diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/oauth.ts | 10 | ||||
-rw-r--r-- | server/middlewares/validators/config.ts | 3 | ||||
-rw-r--r-- | server/middlewares/validators/users.ts | 4 |
3 files changed, 14 insertions, 3 deletions
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts index 41a3fb718..a6f28dd5b 100644 --- a/server/middlewares/oauth.ts +++ b/server/middlewares/oauth.ts | |||
@@ -2,6 +2,7 @@ import * as express from 'express' | |||
2 | import * as OAuthServer from 'express-oauth-server' | 2 | import * as OAuthServer from 'express-oauth-server' |
3 | import 'express-validator' | 3 | import 'express-validator' |
4 | import { OAUTH_LIFETIME } from '../initializers' | 4 | import { OAUTH_LIFETIME } from '../initializers' |
5 | import { logger } from '../helpers/logger' | ||
5 | 6 | ||
6 | const oAuthServer = new OAuthServer({ | 7 | const oAuthServer = new OAuthServer({ |
7 | useErrorHandler: true, | 8 | useErrorHandler: true, |
@@ -13,6 +14,8 @@ const oAuthServer = new OAuthServer({ | |||
13 | function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) { | 14 | function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) { |
14 | oAuthServer.authenticate()(req, res, err => { | 15 | oAuthServer.authenticate()(req, res, err => { |
15 | if (err) { | 16 | if (err) { |
17 | logger.warn('Cannot authenticate.', { err }) | ||
18 | |||
16 | return res.status(err.status) | 19 | return res.status(err.status) |
17 | .json({ | 20 | .json({ |
18 | error: 'Token is invalid.', | 21 | error: 'Token is invalid.', |
@@ -25,6 +28,12 @@ function authenticate (req: express.Request, res: express.Response, next: expres | |||
25 | }) | 28 | }) |
26 | } | 29 | } |
27 | 30 | ||
31 | function optionalAuthenticate (req: express.Request, res: express.Response, next: express.NextFunction) { | ||
32 | if (req.header('authorization')) return authenticate(req, res, next) | ||
33 | |||
34 | return next() | ||
35 | } | ||
36 | |||
28 | function token (req: express.Request, res: express.Response, next: express.NextFunction) { | 37 | function token (req: express.Request, res: express.Response, next: express.NextFunction) { |
29 | return oAuthServer.token()(req, res, err => { | 38 | return oAuthServer.token()(req, res, err => { |
30 | if (err) { | 39 | if (err) { |
@@ -44,5 +53,6 @@ function token (req: express.Request, res: express.Response, next: express.NextF | |||
44 | 53 | ||
45 | export { | 54 | export { |
46 | authenticate, | 55 | authenticate, |
56 | optionalAuthenticate, | ||
47 | token | 57 | token |
48 | } | 58 | } |
diff --git a/server/middlewares/validators/config.ts b/server/middlewares/validators/config.ts index ee6f6efa4..f58c0676c 100644 --- a/server/middlewares/validators/config.ts +++ b/server/middlewares/validators/config.ts | |||
@@ -1,6 +1,6 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import { body } from 'express-validator/check' | 2 | import { body } from 'express-validator/check' |
3 | import { isUserVideoQuotaValid } from '../../helpers/custom-validators/users' | 3 | import { isUserNSFWPolicyValid, isUserVideoQuotaValid } from '../../helpers/custom-validators/users' |
4 | import { logger } from '../../helpers/logger' | 4 | import { logger } from '../../helpers/logger' |
5 | import { areValidationErrors } from './utils' | 5 | import { areValidationErrors } from './utils' |
6 | 6 | ||
@@ -9,6 +9,7 @@ const customConfigUpdateValidator = [ | |||
9 | body('instance.description').exists().withMessage('Should have a valid instance description'), | 9 | body('instance.description').exists().withMessage('Should have a valid instance description'), |
10 | body('instance.terms').exists().withMessage('Should have a valid instance terms'), | 10 | body('instance.terms').exists().withMessage('Should have a valid instance terms'), |
11 | body('instance.defaultClientRoute').exists().withMessage('Should have a valid instance default client route'), | 11 | body('instance.defaultClientRoute').exists().withMessage('Should have a valid instance default client route'), |
12 | body('instance.defaultNSFWPolicy').custom(isUserNSFWPolicyValid).withMessage('Should have a valid NSFW policy'), | ||
12 | body('instance.customizations.css').exists().withMessage('Should have a valid instance CSS customization'), | 13 | body('instance.customizations.css').exists().withMessage('Should have a valid instance CSS customization'), |
13 | body('instance.customizations.javascript').exists().withMessage('Should have a valid instance JavaScript customization'), | 14 | body('instance.customizations.javascript').exists().withMessage('Should have a valid instance JavaScript customization'), |
14 | body('cache.previews.size').isInt().withMessage('Should have a valid previews size'), | 15 | body('cache.previews.size').isInt().withMessage('Should have a valid previews size'), |
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 6ea3d0b6c..5dd8caa3f 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -8,7 +8,7 @@ import { | |||
8 | isAvatarFile, | 8 | isAvatarFile, |
9 | isUserAutoPlayVideoValid, | 9 | isUserAutoPlayVideoValid, |
10 | isUserDescriptionValid, | 10 | isUserDescriptionValid, |
11 | isUserDisplayNSFWValid, | 11 | isUserNSFWPolicyValid, |
12 | isUserPasswordValid, | 12 | isUserPasswordValid, |
13 | isUserRoleValid, | 13 | isUserRoleValid, |
14 | isUserUsernameValid, | 14 | isUserUsernameValid, |
@@ -101,7 +101,7 @@ const usersUpdateMeValidator = [ | |||
101 | body('description').optional().custom(isUserDescriptionValid).withMessage('Should have a valid description'), | 101 | body('description').optional().custom(isUserDescriptionValid).withMessage('Should have a valid description'), |
102 | body('password').optional().custom(isUserPasswordValid).withMessage('Should have a valid password'), | 102 | body('password').optional().custom(isUserPasswordValid).withMessage('Should have a valid password'), |
103 | body('email').optional().isEmail().withMessage('Should have a valid email attribute'), | 103 | body('email').optional().isEmail().withMessage('Should have a valid email attribute'), |
104 | body('displayNSFW').optional().custom(isUserDisplayNSFWValid).withMessage('Should have a valid display Not Safe For Work attribute'), | 104 | body('nsfwPolicy').optional().custom(isUserNSFWPolicyValid).withMessage('Should have a valid display Not Safe For Work policy'), |
105 | body('autoPlayVideo').optional().custom(isUserAutoPlayVideoValid).withMessage('Should have a valid automatically plays video attribute'), | 105 | body('autoPlayVideo').optional().custom(isUserAutoPlayVideoValid).withMessage('Should have a valid automatically plays video attribute'), |
106 | 106 | ||
107 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 107 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |