feature/IO-3255-simplified-parts-management - Checkoint
This commit is contained in:
Dave
42
server/middleware/validateFirebaseIdTokenLiteMiddleware.js
Normal file
42
server/middleware/validateFirebaseIdTokenLiteMiddleware.js
Normal file
@@ -0,0 +1,42 @@
|
|||||||
|
const logger = require("../utils/logger");
|
||||||
|
const admin = require("firebase-admin");
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Lite Firebase ID token validator.
|
||||||
|
* - Only accepts Authorization: Bearer <token>
|
||||||
|
* - Sets req.user to the decoded token on success
|
||||||
|
*/
|
||||||
|
const validateFirebaseIdTokenLite = async (req, res, next) => {
|
||||||
|
const authHeader = req.headers.authorization || "";
|
||||||
|
const match = authHeader.match(/^Bearer\s+(.+)$/i);
|
||||||
|
|
||||||
|
if (!match) {
|
||||||
|
logger.log("api-authorization-call", "warn", null, null, {
|
||||||
|
type: "unauthorized",
|
||||||
|
reason: "missing Bearer token",
|
||||||
|
path: req.path,
|
||||||
|
body: req.body
|
||||||
|
});
|
||||||
|
return res.status(401).send("Unauthorized");
|
||||||
|
}
|
||||||
|
|
||||||
|
const idToken = match[1].trim();
|
||||||
|
|
||||||
|
try {
|
||||||
|
const decodedIdToken = await admin.auth().verifyIdToken(idToken);
|
||||||
|
req.user = decodedIdToken;
|
||||||
|
return next();
|
||||||
|
} catch (error) {
|
||||||
|
logger.log("api-unauthorized-call", "warn", null, null, {
|
||||||
|
type: "unauthorized",
|
||||||
|
reason: "invalid or expired token",
|
||||||
|
path: req.path,
|
||||||
|
body: req.body,
|
||||||
|
code: error?.errorInfo?.code || error?.code,
|
||||||
|
message: error?.message
|
||||||
|
});
|
||||||
|
return res.status(401).send("Unauthorized");
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
module.exports = validateFirebaseIdTokenLite;
|
||||||
@@ -1,13 +1,14 @@
|
|||||||
const express = require("express");
|
const express = require("express");
|
||||||
const router = express.Router();
|
const router = express.Router();
|
||||||
const { inlineCSS } = require("../render/inlinecss");
|
const { inlineCSS } = require("../render/inlinecss");
|
||||||
const validateFirebaseIdTokenMiddleware = require("../middleware/validateFirebaseIdTokenMiddleware");
|
const validateFirebaseIdTokenLite = require("../middleware/validateFirebaseIdTokenLiteMiddleware");
|
||||||
const { canvas } = require("../render/canvas-handler");
|
const { canvas } = require("../render/canvas-handler");
|
||||||
const validateCanvasInputMiddleware = require("../middleware/validateCanvasInputMiddleware");
|
const validateCanvasInputMiddleware = require("../middleware/validateCanvasInputMiddleware");
|
||||||
|
|
||||||
// Define the route for inline CSS rendering
|
// Define the route for inline CSS rendering
|
||||||
router.post("/inlinecss", validateFirebaseIdTokenMiddleware, inlineCSS);
|
router.post("/inlinecss", validateFirebaseIdTokenLite, inlineCSS);
|
||||||
router.post("/canvas-skia", validateFirebaseIdTokenMiddleware, validateCanvasInputMiddleware, canvas);
|
|
||||||
router.post("/canvas", validateFirebaseIdTokenMiddleware, validateCanvasInputMiddleware, canvas);
|
router.post("/canvas-skia", validateFirebaseIdTokenLite, validateCanvasInputMiddleware, canvas);
|
||||||
|
router.post("/canvas", validateFirebaseIdTokenLite, validateCanvasInputMiddleware, canvas);
|
||||||
|
|
||||||
module.exports = router;
|
module.exports = router;
|
||||||
|
|||||||
Reference in New Issue
Block a user