budibase/packages/auth/src/middleware/authenticated.js

const { Cookies } = require("../constants")
const database = require("../db")
const { getCookie, clearCookie } = require("../utils")
const { StaticDatabases } = require("../db/utils")

function makeRegex() {

}

module.exports = (noAuthPatterns = []) => {
  const regex = new RegExp(noAuthPatterns.join("|"))
  return async (ctx, next) => {
    // the path is not authenticated
    if (regex.test(ctx.request.url)) {
      return next()
    }
    try {
      // check the actual user is authenticated first
      const authCookie = getCookie(ctx, Cookies.Auth)

      if (authCookie) {
        try {
          const db = database.getDB(StaticDatabases.GLOBAL.name)
          const user = await db.get(authCookie.userId)
          delete user.password
          ctx.isAuthenticated = true
          ctx.user = user
        } catch (err) {
          // remove the cookie as the use does not exist anymore
          clearCookie(ctx, Cookies.Auth)
        }
      }
      // be explicit
      if (ctx.isAuthenticated !== true) {
        ctx.isAuthenticated = false
      }

      return next()
    } catch (err) {
      ctx.throw(err.status || 403, err)
    }
  }
}
login page 2021-04-11 22:35:55 +12:00			`const { Cookies } = require("../constants")`
config specificity 2021-04-22 22:45:22 +12:00			`const database = require("../db")`
Updating test cases and some re-work of the email system. 2021-04-24 05:07:39 +12:00			`const { getCookie, clearCookie } = require("../utils")`
config specificity 2021-04-22 22:45:22 +12:00			`const { StaticDatabases } = require("../db/utils")`
login page 2021-04-11 22:35:55 +12:00
Fixing login issue. 2021-04-29 01:28:25 +12:00			`function makeRegex() {`

			`}`

Some re-work of the auth package, making it a bit easier to use/less likely to make a mistake. 2021-04-22 03:42:44 +12:00			`module.exports = (noAuthPatterns = []) => {`
			`const regex = new RegExp(noAuthPatterns.join("\|"))`
			`return async (ctx, next) => {`
			`// the path is not authenticated`
			`if (regex.test(ctx.request.url)) {`
			`return next()`
login page 2021-04-11 22:35:55 +12:00			`}`
Some re-work of the auth package, making it a bit easier to use/less likely to make a mistake. 2021-04-22 03:42:44 +12:00			`try {`
			`// check the actual user is authenticated first`
			`const authCookie = getCookie(ctx, Cookies.Auth)`

			`if (authCookie) {`
Updating test cases and some re-work of the email system. 2021-04-24 05:07:39 +12:00			`try {`
			`const db = database.getDB(StaticDatabases.GLOBAL.name)`
			`const user = await db.get(authCookie.userId)`
			`delete user.password`
			`ctx.isAuthenticated = true`
			`ctx.user = user`
			`} catch (err) {`
			`// remove the cookie as the use does not exist anymore`
			`clearCookie(ctx, Cookies.Auth)`
			`}`
			`}`
			`// be explicit`
			`if (ctx.isAuthenticated !== true) {`
			`ctx.isAuthenticated = false`
Some re-work of the auth package, making it a bit easier to use/less likely to make a mistake. 2021-04-22 03:42:44 +12:00			`}`
login page 2021-04-11 22:35:55 +12:00
Some re-work of the auth package, making it a bit easier to use/less likely to make a mistake. 2021-04-22 03:42:44 +12:00			`return next()`
			`} catch (err) {`
			`ctx.throw(err.status \|\| 403, err)`
			`}`
login page 2021-04-11 22:35:55 +12:00			`}`
			`}`