diff options
author | Chocobozzz <me@florianbigard.com> | 2019-02-06 12:26:58 +0100 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2019-02-06 12:26:58 +0100 |
commit | 73471b1a52f242e86364ffb077ea6cadb3b07ae2 (patch) | |
tree | 43dbb7748e281f8d80f15326f489cdea10ec857d /server/middlewares/oauth.ts | |
parent | c22419dd265c0c7185bf4197a1cb286eb3d8ebc0 (diff) | |
parent | f5305c04aae14467d6f957b713c5a902275cbb89 (diff) | |
download | PeerTube-73471b1a52f242e86364ffb077ea6cadb3b07ae2.tar.gz PeerTube-73471b1a52f242e86364ffb077ea6cadb3b07ae2.tar.zst PeerTube-73471b1a52f242e86364ffb077ea6cadb3b07ae2.zip |
Merge branch 'release/v1.2.0'
Diffstat (limited to 'server/middlewares/oauth.ts')
-rw-r--r-- | server/middlewares/oauth.ts | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts index 8c1df2c3e..1d193d467 100644 --- a/server/middlewares/oauth.ts +++ b/server/middlewares/oauth.ts | |||
@@ -3,6 +3,8 @@ import * as OAuthServer from 'express-oauth-server' | |||
3 | import 'express-validator' | 3 | import 'express-validator' |
4 | import { OAUTH_LIFETIME } from '../initializers' | 4 | import { OAUTH_LIFETIME } from '../initializers' |
5 | import { logger } from '../helpers/logger' | 5 | import { logger } from '../helpers/logger' |
6 | import { Socket } from 'socket.io' | ||
7 | import { getAccessToken } from '../lib/oauth-model' | ||
6 | 8 | ||
7 | const oAuthServer = new OAuthServer({ | 9 | const oAuthServer = new OAuthServer({ |
8 | useErrorHandler: true, | 10 | useErrorHandler: true, |
@@ -28,6 +30,25 @@ function authenticate (req: express.Request, res: express.Response, next: expres | |||
28 | }) | 30 | }) |
29 | } | 31 | } |
30 | 32 | ||
33 | function authenticateSocket (socket: Socket, next: (err?: any) => void) { | ||
34 | const accessToken = socket.handshake.query.accessToken | ||
35 | |||
36 | logger.debug('Checking socket access token %s.', accessToken) | ||
37 | |||
38 | getAccessToken(accessToken) | ||
39 | .then(tokenDB => { | ||
40 | const now = new Date() | ||
41 | |||
42 | if (!tokenDB || tokenDB.accessTokenExpiresAt < now || tokenDB.refreshTokenExpiresAt < now) { | ||
43 | return next(new Error('Invalid access token.')) | ||
44 | } | ||
45 | |||
46 | socket.handshake.query.user = tokenDB.User | ||
47 | |||
48 | return next() | ||
49 | }) | ||
50 | } | ||
51 | |||
31 | function authenticatePromiseIfNeeded (req: express.Request, res: express.Response) { | 52 | function authenticatePromiseIfNeeded (req: express.Request, res: express.Response) { |
32 | return new Promise(resolve => { | 53 | return new Promise(resolve => { |
33 | // Already authenticated? (or tried to) | 54 | // Already authenticated? (or tried to) |
@@ -68,6 +89,7 @@ function token (req: express.Request, res: express.Response, next: express.NextF | |||
68 | 89 | ||
69 | export { | 90 | export { |
70 | authenticate, | 91 | authenticate, |
92 | authenticateSocket, | ||
71 | authenticatePromiseIfNeeded, | 93 | authenticatePromiseIfNeeded, |
72 | optionalAuthenticate, | 94 | optionalAuthenticate, |
73 | token | 95 | token |