Почетна Преглед Помоћ
Пријавите се
wiki
/
weseek__growi
огледало од https://github.com/weseek/growi
2
0
Креирај огранак 0
Датотеке Дискусије 0 Вики
Преглед изворни кода

typescriptize access-token-parser

Yuki Takei пре 1 година
родитељ
3ab4e86769
комит
09daea7b64
2 измењених фајлова са 24 додато и 6 уклоњено
Један поглед Покажи статистику Diff
  1. 23 5
      apps/app/src/server/middlewares/access-token-parser.ts
  2. 1 1
      apps/app/src/server/models/user.js

+ 23 - 5
apps/app/src/server/middlewares/access-token-parser.ts
Прегледај датотеку 

@@ -1,4 +1,8 @@
 
+import type { IUser, IUserHasId } from '@growi/core/dist/interfaces';
 
+import type { IUserSerializedSecurely } from '@growi/core/dist/models/serializers';
 
 import { serializeUserSecurely } from '@growi/core/dist/models/serializers';
 
 import { serializeUserSecurely } from '@growi/core/dist/models/serializers';
 
+import type { NextFunction, Request, Response } from 'express';
 
+import type { HydratedDocument } from 'mongoose';
 
 import mongoose from 'mongoose';
 
 import mongoose from 'mongoose';
 
 
 
 import loggerFactory from '~/utils/logger';
 
 import loggerFactory from '~/utils/logger';
 
@@ -6,20 +10,31 @@ import loggerFactory from '~/utils/logger';
 
 
 
 const logger = loggerFactory('growi:middleware:access-token-parser');
 
 const logger = loggerFactory('growi:middleware:access-token-parser');
 
 
 
-module.exports = (crowi) => {
 
+type ReqQuery = {
 
+  access_token?: string,
 
+}
 
+type ReqBody = {
 
+  access_token?: string,
 
+}
 
 
 
-  return async(req, res, next) => {
 
+interface Req extends Request<undefined, undefined, ReqBody, ReqQuery> {
 
+  user: IUserSerializedSecurely<IUserHasId>,
 
+}
 
+
 
+const middlewareFactory = () => {
 
+
 
+  return async(req: Req, res: Response, next: NextFunction): Promise<void> => {
 
     // TODO: comply HTTP header of RFC6750 / Authorization: Bearer
 
     // TODO: comply HTTP header of RFC6750 / Authorization: Bearer
 
-    const accessToken = req.query.access_token || req.body.access_token || null;
 
+    const accessToken = req.query.access_token ?? req.body.access_token;
 
     if (accessToken == null || typeof accessToken !== 'string') {
 
     if (accessToken == null || typeof accessToken !== 'string') {
 
       return next();
 
       return next();
 
     }
 
     }
 
 
 
-    const User = mongoose.model('User');
 
+    const User = mongoose.model<HydratedDocument<IUser>, { findUserByApiToken }>('User');
 
 
 
     logger.debug('accessToken is', accessToken);
 
     logger.debug('accessToken is', accessToken);
 
 
 
-    const user = await User.findUserByApiToken(accessToken).lean();
 
+    const user: IUserHasId = await User.findUserByApiToken(accessToken);
 
 
 
     if (user == null) {
 
     if (user == null) {
 
       logger.debug('The access token is invalid');
 
       logger.debug('The access token is invalid');
 
@@ -35,3 +50,6 @@ module.exports = (crowi) => {
 
   };
 
   };
 
 
 
 };
 
 };
 
+
 
+module.exports = middlewareFactory;
 
+// export default middlewareFactory;

+ 1 - 1
apps/app/src/server/models/user.js
Прегледај датотеку 

@@ -449,7 +449,7 @@ const factory = (crowi) => {
 
     if (apiToken == null) {
 
     if (apiToken == null) {
 
       return Promise.resolve(null);
 
       return Promise.resolve(null);
 
     }
 
     }
 
-    return this.findOne({ apiToken });
 
+    return this.findOne({ apiToken }).lean();
 
   };
 
   };
 
 
 
   userSchema.statics.findUserByGoogleId = function(googleId, callback) {
 
   userSchema.statics.findUserByGoogleId = function(googleId, callback) {