mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-26 03:33:58 -05:00
feat: add session handling
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
parent
1c52ad69a6
commit
5a91662865
5 changed files with 98 additions and 3 deletions
|
@ -47,6 +47,7 @@
|
||||||
"connect-typeorm": "1.1.4",
|
"connect-typeorm": "1.1.4",
|
||||||
"eslint-plugin-jest": "24.4.0",
|
"eslint-plugin-jest": "24.4.0",
|
||||||
"eslint-plugin-local-rules": "1.1.0",
|
"eslint-plugin-local-rules": "1.1.0",
|
||||||
|
"express-session": "1.17.2",
|
||||||
"file-type": "16.5.3",
|
"file-type": "16.5.3",
|
||||||
"joi": "17.4.2",
|
"joi": "17.4.2",
|
||||||
"minio": "7.0.19",
|
"minio": "7.0.19",
|
||||||
|
@ -71,6 +72,7 @@
|
||||||
"@tsconfig/node12": "1.0.9",
|
"@tsconfig/node12": "1.0.9",
|
||||||
"@types/cli-color": "2.0.1",
|
"@types/cli-color": "2.0.1",
|
||||||
"@types/express": "4.17.13",
|
"@types/express": "4.17.13",
|
||||||
|
"@types/express-session": "^1.17.4",
|
||||||
"@types/jest": "27.0.1",
|
"@types/jest": "27.0.1",
|
||||||
"@types/node": "14.17.16",
|
"@types/node": "14.17.16",
|
||||||
"@types/passport-local": "^1.0.34",
|
"@types/passport-local": "^1.0.34",
|
||||||
|
|
49
src/identity/session.guard.ts
Normal file
49
src/identity/session.guard.ts
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file)
|
||||||
|
*
|
||||||
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
*/
|
||||||
|
import {
|
||||||
|
CanActivate,
|
||||||
|
ExecutionContext,
|
||||||
|
Injectable,
|
||||||
|
UnauthorizedException,
|
||||||
|
} from '@nestjs/common';
|
||||||
|
|
||||||
|
import { NotInDBError } from '../errors/errors';
|
||||||
|
import { ConsoleLoggerService } from '../logger/console-logger.service';
|
||||||
|
import { User } from '../users/user.entity';
|
||||||
|
import { UsersService } from '../users/users.service';
|
||||||
|
|
||||||
|
@Injectable()
|
||||||
|
export class SessionGuard implements CanActivate {
|
||||||
|
constructor(
|
||||||
|
private readonly logger: ConsoleLoggerService,
|
||||||
|
private userService: UsersService,
|
||||||
|
) {
|
||||||
|
this.logger.setContext(SessionGuard.name);
|
||||||
|
}
|
||||||
|
|
||||||
|
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||||
|
const request: Request & { session?: { user: string }; user?: User } =
|
||||||
|
context.switchToHttp().getRequest();
|
||||||
|
if (!request.session) {
|
||||||
|
this.logger.debug('The user has no session.');
|
||||||
|
throw new UnauthorizedException("You're not logged in");
|
||||||
|
}
|
||||||
|
try {
|
||||||
|
request.user = await this.userService.getUserByUsername(
|
||||||
|
request.session.user,
|
||||||
|
);
|
||||||
|
return true;
|
||||||
|
} catch (e) {
|
||||||
|
if (e instanceof NotInDBError) {
|
||||||
|
this.logger.debug(
|
||||||
|
`The user '${request.session.user}' does not exist, but has a session.`,
|
||||||
|
);
|
||||||
|
throw new UnauthorizedException("You're not logged in");
|
||||||
|
}
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -10,9 +10,11 @@ import { NestExpressApplication } from '@nestjs/platform-express';
|
||||||
|
|
||||||
import { AppModule } from './app.module';
|
import { AppModule } from './app.module';
|
||||||
import { AppConfig } from './config/app.config';
|
import { AppConfig } from './config/app.config';
|
||||||
|
import { AuthConfig } from './config/auth.config';
|
||||||
import { MediaConfig } from './config/media.config';
|
import { MediaConfig } from './config/media.config';
|
||||||
import { ConsoleLoggerService } from './logger/console-logger.service';
|
import { ConsoleLoggerService } from './logger/console-logger.service';
|
||||||
import { BackendType } from './media/backends/backend-type.enum';
|
import { BackendType } from './media/backends/backend-type.enum';
|
||||||
|
import { setupSessionMiddleware } from './utils/session';
|
||||||
import { setupPrivateApiDocs, setupPublicApiDocs } from './utils/swagger';
|
import { setupPrivateApiDocs, setupPublicApiDocs } from './utils/swagger';
|
||||||
|
|
||||||
async function bootstrap(): Promise<void> {
|
async function bootstrap(): Promise<void> {
|
||||||
|
@ -25,9 +27,10 @@ async function bootstrap(): Promise<void> {
|
||||||
app.useLogger(logger);
|
app.useLogger(logger);
|
||||||
const configService = app.get(ConfigService);
|
const configService = app.get(ConfigService);
|
||||||
const appConfig = configService.get<AppConfig>('appConfig');
|
const appConfig = configService.get<AppConfig>('appConfig');
|
||||||
|
const authConfig = configService.get<AuthConfig>('authConfig');
|
||||||
const mediaConfig = configService.get<MediaConfig>('mediaConfig');
|
const mediaConfig = configService.get<MediaConfig>('mediaConfig');
|
||||||
|
|
||||||
if (!appConfig || !mediaConfig) {
|
if (!appConfig || !authConfig || !mediaConfig) {
|
||||||
logger.error('Could not initialize config, aborting.', 'AppBootstrap');
|
logger.error('Could not initialize config, aborting.', 'AppBootstrap');
|
||||||
process.exit(1);
|
process.exit(1);
|
||||||
}
|
}
|
||||||
|
@ -45,6 +48,8 @@ async function bootstrap(): Promise<void> {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
setupSessionMiddleware(app, authConfig);
|
||||||
|
|
||||||
app.enableCors({
|
app.enableCors({
|
||||||
origin: appConfig.rendererOrigin,
|
origin: appConfig.rendererOrigin,
|
||||||
});
|
});
|
||||||
|
|
39
src/utils/session.ts
Normal file
39
src/utils/session.ts
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file)
|
||||||
|
*
|
||||||
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
*/
|
||||||
|
import { INestApplication } from '@nestjs/common';
|
||||||
|
import { getRepositoryToken } from '@nestjs/typeorm';
|
||||||
|
import { TypeormStore } from 'connect-typeorm';
|
||||||
|
import session from 'express-session';
|
||||||
|
import { Repository } from 'typeorm';
|
||||||
|
|
||||||
|
import { AuthConfig } from '../config/auth.config';
|
||||||
|
import { Session } from '../users/session.entity';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Setup the session middleware via the given authConfig.
|
||||||
|
* @param {INestApplication} app - the nest application to configure the middleware for.
|
||||||
|
* @param {AuthConfig} authConfig - the authConfig to configure the middleware with.
|
||||||
|
*/
|
||||||
|
export function setupSessionMiddleware(
|
||||||
|
app: INestApplication,
|
||||||
|
authConfig: AuthConfig,
|
||||||
|
): void {
|
||||||
|
app.use(
|
||||||
|
session({
|
||||||
|
name: 'hedgedoc-session',
|
||||||
|
secret: authConfig.session.secret,
|
||||||
|
cookie: {
|
||||||
|
maxAge: authConfig.session.lifetime,
|
||||||
|
},
|
||||||
|
resave: false,
|
||||||
|
saveUninitialized: false,
|
||||||
|
store: new TypeormStore({
|
||||||
|
cleanupLimit: 2,
|
||||||
|
ttl: 86400,
|
||||||
|
}).connect(app.get<Repository<Session>>(getRepositoryToken(Session))),
|
||||||
|
}),
|
||||||
|
);
|
||||||
|
}
|
|
@ -1147,7 +1147,7 @@
|
||||||
"@types/qs" "*"
|
"@types/qs" "*"
|
||||||
"@types/range-parser" "*"
|
"@types/range-parser" "*"
|
||||||
|
|
||||||
"@types/express-session@^1.15.5":
|
"@types/express-session@^1.15.5", "@types/express-session@^1.17.4":
|
||||||
version "1.17.4"
|
version "1.17.4"
|
||||||
resolved "https://registry.yarnpkg.com/@types/express-session/-/express-session-1.17.4.tgz#97a30a35e853a61bdd26e727453b8ed314d6166b"
|
resolved "https://registry.yarnpkg.com/@types/express-session/-/express-session-1.17.4.tgz#97a30a35e853a61bdd26e727453b8ed314d6166b"
|
||||||
integrity sha512-7cNlSI8+oOBUHTfPXMwDxF/Lchx5aJ3ho7+p9jJZYVg9dVDJFh3qdMXmJtRsysnvS+C6x46k9DRYmrmCkE+MVg==
|
integrity sha512-7cNlSI8+oOBUHTfPXMwDxF/Lchx5aJ3ho7+p9jJZYVg9dVDJFh3qdMXmJtRsysnvS+C6x46k9DRYmrmCkE+MVg==
|
||||||
|
@ -3175,7 +3175,7 @@ expect@^27.2.0:
|
||||||
jest-message-util "^27.2.0"
|
jest-message-util "^27.2.0"
|
||||||
jest-regex-util "^27.0.6"
|
jest-regex-util "^27.0.6"
|
||||||
|
|
||||||
express-session@^1.15.6:
|
express-session@1.17.2, express-session@^1.15.6:
|
||||||
version "1.17.2"
|
version "1.17.2"
|
||||||
resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.17.2.tgz#397020374f9bf7997f891b85ea338767b30d0efd"
|
resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.17.2.tgz#397020374f9bf7997f891b85ea338767b30d0efd"
|
||||||
integrity sha512-mPcYcLA0lvh7D4Oqr5aNJFMtBMKPLl++OKKxkHzZ0U0oDq1rpKBnkR5f5vCHR26VeArlTOEF9td4x5IjICksRQ==
|
integrity sha512-mPcYcLA0lvh7D4Oqr5aNJFMtBMKPLl++OKKxkHzZ0U0oDq1rpKBnkR5f5vCHR26VeArlTOEF9td4x5IjICksRQ==
|
||||||
|
|
Loading…
Reference in a new issue