macchiato
/
server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add storage handler and guard auth

Browse Source
shared-server
bat 3 years ago
parent 939fb83119
commit 57eea2e79f
3 changed files with 94 additions and 8 deletions
Show Stats Download Patch File Download Diff File

61
auth.js
Unescape Escape View File

@ -66,6 +66,13 @@ export class Auth {
)
}
get userinfoEndpoint() {
return (
this.giteaAppBaseUrl +
'/login/oauth/userinfo'
)
}
async getToken(code) {
const resp = await fetch(this.tokenEndpoint, {
method: 'POST',
@ -140,7 +147,7 @@ export class Auth {
grant_type: 'refresh_token',
})
})
return await resp.json()
return resp.ok
}
async refresh(event) {
@ -148,7 +155,8 @@ export class Auth {
const cookies = cookie.getCookies(
event.request.headers
)
const data = await this.refreshToken(body)
const token = cookies['oauth.gitea.refreshToken']
const data = await this.refreshToken(token)
this.saveTokens(headers, data)
event.respondWith(
new Response(JSON.stringify({}), {headers})
@ -170,4 +178,53 @@ export class Auth {
))
}
}
async userInfo(token) {
const resp = await fetch(this.userinfoEndpoint, {
method: 'GET',
headers: {
Accept: 'application/json',
'Content-Type': 'application/json',
Authorization: `Bearer ${token}`,
},
})
return {
resp,
json: await resp.json()
}
}
async requireAuth(event) {
const headers = new Headers()
const cookies = cookie.getCookies(
event.request.headers
)
const token = cookies['oauth.gitea.accessToken']
if (!token) {
event.respondWith(Response.json(
{error: 'Token missing'}, {status: 401}
))
return
}
const {resp, json} = await this.userInfo(token)
if (!resp.ok) {
const refresh = cookies['oauth.gitea.refreshToken']
if (refresh) {
const data = await this.refreshToken(token)
this.saveTokens(headers, data)
const token = data.access_token
if (token) {
const {resp, json} = await this.userInfo(token)
return {
allow: resp.ok,
headers,
}
}
}
}
return {
allow: resp.ok,
headers,
}
}
}

34
server.js
Unescape Escape View File

@ -1,5 +1,6 @@
import { Auth } from "./auth.js"
import { Frontend } from "./frontend.js"
import { Storage } from "./storage.js"
export class Server {
async getEnv(variables) {
@ -61,6 +62,7 @@ export class Server {
appBaseUrl: this.giteaAppBaseUrl,
apiBaseUrl: this.giteaApiBaseUrl,
})
this.storage = new Storage()
await Promise.all([
...([
'loader',
@ -74,14 +76,26 @@ export class Server {
].map(repo => (
server.frontend.loadRepo(
'macchiato',
repo,
{srcPath: [], destPath: [repo]}
repo.split('#')[0],
{
srcPath: [],
destPath: [repo],
...(
repo.includes('#') ?
{ref: repo.split('#')[1]} :
{}
),
}
)
))),
server.frontend.loadRepo(
'macchiato',
'pages',
{srcPath: [], destPath: []}
{
srcPath: [],
destPath: [],
ref: 'shared-server',
},
),
server.frontend.loadRepo(
'macchiato',
@ -89,7 +103,7 @@ export class Server {
{
srcPath: [],
destPath: ['server'],
ref: 'shared-server'
ref: 'shared-server',
}
),
])
@ -112,9 +126,17 @@ export class Server {
}
async serveRequest(event) {
const {pathname} = new URL(event.request.url)
if (pathname.startsWith(`${this.baseUrl}/api/auth`)) {
const {pathname: p} = new URL(event.request.url)
const base = this.baseUrl
if (p.startsWith(`${base}/api/auth`)) {
await this.auth.serve(event)
} else if (p.startsWith(`${base}/api/storage`)) {
const {allow, headers} = (
await this.auth.requireAuth(event)
)
if (allowed) {
await this.storage.serve(event, headers)
}
} else {
await this.frontend.serve(event)
}

7
storage.js
Unescape Escape View File

@ -0,0 +1,7 @@
export class Storage {
async serve(event) {
event.respondWith(new Response(
'Not Found', {status: 404}
))
}
}
Write Preview
Loading…
Cancel
Save