admin/bodyshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature/IO-3255-simplified-parts-management - Checkoint

Browse Source
This commit is contained in:
Dave
2025-08-21 12:51:14 -04:00
parent a74ce063ec
commit 43d5a77d60
2 changed files with 4 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
server/middleware/validateFirebaseIdTokenLiteMiddleware.js
View File

@@ -1,42 +0,0 @@
const logger = require("../utils/logger");
const admin = require("firebase-admin");
/**
* Lite Firebase ID token validator.
* - Only accepts Authorization: Bearer <token>
* - Sets req.user to the decoded token on success
*/
const validateFirebaseIdTokenLite = async (req, res, next) => {
const authHeader = req.headers.authorization || "";
const match = authHeader.match(/^Bearer\s+(.+)$/i);
if (!match) {
logger.log("api-authorization-call", "warn", null, null, {
type: "unauthorized",
reason: "missing Bearer token",
path: req.path,
body: req.body
});
return res.status(401).send("Unauthorized");
}
const idToken = match[1].trim();
try {
const decodedIdToken = await admin.auth().verifyIdToken(idToken);
req.user = decodedIdToken;
return next();
} catch (error) {
logger.log("api-unauthorized-call", "warn", null, null, {
type: "unauthorized",
reason: "invalid or expired token",
path: req.path,
body: req.body,
code: error?.errorInfo?.code || error?.code,
message: error?.message
});
return res.status(401).send("Unauthorized");
}
};
module.exports = validateFirebaseIdTokenLite;

9
server/routes/renderRoutes.js
View File

@@ -1,14 +1,13 @@
const express = require("express");
const router = express.Router();
const { inlineCSS } = require("../render/inlinecss");
const validateFirebaseIdTokenLite = require("../middleware/validateFirebaseIdTokenLiteMiddleware");
const validateFirebaseIdTokenMiddleware = require("../middleware/validateFirebaseIdTokenMiddleware");
const { canvas } = require("../render/canvas-handler");
const validateCanvasInputMiddleware = require("../middleware/validateCanvasInputMiddleware");
// Define the route for inline CSS rendering
router.post("/inlinecss", validateFirebaseIdTokenLite, inlineCSS);
router.post("/canvas-skia", validateFirebaseIdTokenLite, validateCanvasInputMiddleware, canvas);
router.post("/canvas", validateFirebaseIdTokenLite, validateCanvasInputMiddleware, canvas);
router.post("/inlinecss", validateFirebaseIdTokenMiddleware, inlineCSS);
router.post("/canvas-skia", validateFirebaseIdTokenMiddleware, validateCanvasInputMiddleware, canvas);
router.post("/canvas", validateFirebaseIdTokenMiddleware, validateCanvasInputMiddleware, canvas);
module.exports = router;