alerte-secours/as-services
3
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: wip
All checks were successful
/ build (map[dockerfile:./services/app/Dockerfile name:app]) (push) Successful in 1m3s
Details
/ build (map[dockerfile:./services/api/Dockerfile name:api]) (push) Successful in 2m19s
Details
/ build (map[dockerfile:./services/tasks/Dockerfile name:tasks]) (push) Successful in 2m11s
Details
/ build (map[dockerfile:./services/web/Dockerfile name:web]) (push) Successful in 2m8s
Details
/ build (map[dockerfile:./services/watchers/Dockerfile name:watchers]) (push) Successful in 2m15s
Details
/ deploy (push) Successful in 11s
Details
/ build (map[dockerfile:./services/files/Dockerfile name:files]) (push) Successful in 2m5s
Details
/ build (map[dockerfile:./services/hasura/Dockerfile name:hasura]) (push) Successful in 2m4s
Details

Browse source
This commit is contained in:
devthejo 2025-07-01 10:05:08 +02:00
parent 83b971890a
commit 02cb943a93
4 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
libs/common/oapi/services/auth.js
View file

@ -3,7 +3,7 @@ const getHasuraClaimsFromJWT = require("@modjo/hasura/utils/jwt/get-hasura-claim
const { ctx } = require("@modjo/core")
const { reqCtx } = require("@modjo/express/ctx")
module.exports = function () {
module.exports = function (services) {
const castIntVars = ["deviceId", "userId"]
function sessionVarsFromClaims(claims) {
const session = { ...claims }
@ -48,12 +48,14 @@ module.exports = function () {
"Allowing expired JWT for meta.auth-token scope"
)
const req = reqCtx.get("req")
const authTokenHeader = req?.headers?.["x-auth-token"]
if (!authTokenHeader) {
const authTokenJWT = req?.headers?.["x-auth-token"]
if (!authTokenJWT) {
return false
}
const authToken =
services.authTokenHandler.decodeAuthToken(authTokenJWT)
// Create a session that indicates auth token processing is needed
const session = { isAuthTokenRequest: true, authToken: authTokenHeader }
const session = { isAuthTokenRequest: true, authToken }
reqCtx.set("session", session)
return true
}

2
services/api/src/api/v1/operations/auth/login/token.patch.js
View file

@ -3,7 +3,7 @@ module.exports = async function ({ services: { authTokenHandler } }) {
const { authTokenJwt, phoneModel = null, deviceUuid = null } = req.body
// Validate the auth token JWT and extract the auth token
const authToken = authTokenHandler.validateAuthToken(authTokenJwt)
const authToken = authTokenHandler.decodeAuthToken(authTokenJwt)
// Get or create user session (userId, deviceId, roles)
const { userId, deviceId, roles } =

3
services/api/src/api/v1/operations/geoloc/sync.post.js
View file

@ -64,6 +64,9 @@ module.exports = function ({ services: { authTokenHandler } }) {
})
} catch (error) {
logger.error({ error: error.message }, "Failed to process auth token")
if (httpError.isHttpError(error)) {
throw error
}
throw httpError(401, "Invalid auth token")
}
} else if (session && session.userId && session.deviceId) {

4
services/api/src/api/v1/services/auth-token-handler.js
View file

@ -10,7 +10,7 @@ module.exports = ({ services }) => {
const { claimsNamespace, jwtExpirationInHours } = config
function validateAuthToken(authTokenJwt) {
function decodeAuthToken(authTokenJwt) {
try {
const { authToken } = jwtDecode(authTokenJwt)
return authToken
@ -162,7 +162,7 @@ module.exports = ({ services }) => {
}
return {
validateAuthToken,
decodeAuthToken,
getOrCreateUserSession,
generateUserJwt,
}