mirrors/puter
1
0
Fork 0
mirror of https://github.com/HeyPuter/puter synced 2024-11-15 06:15:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix socket auth

Browse Source
This commit is contained in:
KernelDeimos 2024-04-13 17:19:04 -04:00
parent 3b65523da9
commit 965d99d137
1 changed files with 8 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
packages/backend/src/helpers.js
View File

@ -1155,34 +1155,22 @@ async function jwt_auth(req){
token = token.replace('Bearer ', '') token = token.replace('Bearer ', '')
try{ try{
const jwt = require('jsonwebtoken'); const svc_auth = Context.get('services').get('auth');
const decoded = jwt.verify(token, config.jwt_secret) const actor = await svc_auth.authenticate_from_token(token);
if ( decoded.type ) { if ( ! actor.type?.constructor?.name === 'UserActorType' ) {
// This is usually not the correct way to throw an APIError;
// this is a workaround for the existing error handling in auth,
// which is well tested, stable, and legacy (no sense in refactoring)
throw({ throw({
message: APIError.create('token_unsupported') message: APIError.create('token_unsupported')
.serialize(), .serialize(),
}); });
} }
/** @type BaseDatabaseAccessService */ return {
const db = services.get('database').get(DB_READ, 'filesystem'); user: actor.type.user,
token: token,
// in the vast majority of cases looking up a user should succeed unless the request is invalid (rare case), };
// that's why we first hit up the read replica and if not successful we try the master DB
let user = await db.requireRead('SELECT * FROM `user` WHERE `uuid` = ? LIMIT 1', [decoded.uuid]);
// unsuccessful
if(!user[0])
throw('');
// successful
else {
return {user: user[0], token: token};
}
}catch(e){ }catch(e){
console.log('ERROR', e);
throw(e.message); throw(e.message);
} }
} }