alerte-secours/as-services
3
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: wip
All checks were successful
/ build (map[dockerfile:./services/app/Dockerfile name:app]) (push) Successful in 1m32s
Details
/ build (map[dockerfile:./services/files/Dockerfile name:files]) (push) Successful in 3m1s
Details
/ build (map[dockerfile:./services/tasks/Dockerfile name:tasks]) (push) Successful in 3m2s
Details
/ build (map[dockerfile:./services/web/Dockerfile name:web]) (push) Successful in 3m6s
Details
/ build (map[dockerfile:./services/api/Dockerfile name:api]) (push) Successful in 3m5s
Details
/ build (map[dockerfile:./services/hasura/Dockerfile name:hasura]) (push) Successful in 2m47s
Details
/ build (map[dockerfile:./services/watchers/Dockerfile name:watchers]) (push) Successful in 3m10s
Details
/ deploy (push) Successful in 30s
Details

Browse source
This commit is contained in:
devthejo 2025-06-30 17:18:31 +02:00
parent 84be7527f2
commit 306a9faa63
1 changed files with 11 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
libs/common/oapi/services/auth.js
View file

@ -47,27 +47,19 @@ module.exports = function () {
{ error: err }, { error: err },
"Allowing expired JWT for meta.auth-token scope" "Allowing expired JWT for meta.auth-token scope"
) )
// Continue processing with expired JWT
} else {
logger.error({ error: err }, "jwVerify failed")
return false
}
}
// For meta.auth-token scope, check for X-Auth-Token header
if (hasMetaAuthToken) {
const req = reqCtx.get("req") const req = reqCtx.get("req")
const authTokenHeader = req?.headers?.["x-auth-token"] const authTokenHeader = req?.headers?.["x-auth-token"]
if (!authTokenHeader) { if (!authTokenHeader) {
return false return false
} }
// Create a session that indicates auth token processing is needed // Create a session that indicates auth token processing is needed
const session = { isAuthTokenRequest: true, authToken: authTokenHeader } const session = { isAuthTokenRequest: true, authToken: authTokenHeader }
reqCtx.set("session", session) reqCtx.set("session", session)
return true return true
} }
logger.error({ error: err }, "jwVerify failed")
return false
}
// Regular user JWT processing // Regular user JWT processing
const claims = getHasuraClaimsFromJWT(jwt, claimsNamespace) const claims = getHasuraClaimsFromJWT(jwt, claimsNamespace)