improve auth behavior

2025-06-11 19:44:15 +00:00 · 2023-04-04 12:30:23 +00:00 · 2023-04-04 12:30:23 +00:00 · 09a39b69a9
commit 09a39b69a9
parent 1536573dd5
1 changed files with 92 additions and 83 deletions
--- a/packages/server/src/middlewares/withAuthentication/index.js
+++ b/packages/server/src/middlewares/withAuthentication/index.js
@ -12,44 +12,17 @@ export default async (req, res, next) => {

    try {
        const tokenAuthHeader = req.headers?.authorization?.split(" ")
-        const serverTokenHeader = req.headers?.server_token

-        if (!serverTokenHeader && !tokenAuthHeader) {
+        if (!tokenAuthHeader) {
            return reject("Missing token header")
        }

-        if (serverTokenHeader) {
-            const [client_id, token] = serverTokenHeader.split(":")
-
-            if (client_id === "undefined" || token === "undefined") {
-                return reject("Invalid server token")
+        if (!tokenAuthHeader[1]) {
+            return reject("Recived header, missing token")
        }

-            const secureEntries = new SecureEntry(authorizedServerTokens)
-
-            const serverTokenEntry = await secureEntries.get(client_id, undefined, {
-                keyName: "client_id",
-                valueName: "token",
-            })
-
-            if (!serverTokenEntry) {
-                return reject("Invalid server token")
-            }
-
-            if (serverTokenEntry !== token) {
-                return reject("Missmatching server token")
-            }
-
-            req.user = {
-                __server: true,
-                _id: client_id,
-                roles: ["server"],
-            }
-
-            return next()
-        }
-
-        if (!serverTokenHeader && tokenAuthHeader && tokenAuthHeader[0] === "Bearer") {
+        switch (tokenAuthHeader[0]) {
+            case "Bearer": {
                const token = tokenAuthHeader[1]
                let decoded = null

@ -117,6 +90,42 @@ export default async (req, res, next) => {

                    return next()
                })
+
+                break
+            }
+            case "Server": {
+                const [client_id, token] = tokenAuthHeader[1].split(":")
+
+                if (client_id === "undefined" || token === "undefined") {
+                    return reject("Invalid server token")
+                }
+    
+                const secureEntries = new SecureEntry(authorizedServerTokens)
+    
+                const serverTokenEntry = await secureEntries.get(client_id, undefined, {
+                    keyName: "client_id",
+                    valueName: "token",
+                })
+    
+                if (!serverTokenEntry) {
+                    return reject("Invalid server token")
+                }
+    
+                if (serverTokenEntry !== token) {
+                    return reject("Missmatching server token")
+                }
+    
+                req.user = {
+                    __server: true,
+                    _id: client_id,
+                    roles: ["server"],
+                }
+    
+                return next()
+            }
+            default: {
+                return reject("Invalid token type")
+            }
        }
    } catch (error) {
        console.error(error)