You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
39 lines
1.2 KiB
39 lines
1.2 KiB
import {HTTPError, Middleware} from '@extollo/lib'
|
|
import {Injectable} from '@extollo/di'
|
|
import {AccessToken} from '../../../models/AccessToken.model'
|
|
import {HTTPStatus} from '@extollo/util'
|
|
import {User} from '../../../models/User.model'
|
|
|
|
/**
|
|
* ValidateAccessToken Middleware
|
|
*/
|
|
@Injectable()
|
|
export class ValidateAccessToken extends Middleware {
|
|
public async apply() {
|
|
const tokenValue = this.request.getHeader('X-Hyperlink-Access-Token')
|
|
|| this.request.input('x_hyperlink_access_token')
|
|
|
|
if ( !tokenValue ) {
|
|
throw new HTTPError(HTTPStatus.FORBIDDEN, 'Missing access token.')
|
|
}
|
|
|
|
const token = await AccessToken.query<AccessToken>()
|
|
.where('active', '=', true)
|
|
.where('token', '=', tokenValue)
|
|
.first()
|
|
|
|
if ( !token ) {
|
|
throw new HTTPError(HTTPStatus.FORBIDDEN, 'Invalid access token.')
|
|
}
|
|
|
|
const user = await token.user()
|
|
if ( !user ) {
|
|
throw new HTTPError(HTTPStatus.FORBIDDEN, 'Invalid access token.')
|
|
}
|
|
|
|
if ( !this.request.hasKey(User) ) {
|
|
this.request.registerSingletonInstance<User>(User, user)
|
|
}
|
|
}
|
|
}
|