refactor: update auth setting
This commit is contained in:
Methapon2001
parent
053eb8b04a
commit
994b9ced2a
2 changed files with 19 additions and 9 deletions
|
|
@ -19,10 +19,14 @@ const jwtDecode = createDecoder();
|
|||
export async function keycloakAuth(request: Express.Request, roles?: string[]) {
|
||||
const token = request.headers["authorization"]?.includes("Bearer ")
|
||||
? request.headers["authorization"].split(" ")[1]
|
||||
: request.headers["authorization"];
|
||||
: "";
|
||||
|
||||
if (!token) {
|
||||
throw new HttpError(HttpStatus.UNAUTHORIZED, "ไม่พบข้อมูลสำหรับยืนยันตัวตน");
|
||||
throw new HttpError(
|
||||
HttpStatus.UNAUTHORIZED,
|
||||
"authorization data not found.",
|
||||
"authDataNotFound",
|
||||
);
|
||||
}
|
||||
|
||||
let payload: Record<string, any> = {};
|
||||
|
|
@ -49,7 +53,7 @@ export async function keycloakAuth(request: Express.Request, roles?: string[]) {
|
|||
if (!roles.some((a: string) => payload.roles.includes(a))) {
|
||||
throw new HttpError(
|
||||
HttpStatus.FORBIDDEN,
|
||||
"คุณไม่มีสิทธิในการเข้าถึงข้อมูลดังกล่าว",
|
||||
"You do not have permission to access this resource.",
|
||||
"noPermission",
|
||||
);
|
||||
}
|
||||
|
|
@ -61,7 +65,7 @@ export async function keycloakAuth(request: Express.Request, roles?: string[]) {
|
|||
async function verifyOffline(token: string) {
|
||||
const payload = await jwtVerify(token).catch((_) => null);
|
||||
if (!payload) {
|
||||
throw new HttpError(HttpStatus.UNAUTHORIZED, "ไม่สามารถยืนยันตัวตนได้");
|
||||
throw new HttpError(HttpStatus.UNAUTHORIZED, "Unauthorized.", "authFailed");
|
||||
}
|
||||
return payload;
|
||||
}
|
||||
|
|
@ -74,9 +78,14 @@ async function verifyOnline(token: string) {
|
|||
},
|
||||
).catch((e) => console.error(e));
|
||||
|
||||
if (!res) throw new Error("ไม่สามารถเข้าถึงระบบยืนยันตัวตน");
|
||||
if (!res)
|
||||
throw new HttpError(
|
||||
HttpStatus.INTERNAL_SERVER_ERROR,
|
||||
"Error authentication service.",
|
||||
"authFailedFatal",
|
||||
);
|
||||
if (!res.ok) {
|
||||
throw new HttpError(HttpStatus.UNAUTHORIZED, "ไม่สามารถยืนยันตัวตนได้");
|
||||
throw new HttpError(HttpStatus.UNAUTHORIZED, "Unauthorized.", "authFailed");
|
||||
}
|
||||
|
||||
return await jwtDecode(token);
|
||||
|
|
|
|||
|
|
@ -7,10 +7,10 @@
|
|||
"specVersion": 3,
|
||||
"securityDefinitions": {
|
||||
"keycloak": {
|
||||
"type": "apiKey",
|
||||
"type": "http",
|
||||
"name": "Authorization",
|
||||
"description": "Keycloak Bearer Token",
|
||||
"in": "header"
|
||||
"scheme": "bearer"
|
||||
}
|
||||
},
|
||||
"spec": {
|
||||
|
|
@ -33,7 +33,8 @@
|
|||
{ "name": "Product Type" },
|
||||
{ "name": "Product" },
|
||||
{ "name": "Work" },
|
||||
{ "name": "Service" }
|
||||
{ "name": "Service" },
|
||||
{ "name": "Quotation" }
|
||||
]
|
||||
}
|
||||
},
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue