import 'express-validator'
import { OAUTH_LIFETIME } from '../initializers'
import { logger } from '../helpers/logger'
+import { Socket } from 'socket.io'
+import { getAccessToken } from '../lib/oauth-model'
const oAuthServer = new OAuthServer({
useErrorHandler: true,
})
}
+function authenticateSocket (socket: Socket, next: (err?: any) => void) {
+ const accessToken = socket.handshake.query.accessToken
+
+ logger.debug('Checking socket access token %s.', accessToken)
+
+ getAccessToken(accessToken)
+ .then(tokenDB => {
+ const now = new Date()
+
+ if (!tokenDB || tokenDB.accessTokenExpiresAt < now || tokenDB.refreshTokenExpiresAt < now) {
+ return next(new Error('Invalid access token.'))
+ }
+
+ socket.handshake.query.user = tokenDB.User
+
+ return next()
+ })
+}
+
+function authenticatePromiseIfNeeded (req: express.Request, res: express.Response) {
+ return new Promise(resolve => {
+ // Already authenticated? (or tried to)
+ if (res.locals.oauth && res.locals.oauth.token.User) return resolve()
+
+ if (res.locals.authenticated === false) return res.sendStatus(401)
+
+ authenticate(req, res, () => {
+ return resolve()
+ })
+ })
+}
+
function optionalAuthenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
if (req.header('authorization')) return authenticate(req, res, next)
+ res.locals.authenticated = false
+
return next()
}
export {
authenticate,
+ authenticateSocket,
+ authenticatePromiseIfNeeded,
optionalAuthenticate,
token
}
projects / github / Chocobozzz / PeerTube.git / blobdiff