alerte-secours/as-services
3
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: alerte-secours:306a9faa636dc6460a676a85a3c36cc990b5983a
Branches Tags
alerte-secours:main
..
compare: alerte-secours:35bbdf44b44b0647ce4b5bd2e382ea3ed339befd
Branches Tags
alerte-secours:main

No commits in common. "306a9faa636dc6460a676a85a3c36cc990b5983a" and "35bbdf44b44b0647ce4b5bd2e382ea3ed339befd" have entirely different histories.
306a9faa63 ... 35bbdf44b4

1 changed files with 20 additions and 11 deletions
Show stats Expand all files Collapse all files

15
libs/common/oapi/services/auth.js
View file

@ -47,19 +47,28 @@ module.exports = function () {
{ error: err }, { error: err },
"Allowing expired JWT for meta.auth-token scope" "Allowing expired JWT for meta.auth-token scope"
) )
// Continue processing with expired JWT
} else {
logger.error({ error: err }, "jwVerify failed")
return false
}
}
// For meta.auth-token scope, check for X-Auth-Token header
if (hasMetaAuthToken) {
const req = reqCtx.get("req") const req = reqCtx.get("req")
console.log("req?.headers", req?.headers)
const authTokenHeader = req?.headers?.["x-auth-token"] const authTokenHeader = req?.headers?.["x-auth-token"]
if (!authTokenHeader) { if (!authTokenHeader) {
return false return false
} }
// Create a session that indicates auth token processing is needed // Create a session that indicates auth token processing is needed
const session = { isAuthTokenRequest: true, authToken: authTokenHeader } const session = { isAuthTokenRequest: true, authToken: authTokenHeader }
reqCtx.set("session", session) reqCtx.set("session", session)
return true return true
} }
logger.error({ error: err }, "jwVerify failed")
return false
}
// Regular user JWT processing // Regular user JWT processing
const claims = getHasuraClaimsFromJWT(jwt, claimsNamespace) const claims = getHasuraClaimsFromJWT(jwt, claimsNamespace)