Some more logging, moving middlewares to backend-core.

2024-06-27 02:20:35 +12:00 · 2022-08-04 19:03:50 +01:00 · 2022-08-04 19:03:50 +01:00 · 65e8af01f5
parent a05e21ee4b
commit 65e8af01f5
12 changed files with 28 additions and 52 deletions
--- a/packages/backend-core/src/auth.js
+++ b/packages/backend-core/src/auth.js
@ -19,6 +19,8 @@ const {
  csrf,
  internalApi,
  adminOnly,
  builderOnly,
  builderOrAdmin,
  joiValidator,
 } = require("./middleware")
@ -176,5 +178,7 @@ module.exports = {
  updateUserOAuth,
  ssoCallbackUrl,
  adminOnly,
  builderOnly,
  builderOrAdmin,
  joiValidator,
 }
--- a/packages/backend-core/src/middleware/authenticated.js
+++ b/packages/backend-core/src/middleware/authenticated.js
@ -81,7 +81,7 @@ module.exports = (
        const session = await getSession(userId, sessionId)
        if (!session) {
-          error = "No session found"
+          error = `Session not found - ${userId} - ${sessionId}`
        } else {
          try {
            if (opts && opts.populateUser) {
--- a/packages/backend-core/src/middleware/builderOnly.js
+++ b/packages/backend-core/src/middleware/builderOnly.js
--- a/packages/backend-core/src/middleware/builderOrAdmin.js
+++ b/packages/backend-core/src/middleware/builderOrAdmin.js
--- a/packages/backend-core/src/middleware/index.js
+++ b/packages/backend-core/src/middleware/index.js
@ -10,6 +10,8 @@ const internalApi = require("./internalApi")
 const datasourceGoogle = require("./passport/datasource/google")
 const csrf = require("./csrf")
 const adminOnly = require("./adminOnly")
 const builderOrAdmin = require("./builderOrAdmin")
 const builderOnly = require("./builderOnly")
 const joiValidator = require("./joi-validator")
 module.exports = {
  google,
@ -27,5 +29,7 @@ module.exports = {
  },
  csrf,
  adminOnly,
  builderOnly,
  builderOrAdmin,
  joiValidator,
 }
--- a/packages/backend-core/src/security/sessions.js
+++ b/packages/backend-core/src/security/sessions.js
@ -1,6 +1,7 @@
 const redis = require("../redis/init")
 const { v4: uuidv4 } = require("uuid")
 const { logWarn } = require("../logging")
 const env = require("../environment")
 // a week in seconds
 const EXPIRY_SECONDS = 86400 * 7
@ -34,17 +35,21 @@ async function invalidateSessions(userId, sessionIds = null) {
      }))
    }
-    const client = await redis.getSessionClient()
+    if (sessions && sessions.length > 0) {
-    const promises = []
+      const client = await redis.getSessionClient()
-    for (let session of sessions) {
+      const promises = []
-      promises.push(client.delete(session.key))
+      for (let session of sessions) {
        promises.push(client.delete(session.key))
      }
      if (!env.isTest()) {
        logWarn(
          `Invalidating sessions for ${userId} - ${sessions
            .map(session => session.key)
            .join(", ")}`
        )
      }
      await Promise.all(promises)
    }
    logWarn(
      `Invalidating sessions for ${userId} - ${sessions
        .map(session => session.key)
        .join(", ")}`
    )
    await Promise.all(promises)
  } catch (err) {
    console.error(`Error invalidating sessions: ${err}`)
  }
--- a/packages/worker/src/api/routes/global/roles.js
+++ b/packages/worker/src/api/routes/global/roles.js
@ -1,6 +1,6 @@
 const Router = require("@koa/router")
 const controller = require("../../controllers/global/roles")
-const builderOrAdmin = require("../../../middleware/builderOrAdmin")
+const { builderOrAdmin } = require("@budibase/backend-core/auth")
 const router = Router()
--- a/packages/worker/src/api/routes/global/self.js
+++ b/packages/worker/src/api/routes/global/self.js
@ -1,6 +1,6 @@
 const Router = require("@koa/router")
 const controller = require("../../controllers/global/self")
-const builderOnly = require("../../../middleware/builderOnly")
+const { builderOnly } = require("@budibase/backend-core/auth")
 const { users } = require("../validation")
 const router = Router()
--- a/packages/worker/src/api/routes/global/users.js
+++ b/packages/worker/src/api/routes/global/users.js
@ -6,7 +6,7 @@ const Joi = require("joi")
 const cloudRestricted = require("../../../middleware/cloudRestricted")
 const { users } = require("../validation")
 const selfController = require("../../controllers/global/self")
-const builderOrAdmin = require("../../../middleware/builderOrAdmin")
+const { builderOrAdmin } = require("@budibase/backend-core/auth")
 const router = Router()
--- a/packages/worker/src/api/routes/validation/users.ts
+++ b/packages/worker/src/api/routes/validation/users.ts
@ -1,4 +1,4 @@
-import joiValidator from "../../../middleware/joi-validator"
+const { joiValidator } = require("@budibase/backend-core/auth")
 import Joi from "joi"
 let schema: any = {
--- a/packages/worker/src/middleware/adminOnly.js
+++ b/packages/worker/src/middleware/adminOnly.js
@ -1,9 +0,0 @@
 module.exports = async (ctx, next) => {
  if (
    !ctx.internal &&
    (!ctx.user || !ctx.user.admin || !ctx.user.admin.global)
  ) {
    ctx.throw(403, "Admin user only endpoint.")
  }
  return next()
 }
--- a/packages/worker/src/middleware/joi-validator.js
+++ b/packages/worker/src/middleware/joi-validator.js
@ -1,28 +0,0 @@
 function validate(schema, property) {
  // Return a Koa middleware function
  return (ctx, next) => {
    if (!schema) {
      return next()
    }
    let params = null
    if (ctx[property] != null) {
      params = ctx[property]
    } else if (ctx.request[property] != null) {
      params = ctx.request[property]
    }
    const { error } = schema.validate(params)
    if (error) {
      ctx.throw(400, `Invalid ${property} - ${error.message}`)
      return
    }
    return next()
  }
 }
 module.exports.body = schema => {
  return validate(schema, "body")
 }
 module.exports.params = schema => {
  return validate(schema, "params")
 }