From d63a452f75785e053bd8325e2ac2043fa6e2bc12 Mon Sep 17 00:00:00 2001 From: counterweight Date: Mon, 10 Feb 2025 15:02:38 +0100 Subject: [PATCH] we can now check if a session is authorized --- src/middlewares/authMiddleware.js | 9 ++++++++ src/routes/webRoutes.js | 3 ++- src/services/invitedNpubService.js | 11 +++++++++ src/services/sessionService.js | 36 ++++++++++++++++++++++++------ 4 files changed, 51 insertions(+), 8 deletions(-) create mode 100644 src/middlewares/authMiddleware.js diff --git a/src/middlewares/authMiddleware.js b/src/middlewares/authMiddleware.js new file mode 100644 index 0000000..03c747d --- /dev/null +++ b/src/middlewares/authMiddleware.js @@ -0,0 +1,9 @@ +const sessionService = require('../services/sessionService'); + +async function rejectIfNotAuthorizedMiddleware(req, res, next) { + console.log("I'm checking stuff, aight?"); + console.log(`Is session authorized: ${await sessionService.isSessionAuthorized(req.cookies.sessionUuid)}`) + next(); +} + +module.exports = rejectIfNotAuthorizedMiddleware; diff --git a/src/routes/webRoutes.js b/src/routes/webRoutes.js index cfe7e49..f959db2 100644 --- a/src/routes/webRoutes.js +++ b/src/routes/webRoutes.js @@ -1,6 +1,7 @@ const express = require('express'); const router = express.Router(); +const authMiddleware = require('../middlewares/authMiddleware'); const appInviteService = require('../services/appInviteService') router.get('/', (req, res) => { @@ -32,7 +33,7 @@ router.get('/invite/:inviteUuid', async (req, res) => { } }); -router.get('/private', (req, res) => { +router.get('/private', authMiddleware, (req, res) => { res.render('private', {}); }); diff --git a/src/services/invitedNpubService.js b/src/services/invitedNpubService.js index 6ad4b68..6f74273 100644 --- a/src/services/invitedNpubService.js +++ b/src/services/invitedNpubService.js @@ -18,5 +18,16 @@ async function createInvitedNpub(inviteUuid, npub) { }); } +async function isNpubInvited(npub) { + + if (await InvitedNpub.findOne({ + where: { invited_npub: npub } + })) { + return true; + } + + return false; +} exports.createInvitedNpub = createInvitedNpub; +exports.isNpubInvited = isNpubInvited; \ No newline at end of file diff --git a/src/services/sessionService.js b/src/services/sessionService.js index a718b9d..3428012 100644 --- a/src/services/sessionService.js +++ b/src/services/sessionService.js @@ -3,6 +3,8 @@ const uuid = require("uuid"); const Session = require('../models/Session'); const SessionNpubbed = require('../models/SessionNpubbed'); +const invitedNpubService = require('./invitedNpubService'); + const constants = require('../constants'); async function createSession(sessionUuid) { @@ -52,17 +54,37 @@ async function isSessionAlreadyRelatedToNpub(sessionUuid, npub) { } -/* async function getNpubRelatedToSession(sessionUuid) { - if (SessionNpubbed.findOne({ - where: { 'sessionUuid': sessionUuid } - })) +async function getNpubRelatedToSession(sessionUuid) { + + const mostRecentSession = await SessionNpubbed.findOne({ + where: { 'session_uuid': sessionUuid }, + order: [['created_at', 'DESC']] + }); + + if (!mostRecentSession) { + return null; + } + + return mostRecentSession.npub; } - + async function isSessionAuthorized(sessionUuid) { - -} */ + + if (await isSessionExpired(sessionUuid)) { + return false; + } + + const npub = await getNpubRelatedToSession(sessionUuid); + + if (await invitedNpubService.isNpubInvited(npub)) { + return true; + } + + return false; +} exports.createSession = createSession; exports.isSessionExpired = isSessionExpired; exports.relateSessionToNpub = relateSessionToNpub; exports.isSessionAlreadyRelatedToNpub = isSessionAlreadyRelatedToNpub; +exports.isSessionAuthorized = isSessionAuthorized;