60 lines
1.7 KiB
JavaScript
60 lines
1.7 KiB
JavaScript
import {
|
|
evaluateSpaceAccess,
|
|
extractToken
|
|
} from "../../index-j6kh1974.js";
|
|
import"../../index-5c1t4ftn.js";
|
|
import {
|
|
verifyEncryptIDToken
|
|
} from "../../index-stg63j73.js";
|
|
|
|
// src/server/middleware/express.ts
|
|
function encryptIDAuth(options = {}) {
|
|
return async (req, res, next) => {
|
|
const authHeader = req.headers.authorization;
|
|
if (!authHeader || typeof authHeader !== "string" || !authHeader.startsWith("Bearer ")) {
|
|
res.status(401).json({ error: "Missing EncryptID token" });
|
|
return;
|
|
}
|
|
const token = authHeader.slice(7);
|
|
try {
|
|
req.encryptid = await verifyEncryptIDToken(token, options);
|
|
next();
|
|
} catch (err) {
|
|
res.status(401).json({ error: err.message || "Invalid token" });
|
|
}
|
|
};
|
|
}
|
|
function encryptIDOptional(options = {}) {
|
|
return async (req, _res, next) => {
|
|
const authHeader = req.headers.authorization;
|
|
if (authHeader && typeof authHeader === "string" && authHeader.startsWith("Bearer ")) {
|
|
try {
|
|
req.encryptid = await verifyEncryptIDToken(authHeader.slice(7), options);
|
|
} catch {}
|
|
}
|
|
next();
|
|
};
|
|
}
|
|
function encryptIDSpaceAuth(config) {
|
|
const { getSlug, ...options } = config;
|
|
return async (req, res, next) => {
|
|
const slug = getSlug ? getSlug(req) : req.params?.slug || "";
|
|
const token = extractToken(req.headers);
|
|
const result = await evaluateSpaceAccess(slug, token, req.method, options);
|
|
if (!result.allowed) {
|
|
res.status(result.claims ? 403 : 401).json({ error: result.reason });
|
|
return;
|
|
}
|
|
if (result.claims) {
|
|
req.encryptid = result.claims;
|
|
}
|
|
req.spaceAuth = result;
|
|
next();
|
|
};
|
|
}
|
|
export {
|
|
encryptIDSpaceAuth,
|
|
encryptIDOptional,
|
|
encryptIDAuth
|
|
};
|