KevinMidboe/immich
1
0
Fork 0
mirror of https://github.com/KevinMidboe/immich.git synced 2025-10-29 17:40:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(server): auth guard (#1472)

Browse Source 
* refactor: auth guard

* chore: move auth guard to middleware

* chore: tests

* chore: remove unused code

* fix: migration to uuid without dataloss

* chore: e2e tests

* chore: removed unused guards
This commit is contained in:
Jason Rasmussen
2023-01-31 13:11:49 -05:00
committed by GitHub
parent 68af4cd5ba
commit d2a9363fc5
40 changed files with 331 additions and 505 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
server/libs/domain/src/api-key/api-key.core.ts Normal file
View File

@@ -0,0 +1,27 @@
import { Injectable, UnauthorizedException } from '@nestjs/common';
import { AuthUserDto } from '../auth';
import { ICryptoRepository } from '../crypto';
import { IKeyRepository } from './api-key.repository';
@Injectable()
export class APIKeyCore {
constructor(private crypto: ICryptoRepository, private repository: IKeyRepository) {}
async validate(token: string): Promise<AuthUserDto | null> {
const hashedToken = this.crypto.hashSha256(token);
const keyEntity = await this.repository.getKey(hashedToken);
if (keyEntity?.user) {
const user = keyEntity.user;
return {
id: user.id,
email: user.email,
isAdmin: user.isAdmin,
isPublicUser: false,
isAllowUpload: true,
};
}
throw new UnauthorizedException('Invalid API key');
}
}

47
server/libs/domain/src/api-key/api-key.service.spec.ts
View File

@@ -1,20 +1,9 @@
import { APIKeyEntity } from '@app/infra/db/entities';
import { BadRequestException } from '@nestjs/common';
import { authStub, userEntityStub, newCryptoRepositoryMock, newKeyRepositoryMock } from '../../test';
import { ICryptoRepository } from '../auth';
import { authStub, keyStub, newCryptoRepositoryMock, newKeyRepositoryMock } from '../../test';
import { ICryptoRepository } from '../crypto';
import { IKeyRepository } from './api-key.repository';
import { APIKeyService } from './api-key.service';
const adminKey = Object.freeze({
id: 1,
name: 'My Key',
key: 'my-api-key (hashed)',
userId: authStub.admin.id,
user: userEntityStub.admin,
} as APIKeyEntity);
const token = Buffer.from('my-api-key', 'utf8').toString('base64');
describe(APIKeyService.name, () => {
let sut: APIKeyService;
let keyMock: jest.Mocked<IKeyRepository>;
@@ -28,10 +17,8 @@ describe(APIKeyService.name, () => {
describe('create', () => {
it('should create a new key', async () => {
keyMock.create.mockResolvedValue(adminKey);
keyMock.create.mockResolvedValue(keyStub.admin);
await sut.create(authStub.admin, { name: 'Test Key' });
expect(keyMock.create).toHaveBeenCalledWith({
key: 'cmFuZG9tLWJ5dGVz (hashed)',
name: 'Test Key',
@@ -42,7 +29,7 @@ describe(APIKeyService.name, () => {
});
it('should not require a name', async () => {
keyMock.create.mockResolvedValue(adminKey);
keyMock.create.mockResolvedValue(keyStub.admin);
await sut.create(authStub.admin, {});
@@ -66,7 +53,7 @@ describe(APIKeyService.name, () => {
});
it('should update a key', async () => {
keyMock.getById.mockResolvedValue(adminKey);
keyMock.getById.mockResolvedValue(keyStub.admin);
await sut.update(authStub.admin, 1, { name: 'New Name' });
@@ -84,7 +71,7 @@ describe(APIKeyService.name, () => {
});
it('should delete a key', async () => {
keyMock.getById.mockResolvedValue(adminKey);
keyMock.getById.mockResolvedValue(keyStub.admin);
await sut.delete(authStub.admin, 1);
@@ -102,7 +89,7 @@ describe(APIKeyService.name, () => {
});
it('should get a key by id', async () => {
keyMock.getById.mockResolvedValue(adminKey);
keyMock.getById.mockResolvedValue(keyStub.admin);
await sut.getById(authStub.admin, 1);
@@ -112,29 +99,11 @@ describe(APIKeyService.name, () => {
describe('getAll', () => {
it('should return all the keys for a user', async () => {
keyMock.getByUserId.mockResolvedValue([adminKey]);
keyMock.getByUserId.mockResolvedValue([keyStub.admin]);
await expect(sut.getAll(authStub.admin)).resolves.toHaveLength(1);
expect(keyMock.getByUserId).toHaveBeenCalledWith(authStub.admin.id);
});
});
describe('validate', () => {
it('should throw an error for an invalid id', async () => {
keyMock.getKey.mockResolvedValue(null);
await expect(sut.validate(token)).resolves.toBeNull();
expect(keyMock.getKey).toHaveBeenCalledWith('bXktYXBpLWtleQ== (hashed)');
});
it('should validate the token', async () => {
keyMock.getKey.mockResolvedValue(adminKey);
await expect(sut.validate(token)).resolves.toEqual(authStub.admin);
expect(keyMock.getKey).toHaveBeenCalledWith('bXktYXBpLWtleQ== (hashed)');
});
});
});

21
server/libs/domain/src/api-key/api-key.service.ts
View File

@@ -1,5 +1,6 @@
import { BadRequestException, Inject, Injectable } from '@nestjs/common';
import { AuthUserDto, ICryptoRepository } from '../auth';
import { AuthUserDto } from '../auth';
import { ICryptoRepository } from '../crypto';
import { IKeyRepository } from './api-key.repository';
import { APIKeyCreateDto } from './dto/api-key-create.dto';
import { APIKeyCreateResponseDto } from './response-dto/api-key-create-response.dto';
@@ -55,22 +56,4 @@ export class APIKeyService {
const keys = await this.repository.getByUserId(authUser.id);
return keys.map(mapKey);
}
async validate(token: string): Promise<AuthUserDto | null> {
const hashedToken = this.crypto.hashSha256(token);
const keyEntity = await this.repository.getKey(hashedToken);
if (keyEntity?.user) {
const user = keyEntity.user;
return {
id: user.id,
email: user.email,
isAdmin: user.isAdmin,
isPublicUser: false,
isAllowUpload: true,
};
}
return null;
}
}