mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2025-05-19 17:55:17 -04:00
4bd49085c6
Co-authored-by: Philip Molares <philip.molares@udo.edu> Signed-off-by: Philip Molares <philip.molares@udo.edu> Signed-off-by: Erik Michelson <github@erik.michelson.eu>
42 lines
1.4 KiB
TypeScript
42 lines
1.4 KiB
TypeScript
/*
|
|
* SPDX-FileCopyrightText: 2025 The HedgeDoc developers (see AUTHORS file)
|
|
*
|
|
* SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
import {
|
|
CanActivate,
|
|
ExecutionContext,
|
|
Injectable,
|
|
UnauthorizedException,
|
|
} from '@nestjs/common';
|
|
|
|
import { CompleteRequest } from '../api/utils/request.type';
|
|
import { ConsoleLoggerService } from '../logger/console-logger.service';
|
|
|
|
/**
|
|
* This guard checks if a session is present.
|
|
*
|
|
* If there is a username in `request.session.username` it will try to get this user from the database and put it into `request.user`. See {@link RequestUser}.
|
|
* If there is no `request.session.username`, but any PermissionLevel is configured, `request.session.authProvider` is set to `guest` to indicate a guest user.
|
|
*
|
|
* @throws UnauthorizedException
|
|
*/
|
|
@Injectable()
|
|
export class SessionGuard implements CanActivate {
|
|
constructor(private readonly logger: ConsoleLoggerService) {
|
|
this.logger.setContext(SessionGuard.name);
|
|
}
|
|
|
|
canActivate(context: ExecutionContext): boolean {
|
|
const request: CompleteRequest = context.switchToHttp().getRequest();
|
|
const userId = request.session?.userId;
|
|
const authProviderType = request.session?.authProviderType;
|
|
if (!userId || !authProviderType) {
|
|
this.logger.debug('The user has no session.');
|
|
throw new UnauthorizedException("You're not logged in");
|
|
}
|
|
request.userId = userId;
|
|
request.authProviderType = authProviderType;
|
|
return true;
|
|
}
|
|
}
|