mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-14 23:24:46 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

auth: Fix UnauthorizedException throwing

Browse source 
Move conversion of Errors from AuthService to TokenStrategy.
This is necessary to correctly test the validateToken method.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2021-01-29 22:00:47 +01:00 committed by David Mehren
parent 46b5cdfb47
commit aa10e10412
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
2 changed files with 25 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/auth/auth.service.ts
View file

@ -4,7 +4,7 @@
* SPDX-License-Identifier: AGPL-3.0-only * SPDX-License-Identifier: AGPL-3.0-only
*/ */
import { Injectable, UnauthorizedException } from '@nestjs/common'; import { Injectable } from '@nestjs/common';
import { UsersService } from '../users/users.service'; import { UsersService } from '../users/users.service';
import { User } from '../users/user.entity'; import { User } from '../users/user.entity';
import { AuthToken } from './auth-token.entity'; import { AuthToken } from './auth-token.entity';
@ -35,7 +35,6 @@ export class AuthService {
} }
async validateToken(token: string): Promise<User> { async validateToken(token: string): Promise<User> {
try {
const [keyId, secret] = token.split('.'); const [keyId, secret] = token.split('.');
if (secret.length > 72) { if (secret.length > 72) {
// Only the first 72 characters of the tokens are considered by bcrypt // Only the first 72 characters of the tokens are considered by bcrypt
@ -48,15 +47,6 @@ export class AuthService {
const accessToken = await this.getAuthTokenAndValidate(keyId, secret); const accessToken = await this.getAuthTokenAndValidate(keyId, secret);
await this.setLastUsedToken(keyId); await this.setLastUsedToken(keyId);
return this.usersService.getUserByUsername(accessToken.user.userName); return this.usersService.getUserByUsername(accessToken.user.userName);
} catch (error) {
if (
error instanceof NotInDBError ||
error instanceof TokenNotValidError
) {
throw new UnauthorizedException(error.message);
}
throw error;
}
} }
async hashPassword(cleartext: string): Promise<string> { async hashPassword(cleartext: string): Promise<string> {

15
src/auth/token.strategy.ts
View file

@ -6,9 +6,10 @@
import { Strategy } from 'passport-http-bearer'; import { Strategy } from 'passport-http-bearer';
import { PassportStrategy } from '@nestjs/passport'; import { PassportStrategy } from '@nestjs/passport';
import { Injectable } from '@nestjs/common'; import { Injectable, UnauthorizedException } from '@nestjs/common';
import { AuthService } from './auth.service'; import { AuthService } from './auth.service';
import { User } from '../users/user.entity'; import { User } from '../users/user.entity';
import { NotInDBError, TokenNotValidError } from '../errors/errors';
@Injectable() @Injectable()
export class TokenStrategy extends PassportStrategy(Strategy, 'token') { export class TokenStrategy extends PassportStrategy(Strategy, 'token') {
@ -17,6 +18,16 @@ export class TokenStrategy extends PassportStrategy(Strategy, 'token') {
} }
async validate(token: string): Promise<User> { async validate(token: string): Promise<User> {
return this.authService.validateToken(token); try {
return await this.authService.validateToken(token);
} catch (error) {
if (
error instanceof NotInDBError ||
error instanceof TokenNotValidError
) {
throw new UnauthorizedException(error.message);
}
throw error;
}
} }
} }