admin/bodyshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

release/2024-11-01 - Misc fixes

Browse Source 
Signed-off-by: Dave Richer <dave@imexsystems.ca>
This commit is contained in:
Dave Richer
2024-10-29 10:53:09 -07:00
parent 3f247a9227
commit 42f1d6fa13
12 changed files with 108 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
server/middleware/validateFirebaseIdTokenMiddleware.js
View File

@@ -16,7 +16,11 @@ const validateFirebaseIdTokenMiddleware = async (req, res, next) => {
(!req.headers.authorization || !req.headers.authorization.startsWith("Bearer ")) &&
!(req.cookies && req.cookies.__session)
) {
console.error("Unauthorized attempt. No authorization provided.");
logger.log("api-authorization-call", "warn", req?.user?.email, null, {
type: "unauthorized",
path: req.path,
body: req.body
});
return res.status(403).send("Unauthorized");
}
@@ -32,10 +36,10 @@ const validateFirebaseIdTokenMiddleware = async (req, res, next) => {
idToken = req.cookies.__session;
} else {
// No cookie
console.error("Unauthorized attempt. No cookie provided.");
logger.log("api-unauthorized-call", "WARN", null, null, {
req,
type: "no-cookie"
logger.log("api-unauthorized-call", "warn", null, null, {
type: "unauthorized",
path: req.path,
body: req.body
});
return res.status(403).send("Unauthorized");
@@ -47,11 +51,11 @@ const validateFirebaseIdTokenMiddleware = async (req, res, next) => {
req.user = decodedIdToken;
next();
} catch (error) {
logger.log("api-unauthorized-call", "WARN", null, null, {
logger.log("api-unauthorized-call", "warn", null, null, {
path: req.path,
body: req.body,
type: "unauthroized",
type: "unauthorized",
...error
});