New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@brainhubeu/hadron-auth
Advanced tools
@brainhubeu/hadron-auth - npm Package Compare versions
Comparing version 0.0.1 to 0.0.2
@@ -78,2 +78,5 @@ "use strict"; | ||
| exports.register = (container, config) => { | ||
| if (config.authSecret) { | ||
| container.register('authSecret', config.authSecret); | ||
| } | ||
| routes = exports.initRoutes(config.securedRoutes || []); | ||
@@ -91,3 +94,7 @@ const server = container.take('server'); | ||
| }; | ||
| exports.isRouteNotSecure = (path) => exports.getRouteFromPath(path, routes) === null; | ||
| exports.isRouteNotSecure = (path) => { | ||
| console.warn("HadronAuth: isRouteNotSecure is being deprecated. Use isRouteSecure instead."); | ||
| return exports.getRouteFromPath(path, routes) === null; | ||
| }; | ||
| exports.isRouteSecure = (path) => exports.getRouteFromPath(path, routes) !== null; | ||
| exports.isAllowed = (path, allowedMethod, user, allRoles) => { | ||
@@ -94,0 +101,0 @@ try { |
@@ -19,3 +19,3 @@ "use strict"; | ||
| try { | ||
| if (HadronAuth_1.isRouteNotSecure(req.path)) { | ||
| if (!HadronAuth_1.isRouteSecure(req.path)) { | ||
| return next(); | ||
@@ -25,10 +25,11 @@ } | ||
| const roleRepository = container.take('roleRepository'); | ||
| const token = req.headers.authorization; | ||
| const decoded = jwt.decode(token); | ||
| const token = req.headers.authorization.split(' ')[1]; | ||
| const secret = container.take('authSecret'); | ||
| const id = jwt.verify(token, secret); | ||
| const user = yield userRepository.findOne({ | ||
| where: { id: decoded.id }, | ||
| where: { id }, | ||
| relations: ['roles'], | ||
| }); | ||
| if (!user) { | ||
| return res.status(403).json({ error: errorResponse }); | ||
| return res.status(401).json({ error: errorResponse }); | ||
| } | ||
@@ -41,6 +42,6 @@ const allRoles = yield roleRepository.find(); | ||
| } | ||
| return res.status(403).json({ error: errorResponse }); | ||
| return res.status(401).json({ error: errorResponse }); | ||
| } | ||
| catch (error) { | ||
| return res.status(403).json({ error: errorResponse }); | ||
| return res.status(401).json({ error: errorResponse }); | ||
| } | ||
@@ -47,0 +48,0 @@ }); |
| { | ||
| "name": "@brainhubeu/hadron-auth", | ||
| "version": "0.0.1", | ||
| "version": "0.0.2", | ||
| "description": "Security package for hadron", | ||
@@ -5,0 +5,0 @@ "main": "dist/index.js", |
@@ -226,3 +226,3 @@ ## Installation | ||
| const jwt = require('jsonwebtoken'); | ||
| const { isRouteNotSecure, isAllowed } = require('@brainhubeu/hadron-auth'); | ||
| const { isRouteSecure, isAllowed } = require('@brainhubeu/hadron-auth'); | ||
@@ -236,3 +236,3 @@ const errorResponse = { | ||
| try { | ||
| if (isRouteNotSecure(req.path)) { | ||
| if (!isRouteSecure(req.path)) { | ||
| return next(); | ||
@@ -239,0 +239,0 @@ } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
74012
1.47%- Lines of code
559
1.45%No dependency changes