we can now check if a session is authorized

2025-02-10 15:02:38 +01:00 · 2025-02-10 15:02:38 +01:00 · d63a452f75
commit d63a452f75
parent 5e24fc29fb
4 changed files with 51 additions and 8 deletions
--- a/src/middlewares/authMiddleware.js
+++ b/src/middlewares/authMiddleware.js
@ -0,0 +1,9 @@
+const sessionService = require('../services/sessionService');
+
+async function rejectIfNotAuthorizedMiddleware(req, res, next) {
+    console.log("I'm checking stuff, aight?");
+    console.log(`Is session authorized: ${await sessionService.isSessionAuthorized(req.cookies.sessionUuid)}`)
+    next();
+}
+
+module.exports = rejectIfNotAuthorizedMiddleware;
--- a/src/routes/webRoutes.js
+++ b/src/routes/webRoutes.js
@ -1,6 +1,7 @@
 const express = require('express');
 const router = express.Router();

+const authMiddleware = require('../middlewares/authMiddleware');
 const appInviteService = require('../services/appInviteService')

 router.get('/', (req, res) => {
@ -32,7 +33,7 @@ router.get('/invite/:inviteUuid', async (req, res) => {
    }
 });

-router.get('/private', (req, res) => {
+router.get('/private', authMiddleware, (req, res) => {
    res.render('private', {});
 });

--- a/src/services/invitedNpubService.js
+++ b/src/services/invitedNpubService.js
@ -18,5 +18,16 @@ async function createInvitedNpub(inviteUuid, npub) {
    });
 }

+async function isNpubInvited(npub) {
+
+    if (await InvitedNpub.findOne({
+        where: { invited_npub: npub }
+    })) {
+        return true;
+    }
+
+    return false;
+}

 exports.createInvitedNpub = createInvitedNpub;
+exports.isNpubInvited = isNpubInvited;
--- a/src/services/sessionService.js
+++ b/src/services/sessionService.js
@ -3,6 +3,8 @@ const uuid = require("uuid");
 const Session = require('../models/Session');
 const SessionNpubbed = require('../models/SessionNpubbed');

+const invitedNpubService = require('./invitedNpubService');
+
 const constants = require('../constants');

 async function createSession(sessionUuid) {
@ -52,17 +54,37 @@ async function isSessionAlreadyRelatedToNpub(sessionUuid, npub) {
 }


-/* async function getNpubRelatedToSession(sessionUuid) {
-    if (SessionNpubbed.findOne({
-        where: { 'sessionUuid': sessionUuid }
-    }))
+async function getNpubRelatedToSession(sessionUuid) {
+
+    const mostRecentSession = await SessionNpubbed.findOne({
+        where: { 'session_uuid': sessionUuid },
+        order: [['created_at', 'DESC']]
+    });
+
+    if (!mostRecentSession) {
+        return null;
+    }
+
+    return mostRecentSession.npub;
 }
- 
+
 async function isSessionAuthorized(sessionUuid) {
- 
-} */
+
+    if (await isSessionExpired(sessionUuid)) {
+        return false;
+    }
+
+    const npub = await getNpubRelatedToSession(sessionUuid);
+
+    if (await invitedNpubService.isNpubInvited(npub)) {
+        return true;
+    }
+
+    return false;
+}

 exports.createSession = createSession;
 exports.isSessionExpired = isSessionExpired;
 exports.relateSessionToNpub = relateSessionToNpub;
 exports.isSessionAlreadyRelatedToNpub = isSessionAlreadyRelatedToNpub;
+exports.isSessionAuthorized = isSessionAuthorized;