Ehrenamt/ff-operation-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

middleware error catch

Browse source
This commit is contained in:
Julian Krauser 2025-02-25 18:35:02 +01:00
parent 1151ec45dc
commit 3da02a89a7
1 changed files with 37 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
src/websocket/middleware/authenticateSocket.ts
View file

@ -7,42 +7,46 @@ import { Socket } from "socket.io";
import { SocketMap } from "../../storage/socketMap"; import { SocketMap } from "../../storage/socketMap";
export default async function authenticateSocket(socket: Socket, next: Function) { export default async function authenticateSocket(socket: Socket, next: Function) {
const token = socket.handshake.auth.token; try {
const token = socket.handshake.auth.token;
if (!token) { if (!token) {
throw new BadRequestException("Provide valid Authorization Header"); throw new BadRequestException("Provide valid Authorization Header");
} }
let decoded: string | jwt.JwtPayload; let decoded: string | jwt.JwtPayload;
await JWTHelper.validate(token) await JWTHelper.validate(token)
.then((result) => { .then((result) => {
decoded = result; decoded = result;
}) })
.catch((err) => { .catch((err) => {
if (err == "jwt expired") { if (err == "jwt expired") {
throw new UnauthorizedRequestException("Token expired", err); throw new UnauthorizedRequestException("Token expired", err);
} else { } else {
throw new BadRequestException("Failed Authorization Header decoding", err); throw new BadRequestException("Failed Authorization Header decoding", err);
} }
});
if (typeof decoded == "string" || !decoded) {
throw new InternalException("process failed");
}
if (decoded?.sub == "api_token_retrieve") {
throw new BadRequestException("This token is only authorized to get temporary access tokens via GET /api/webapi");
}
SocketMap.write(socket.id, {
socketId: socket.id,
userId: decoded.userId,
username: decoded.username,
isOwner: decoded.isOwner,
permissions: decoded.permissions,
isWebApiRequest: decoded?.sub == "webapi_access_token",
}); });
socket.join("home");
if (typeof decoded == "string" || !decoded) { next();
throw new InternalException("process failed"); } catch (err) {
next(err);
} }
if (decoded?.sub == "api_token_retrieve") {
throw new BadRequestException("This token is only authorized to get temporary access tokens via GET /api/webapi");
}
SocketMap.write(socket.id, {
socketId: socket.id,
userId: decoded.userId,
username: decoded.username,
isOwner: decoded.isOwner,
permissions: decoded.permissions,
isWebApiRequest: decoded?.sub == "webapi_access_token",
});
socket.join("home");
next();
} }