parcelvoy/platform
1
0
Fork 0
mirror of https://fast.feibisi.com/https://github.com/parcelvoy/platform.git synced 2025-09-04 12:56:14 +08:00
Code Issues Projects Packages Wiki Activity Actions 2

check revoked table for token

Browse source
This commit is contained in:
Chris Hills 2022-11-18 21:34:23 -06:00
parent faf58bf2e6
commit dffe680e04
2 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/auth/AuthMiddleware.ts
View file

@ -6,7 +6,7 @@ import Project from '../projects/Project'
import { ProjectApiKey } from '../projects/ProjectApiKey'
import { getProjectApiKey } from '../projects/ProjectService'
import AuthError from './AuthError'
import { OAuthResponse } from './TokenRepository'
import { isAccessTokenRevoked, OAuthResponse } from './TokenRepository'
export interface JwtAdmin {
id: number
@ -46,10 +46,14 @@ const parseAuth = async (ctx: Context) => {
key: await getProjectApiKey(token),
}
} else {
const admin = await verify(token) as JwtAdmin
if (await isAccessTokenRevoked(token)) {
throw new RequestError(AuthError.AccessDenied)
}
// user jwt
return {
scope: 'admin',
admin: await verify(token) as JwtAdmin,
admin,
}
}
}

4
src/auth/TokenRepository.ts
View file

@ -10,6 +10,10 @@ export interface OAuthResponse {
expires_at: Date
}
export async function isAccessTokenRevoked(token: string) {
return (await RevokedAccessToken.count(qb => qb.where({ token }))) === 0
}
export async function revokeAccessToken(token: string, expires_at: Date) {
await RevokedAccessToken.insert({ token, expires_at })
}