Sharkey/src/api/authenticate.ts

import * as express from 'express';
import App from './models/app';
import User from './models/user';
import AccessToken from './models/access-token';
import isNativeToken from './common/is-native-token';

export interface IAuthContext {
	/**
	 * App which requested
	 */
	app: any;

	/**
	 * Authenticated user
	 */
	user: any;

	/**
	 * Weather if the request is via the (Misskey Web Client or user direct) or not
	 */
	isSecure: boolean;
}

export default (req: express.Request) => new Promise<IAuthContext>(async (resolve, reject) => {
	const token = req.body['i'] || req.body['_userkey']; // そのうち_userkeyは削除

	if (token == null) {
		return resolve({ app: null, user: null, isSecure: false });
	}

	if (isNativeToken(token)) {
		const user = await User
			.findOne({ token: token });

		if (user === null) {
			return reject('user not found');
		}

		return resolve({
			app: null,
			user: user,
			isSecure: true
		});
	} else {
		const accessToken = await AccessToken.findOne({
			hash: token
		});

		if (accessToken === null) {
			return reject('invalid signature');
		}

		const app = await App
			.findOne({ _id: accessToken.app_id });

		const user = await User
			.findOne({ _id: accessToken.user_id });

		return resolve({ app: app, user: user, isSecure: false });
	}
});
Initial commit :four_leaf_clover: 2016-12-29 00:49:51 +02:00			`import * as express from 'express';`
			`import App from './models/app';`
			`import User from './models/user';`
Refactor: Rename userkey --> access-token 2017-01-06 05:09:57 +02:00			`import AccessToken from './models/access-token';`
Refactor: Extract isNativeToken method 2017-01-06 04:07:42 +02:00			`import isNativeToken from './common/is-native-token';`
Initial commit :four_leaf_clover: 2016-12-29 00:49:51 +02:00
			`export interface IAuthContext {`
			`/**`
			`* App which requested`
			`*/`
			`app: any;`

			`/**`
			`* Authenticated user`
			`*/`
			`user: any;`

			`/**`
			`* Weather if the request is via the (Misskey Web Client or user direct) or not`
			`*/`
			`isSecure: boolean;`
			`}`

アクセストークンは i に統一トークンの先頭に ! がプリフィックスされているかどうかでユーザー固有のトークンかどうか判別する 2017-01-05 18:28:16 +02:00			`export default (req: express.Request) => new Promise<IAuthContext>(async (resolve, reject) => {`
			`const token = req.body['i'] \|\| req.body['_userkey']; // そのうち_userkeyは削除`

			`if (token == null) {`
			`return resolve({ app: null, user: null, isSecure: false });`
			`}`

Refactor: Extract isNativeToken method 2017-01-06 04:07:42 +02:00			`if (isNativeToken(token)) {`
Initial commit :four_leaf_clover: 2016-12-29 00:49:51 +02:00			`const user = await User`
			`.findOne({ token: token });`

			`if (user === null) {`
			`return reject('user not found');`
			`}`

			`return resolve({`
			`app: null,`
			`user: user,`
			`isSecure: true`
			`});`
アクセストークンは i に統一トークンの先頭に ! がプリフィックスされているかどうかでユーザー固有のトークンかどうか判別する 2017-01-05 18:28:16 +02:00			`} else {`
Refactor: Rename userkey --> access-token 2017-01-06 05:09:57 +02:00			`const accessToken = await AccessToken.findOne({`
[BREAKING CHANGE] Improve security 2017-01-06 04:50:46 +02:00			`hash: token`
Initial commit :four_leaf_clover: 2016-12-29 00:49:51 +02:00			`});`

Refactor: Rename userkey --> access-token 2017-01-06 05:09:57 +02:00			`if (accessToken === null) {`
[API] Improve: Better error message 2017-01-06 05:30:35 +02:00			`return reject('invalid signature');`
Initial commit :four_leaf_clover: 2016-12-29 00:49:51 +02:00			`}`

			`const app = await App`
Refactor: Rename userkey --> access-token 2017-01-06 05:09:57 +02:00			`.findOne({ _id: accessToken.app_id });`
Initial commit :four_leaf_clover: 2016-12-29 00:49:51 +02:00
			`const user = await User`
Refactor: Rename userkey --> access-token 2017-01-06 05:09:57 +02:00			`.findOne({ _id: accessToken.user_id });`
Initial commit :four_leaf_clover: 2016-12-29 00:49:51 +02:00
			`return resolve({ app: app, user: user, isSecure: false });`
			`}`
			`});`