chore: change dir (prepare to merge)

2023-11-22 16:16:27 +07:00 · 2023-11-22 16:16:27 +07:00 · 7c55806956
commit 7c55806956
parent f3078c47ea
31 changed files with 0 additions and 0 deletions
--- a/Services/server/src/utils/auth.ts
+++ b/Services/server/src/utils/auth.ts
@ -0,0 +1,39 @@
+import * as express from "express";
+import { createVerifier } from "fast-jwt";
+
+import HttpError from "../interfaces/http-error";
+import HttpStatusCode from "../interfaces/http-status";
+
+if (!process.env.PUBLIC_KEY && !process.env.REALM_URL) {
+  throw new Error("Require public key or realm url.");
+}
+
+const jwtVerify = createVerifier({
+  key: async () => {
+    return `-----BEGIN PUBLIC KEY-----\n${process.env.PUBLIC_KEY}\n-----END PUBLIC KEY-----`;
+  },
+});
+
+export function expressAuthentication(
+  request: express.Request,
+  securityName: string,
+  _scopes?: string[],
+) {
+  return new Promise(async (resolve, reject) => {
+    if (securityName !== "bearerAuth") reject(new Error("Unknown authentication method."));
+
+    const token = request.headers["authorization"]?.includes("Bearer ")
+      ? request.headers["authorization"].split(" ")[1]
+      : null;
+
+    if (!token) return reject(new HttpError(HttpStatusCode.UNAUTHORIZED, "No token provided."));
+
+    const payload = await jwtVerify(token).catch((_) => null);
+
+    if (!payload) {
+      return reject(new HttpError(HttpStatusCode.UNAUTHORIZED, "Invalid token provided."));
+    }
+
+    return resolve(payload);
+  });
+}