-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* chore: user changes * feat: add basic auth to GET. check for old and new entries * chore: update env example * fix: user check * chore: update error msgs
- Loading branch information
1 parent
59f5b8e
commit 3891de3
Showing
14 changed files
with
187 additions
and
32 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,6 +4,9 @@ SERVER_PORT= | |
CORS_ORIGIN= | ||
CORS_METHOD= | ||
|
||
AUTH_USERNAME= | ||
AUTH_PASSWORD= | ||
|
||
SERVER_SECRET= | ||
|
||
AWS_ACCESS_KEY= | ||
|
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
import express = require('express') | ||
import { server } from 'decentraland-server' | ||
|
||
import { AuthRouter } from '../common' | ||
import { readFile, parseFileBody } from '../S3' | ||
import { decrypt } from '../crypto' | ||
import { Entry } from './types' | ||
|
||
export class AuthContestRouter extends AuthRouter { | ||
mount() { | ||
/** | ||
* Get entry by id | ||
*/ | ||
this.router.get('/entry/:projectId', server.handleRequest(this.getEntry)) | ||
} | ||
|
||
async getEntry(req: express.Request): Promise<Entry> { | ||
const projectId = server.extractFromReq(req, 'projectId') | ||
let entry: Entry | ||
|
||
try { | ||
const file = await readFile(projectId) | ||
entry = parseFileBody(file) | ||
} catch (error) { | ||
throw new Error(`Unknown entry ${projectId}`) | ||
} | ||
|
||
entry.contest.email = await decrypt(entry.contest.email) | ||
|
||
if (entry.user) { | ||
entry.user.id = await decrypt(entry.user.id) | ||
} | ||
|
||
return entry | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,2 @@ | ||
export * from './Contest.router' | ||
export * from './AuthContest.router' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
import express = require('express') | ||
import basicAuth = require('express-basic-auth') | ||
import { env } from 'decentraland-commons' | ||
import { PathParams, RequestHandlerParams } from 'express-serve-static-core' | ||
|
||
import { Router } from './Router' | ||
import { ExpressApp } from './ExpressApp' | ||
|
||
export type Auth = { | ||
username: string | ||
password: string | ||
} | ||
type HTTPMethod = 'get' | 'post' | 'put' | 'delete' | ||
|
||
export class AuthRouter extends Router { | ||
protected username: string | ||
protected password: string | ||
|
||
constructor(router: ExpressApp | express.Router, auth: Auth) { | ||
super(router) | ||
this.username = auth.username | ||
this.password = auth.password | ||
|
||
if (!env.isDevelopment() && (!this.username || !this.password)) { | ||
throw new Error(`Missing username or password in basic auth credentials`) | ||
} | ||
|
||
this.patchRouter() | ||
} | ||
|
||
patchRouter() { | ||
const arr: HTTPMethod[] = ['get', 'post', 'put', 'delete'] | ||
const users = { [this.username]: this.password } | ||
|
||
const authMiddleware = | ||
this.username && this.password | ||
? basicAuth({ users, challenge: true }) | ||
: (_: any, __: any, next: express.NextFunction) => next() | ||
|
||
for (const method of arr) { | ||
const oldHandler = this.router[method].bind(this.router) | ||
|
||
this.router[method] = ( | ||
path: PathParams, | ||
...handlers: RequestHandlerParams[] | ||
) => { | ||
return oldHandler(path, authMiddleware, ...handlers) | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,2 @@ | ||
export * from './Router' | ||
export * from './AuthRouter' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters