X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=src%2Fservice.js;h=d493f8affdf83f3585973ad380c3f9a5ab8caa48;hb=521cc1bdbbb395aed21647841ae186ab9aeb4798;hp=1d9b8a0922af1b8699e7232fd078b5f244a66f8e;hpb=d0444b4b0ee8166d911e6b227218d110eb7eddf1;p=websub-hub diff --git a/src/service.js b/src/service.js index 1d9b8a0..d493f8a 100644 --- a/src/service.js +++ b/src/service.js @@ -9,8 +9,7 @@ const { Dingus } = require('@squeep/api-dingus'); const common = require('./common'); const Enum = require('./enum'); const Manager = require('./manager'); -const SessionManager = require('./session-manager'); -const Authenticator = require('./authenticator'); +const { Authenticator, SessionManager } = require('@squeep/authentication-module'); const path = require('path'); const _fileScope = common.fileScope(__filename); @@ -102,6 +101,8 @@ class Service extends Dingus { this.setResponseType(responseTypes, req, res, ctx); + await this.authenticator.sessionOptional(req, res, ctx, this.loginPath); + await this.manager.getRoot(req, res, ctx); } @@ -155,7 +156,7 @@ class Service extends Dingus { this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.required(req, res, ctx, this.loginPath); + await this.authenticator.sessionRequired(req, res, ctx, this.loginPath); await this.manager.getAdminOverview(res, ctx); } @@ -174,15 +175,16 @@ class Service extends Dingus { this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.required(req, res, ctx, this.loginPath); + await this.authenticator.sessionRequired(req, res, ctx, this.loginPath); await this.manager.getTopicDetails(res, ctx); } /** - * Same as super.ingestBody, but if no body was sent, do not parse (and + * Similar to super.ingestBody, but if no body was sent, do not parse (and * thus avoid possible unsupported media type error). + * Also removes raw body from context, to simplify scrubbing sensitive data from logs. * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx @@ -192,6 +194,7 @@ class Service extends Dingus { const contentType = Dingus.getRequestContentType(req); if (ctx.rawBody) { this.parseBody(contentType, ctx); + delete ctx.rawBody; } } @@ -207,7 +210,7 @@ class Service extends Dingus { this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.requiredLocal(req, res, ctx, this.loginPath); + await this.authenticator.apiRequiredLocal(req, res, ctx); await this.maybeIngestBody(req, res, ctx); ctx.method = req.method; @@ -226,7 +229,7 @@ class Service extends Dingus { this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.requiredLocal(req, res, ctx, this.loginPath); + await this.authenticator.apiRequiredLocal(req, res, ctx); await this.maybeIngestBody(req, res, ctx); ctx.method = req.method; @@ -245,13 +248,14 @@ class Service extends Dingus { this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.requiredLocal(req, res, ctx, this.loginPath); + await this.authenticator.apiRequiredLocal(req, res, ctx); await this.manager.processTasks(res, ctx); } /** + * Delegate login to authentication module. * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx @@ -269,6 +273,7 @@ class Service extends Dingus { /** + * Delegate login to authentication module. * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx @@ -279,6 +284,8 @@ class Service extends Dingus { this.setResponseType(this.responseTypes, req, res, ctx); + await this.authenticator.sessionOptionalLocal(req, res, ctx); + await this.maybeIngestBody(req, res, ctx); await this.sessionManager.postAdminLogin(res, ctx); @@ -286,6 +293,7 @@ class Service extends Dingus { /** + * Delegate login to authentication module. * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx @@ -296,11 +304,14 @@ class Service extends Dingus { this.setResponseType(this.responseTypes, req, res, ctx); + await this.authenticator.sessionOptionalLocal(req, res, ctx); + await this.sessionManager.getAdminLogout(res, ctx); } /** + * Delegate login to authentication module. * @param {http.ClientRequest} req * @param {http.ServerResponse} res * @param {Object} ctx