express'
+import express from 'express'
import { Socket } from 'socket.io'
import { getAccessToken } from '@server/lib/auth/oauth-model'
+import { RunnerModel } from '@server/models/runner/runner'
import { HttpStatusCode } from '../../shared/models/http/http-error-codes'
import { logger } from '../helpers/logger'
import { handleOAuthAuthenticate } from '../lib/auth/oauth'
-function authenticate (req: express.Request, res: express.Response, next: express.NextFunction, authenticateInQuery = false) {
- handleOAuthAuthenticate(req, res, authenticateInQuery)
+function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
+ handleOAuthAuthenticate(req, res)
.then((token: any) => {
res.locals.oauth = { token }
res.locals.authenticated = true
return next()
})
.catch(err => {
- logger.warn('Cannot authenticate.', { err })
+ logger.info('Cannot authenticate.', { err })
return res.fail({
status: err.status,
function authenticateSocket (socket: Socket, next: (err?: any) => void) {
const accessToken = socket.handshake.query['accessToken']
- logger.debug('Checking socket access token %s.', accessToken)
+ logger.debug('Checking access token in runner.')
if (!accessToken) return next(new Error('No access token provided'))
if (typeof accessToken !== 'string') return next(new Error('Access token is invalid'))
.catch(err => logger.error('Cannot get access token.', { err }))
}
-function authenticatePromiseIfNeeded (req: express.Request, res: express.Response, authenticateInQuery = false) {
+function authenticatePromise (req: express.Request, res: express.Response) {
return new Promise<void>(resolve => {
// Already authenticated? (or tried to)
if (res.locals.oauth?.token.User) return resolve()
})
}
- authenticate(req, res, () => resolve(), authenticateInQuery)
+ authenticate(req, res, () => resolve())
})
}
// ---------------------------------------------------------------------------
+function authenticateRunnerSocket (socket: Socket, next: (err?: any) => void) {
+ const runnerToken = socket.handshake.auth['runnerToken']
+
+ logger.debug('Checking runner token in socket.')
+
+ if (!runnerToken) return next(new Error('No runner token provided'))
+ if (typeof runnerToken !== 'string') return next(new Error('Runner token is invalid'))
+
+ RunnerModel.loadByToken(runnerToken)
+ .then(runner => {
+ if (!runner) return next(new Error('Invalid runner token.'))
+
+ socket.handshake.auth.runner = runner
+
+ return next()
+ })
+ .catch(err => logger.error('Cannot get runner token.', { err }))
+}
+
+// ---------------------------------------------------------------------------
+
export {
authenticate,
authenticateSocket,
- authenticatePromiseIfNeeded,
- optionalAuthenticate
+ authenticatePromise,
+ optionalAuthenticate,
+ authenticateRunnerSocket
}