jeffemmett
/
rswag-online
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
rswag-online/frontend/vendor/@encryptid/sdk/index-j6kh1974.js

73 lines
2.5 KiB
JavaScript
Raw Permalink Blame History

import {
verifyEncryptIDToken
} from "./index-stg63j73.js";
// src/server/space-auth.ts
async function evaluateSpaceAccess(spaceSlug, token, method, options) {
const config = await options.getSpaceConfig(spaceSlug);
if (!config) {
return { allowed: false, claims: null, reason: "Space not found", isOwner: false, readOnly: false };
}
let claims = null;
if (token) {
try {
claims = await verifyEncryptIDToken(token, options);
} catch {}
}
const isRead = method === "GET" || method === "HEAD" || method === "OPTIONS";
const isOwner = !!(claims && config.ownerDID && claims.sub === config.ownerDID);
switch (config.visibility) {
case "public" /* PUBLIC */:
return { allowed: true, claims, isOwner, readOnly: false };
case "public_read" /* PUBLIC_READ */:
if (isRead) {
return { allowed: true, claims, isOwner, readOnly: !claims };
}
if (!claims) {
return {
allowed: false,
claims: null,
reason: "Authentication required to modify this space",
isOwner: false,
readOnly: true
};
}
return { allowed: true, claims, isOwner, readOnly: false };
case "authenticated" /* AUTHENTICATED */:
if (!claims) {
return { allowed: false, claims: null, reason: "Authentication required", isOwner: false, readOnly: false };
}
return { allowed: true, claims, isOwner, readOnly: false };
case "members_only" /* MEMBERS_ONLY */:
if (!claims) {
return { allowed: false, claims: null, reason: "Authentication required", isOwner: false, readOnly: false };
}
return { allowed: true, claims, isOwner, readOnly: false };
default:
return { allowed: false, claims: null, reason: "Unknown visibility setting", isOwner: false, readOnly: false };
}
}
function extractToken(headers) {
if (typeof headers.get === "function") {
const auth = headers.get("Authorization") || headers.get("authorization");
if (auth?.startsWith("Bearer "))
return auth.slice(7);
const cookie = headers.get("Cookie") || headers.get("cookie") || "";
const match = cookie.match(/encryptid_token=([^;]+)/);
if (match)
return match[1];
}
if (typeof headers.authorization === "string") {
if (headers.authorization.startsWith("Bearer "))
return headers.authorization.slice(7);
}
if (typeof headers.cookie === "string") {
const match = headers.cookie.match(/encryptid_token=([^;]+)/);
if (match)
return match[1];
}
return null;
}
export { evaluateSpaceAccess, extractToken };
Reference in New Issue View Git Blame Copy Permalink