From 85a5f3c2fba2e61208eea49441707dc70a6ecc39 Mon Sep 17 00:00:00 2001 From: Timo Hocker <35867059+TimoHocker@users.noreply.github.com> Date: Mon, 3 Jan 2022 14:44:27 +0100 Subject: [PATCH] allow gateway without redirection, manual request handling --- CHANGELOG.md | 5 +++++ README.md | 21 +++++++++++++++++++-- lib/Gateway.ts | 20 ++++++++++++++------ package.json | 2 +- 4 files changed, 39 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4e4f1a7..c9e4600 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,10 @@ # Changelog +## 2.1.0 + +- Allow access to Gateway functions like authenticate, get_cookie_auth, get_header_auth, redirect, deny +- Allow Gateway to deny a request in case no redirect url is specified + ## 2.0.0 Complete redesign diff --git a/README.md b/README.md index e02b674..94263b0 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # auth-server-helper -version: 2.0.x +version: 2.1.x customizable and simple authentication @@ -22,7 +22,7 @@ yarn: const {create_gateway} = require('@sapphirecode/auth-server-helper'); const gateway = create_gateway({ - redirect_url: '/auth', + redirect_url: '/auth', // if defined, unauthorized requests will be redirected cookie_name: 'auth_cookie', // if defined, access tokens will be read from this cookie }); @@ -40,6 +40,23 @@ http.createServer((main_req, main_res) => the gateway will forward any authorized requests to the next handler and redirect all others to the specified url +#### 1.1. Creating a gateway for manual processing of requests + +```js +const {GatewayClass} = require('@sapphirecode/auth-server-helper'); + +const gateway = new GatewayClass({ /* options */ }); // options are the same as for create_gateway above + +// process a request +if (gateway.authenticate(http_request)) { // returns true if request is valid and sets req.connection.token_id and .token_data + console.log('access granted'); +} else { + gateway.redirect(response); // redirects the client, triggers deny if no redirect_url was set in options + // or + gateway.deny(response); // sends status 403 +} +``` + ### 2. creating the auth endpoint ```js diff --git a/lib/Gateway.ts b/lib/Gateway.ts index 78175f3..8e495a1 100644 --- a/lib/Gateway.ts +++ b/lib/Gateway.ts @@ -16,24 +16,32 @@ type Gateway = ( ) => unknown; interface GatewayOptions { - redirect_url: string; + redirect_url?: string; cookie_name?: string; } class GatewayClass { private _options: GatewayOptions; - public constructor (options: GatewayOptions) { + public constructor (options: GatewayOptions = {}) { this._options = options; } - private redirect (res: ServerResponse): void { + public deny (res: ServerResponse): void { + res.statusCode = 403; + res.end(); + } + + public redirect (res: ServerResponse): void { + if (typeof this._options.redirect_url !== 'string') + return this.deny(res); + res.statusCode = 302; res.setHeader ('Location', this._options.redirect_url); res.end (); } - private get_header_auth (req: IncomingMessage): string | null { + public get_header_auth (req: IncomingMessage): string | null { const auth_header = req.headers.authorization; const auth = (/(?\w+) (?.*)/u).exec (auth_header || ''); if (auth === null) @@ -43,7 +51,7 @@ class GatewayClass { return auth.groups?.data; } - private get_cookie_auth (req: IncomingMessage): string | null { + public get_cookie_auth (req: IncomingMessage): string | null { if (typeof this._options.cookie_name === 'undefined') return null; let auth = null; @@ -58,7 +66,7 @@ class GatewayClass { return auth; } - private authenticate (req: IncomingMessage): boolean { + public authenticate (req: IncomingMessage): boolean { let auth = this.get_header_auth (req); if (auth === null) auth = this.get_cookie_auth (req); diff --git a/package.json b/package.json index c48dbe6..141d808 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@sapphirecode/auth-server-helper", - "version": "2.0.2", + "version": "2.1.0", "main": "dist/index.js", "author": { "name": "Timo Hocker",