@flowfuse/nr-launcher
Advanced tools
Comparing version 2.1.2-3739f00-202402281119.0 to 2.1.2-6ff015e-202403131147.0
const crypto = require('crypto') | ||
const got = require('got') | ||
const session = require('express-session') | ||
@@ -10,2 +11,4 @@ const MemoryStore = require('memorystore')(session) | ||
let httpNodeApp | ||
let client | ||
const httpTokenCache = {} | ||
@@ -15,15 +18,51 @@ module.exports = { | ||
options = _options | ||
return (req, res, next) => { | ||
try { | ||
if (req.session.ffSession) { | ||
next() | ||
} else { | ||
req.session.redirectTo = req.originalUrl | ||
passport.authenticate('FlowFuse', { session: false })(req, res, next) | ||
return [ | ||
async (req, res, next) => { | ||
try { | ||
if (req.session.ffSession) { | ||
next() | ||
} else if (req.get('Authorization')?.startsWith('Bearer')) { | ||
// We should include the Project ID and the path along with the token | ||
// to be checked to allow scoping tokens | ||
const token = req.get('Authorization').split(' ')[1] | ||
const cacheHit = httpTokenCache[token] | ||
if (cacheHit) { | ||
const age = (Date.now() - cacheHit.age) / 1000 | ||
if (age < 300) { | ||
next() | ||
return | ||
} | ||
delete httpTokenCache[token] | ||
} | ||
const query = { | ||
path: req.path | ||
} | ||
try { | ||
await client.get(options.projectId, { | ||
headers: { | ||
authorization: `Bearer ${token}` | ||
}, | ||
searchParams: query | ||
}) | ||
httpTokenCache[token] = { age: Date.now() } | ||
next() | ||
} catch (err) { | ||
// console.log(err) | ||
const error = new Error('Failed to check token') | ||
error.status = 401 | ||
next(error) | ||
} | ||
} else { | ||
req.session.redirectTo = req.originalUrl | ||
passport.authenticate('FlowFuse', { session: false })(req, res, next) | ||
} | ||
} catch (err) { | ||
console.log(err.stack) | ||
throw err | ||
} | ||
} catch (err) { | ||
console.log(err.stack) | ||
throw err | ||
}, | ||
(err, req, res, next) => { | ||
res.status(err.status).send() | ||
} | ||
} | ||
] | ||
}, | ||
@@ -94,3 +133,14 @@ | ||
}) | ||
// need to decide on the path here | ||
client = got.extend({ | ||
prefixUrl: `${options.forgeURL}/account/check/http`, | ||
headers: { | ||
'user-agent': 'FlowFuse HTTP Node Auth' | ||
}, | ||
timeout: { | ||
request: 500 | ||
} | ||
}) | ||
} | ||
} |
@@ -47,3 +47,4 @@ function getSettingsFile (settings) { | ||
clientID: '${settings.clientID}', | ||
clientSecret: '${settings.clientSecret}' | ||
clientSecret: '${settings.clientSecret}', | ||
projectId: '${settings.projectID}' | ||
})` | ||
@@ -50,0 +51,0 @@ projectSettings.httpNodeMiddleware = 'httpNodeMiddleware: flowforgeAuthMiddleware,' |
{ | ||
"name": "@flowfuse/nr-launcher", | ||
"version": "2.1.2-3739f00-202402281119.0", | ||
"version": "2.1.2-6ff015e-202403131147.0", | ||
"description": "FlowFuse Launcher for running Node-RED", | ||
@@ -5,0 +5,0 @@ "exports": { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
550952
3230