refs #6264 feat: remove validateToken endpoint
gitea/salix/pipeline/head There was a failure building this commit
Details
gitea/salix/pipeline/head There was a failure building this commit
Details
This commit is contained in:
parent
d44cdcbd13
commit
d364a50ec4
|
|
@ -29,7 +29,7 @@ module.exports = Self => {
|
||||||
const {accessToken: token} = ctx.req;
|
const {accessToken: token} = ctx.req;
|
||||||
|
|
||||||
// Check if current token is valid
|
// Check if current token is valid
|
||||||
const isValid = await Self.validateToken(token);
|
const isValid = await validateToken(token);
|
||||||
if (isValid) throw new UserError(`The renew period has not been exceeded`, 'periodNotExceeded');
|
if (isValid) throw new UserError(`The renew period has not been exceeded`, 'periodNotExceeded');
|
||||||
|
|
||||||
const {courtesyTime} = await models.AccessTokenConfig.findOne({fields: ['courtesyTime']});
|
const {courtesyTime} = await models.AccessTokenConfig.findOne({fields: ['courtesyTime']});
|
||||||
|
|
@ -43,4 +43,14 @@ module.exports = Self => {
|
||||||
|
|
||||||
return {id: accessToken.id, ttl: accessToken.ttl};
|
return {id: accessToken.id, ttl: accessToken.ttl};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
async function validateToken(token) {
|
||||||
|
const accessTokenConfig = await models.AccessTokenConfig.findOne({fields: ['renewPeriod', 'courtesyTime']});
|
||||||
|
const now = Date.now();
|
||||||
|
const differenceMilliseconds = now - token.created;
|
||||||
|
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
|
||||||
|
const isValid = differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime;
|
||||||
|
|
||||||
|
return isValid;
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -1,43 +0,0 @@
|
||||||
const {models} = require('vn-loopback/server/server');
|
|
||||||
|
|
||||||
describe('Validate Token', () => {
|
|
||||||
const startingTime = Date.now();
|
|
||||||
let ctx = null;
|
|
||||||
beforeAll(async() => {
|
|
||||||
const unAuthCtx = {
|
|
||||||
req: {
|
|
||||||
headers: {},
|
|
||||||
connection: {
|
|
||||||
remoteAddress: '127.0.0.1'
|
|
||||||
},
|
|
||||||
getLocale: () => 'en'
|
|
||||||
},
|
|
||||||
args: {}
|
|
||||||
};
|
|
||||||
let login = await models.VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare');
|
|
||||||
let accessToken = await models.AccessToken.findById(login.token);
|
|
||||||
ctx = {req: {accessToken: accessToken}};
|
|
||||||
});
|
|
||||||
|
|
||||||
beforeEach(() => {
|
|
||||||
jasmine.clock().install();
|
|
||||||
jasmine.clock().mockDate(new Date(startingTime));
|
|
||||||
});
|
|
||||||
|
|
||||||
afterEach(() => {
|
|
||||||
jasmine.clock().uninstall();
|
|
||||||
});
|
|
||||||
|
|
||||||
it('Token is not expired', async() => {
|
|
||||||
const isValid = await models.VnUser.validateToken(ctx.req.accessToken);
|
|
||||||
|
|
||||||
expect(isValid).toBeTrue();
|
|
||||||
});
|
|
||||||
|
|
||||||
it('Token is expired', async() => {
|
|
||||||
jasmine.clock().mockDate(new Date(startingTime + 21600000));
|
|
||||||
const isValid = await models.VnUser.validateToken(ctx.req.accessToken);
|
|
||||||
|
|
||||||
expect(isValid).toBeFalse();
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
@ -1,24 +0,0 @@
|
||||||
const {models} = require('vn-loopback/server/server');
|
|
||||||
module.exports = Self => {
|
|
||||||
Self.remoteMethod('validateToken', {
|
|
||||||
description: 'Validates the current logged user token',
|
|
||||||
returns: {
|
|
||||||
type: 'Boolean',
|
|
||||||
root: true
|
|
||||||
},
|
|
||||||
http: {
|
|
||||||
path: `/validateToken`,
|
|
||||||
verb: 'GET'
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
Self.validateToken = async function(token) {
|
|
||||||
const accessTokenConfig = await models.AccessTokenConfig.findOne({fields: ['renewPeriod', 'courtesyTime']});
|
|
||||||
const now = Date.now();
|
|
||||||
const differenceMilliseconds = now - token.created;
|
|
||||||
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
|
|
||||||
const isValid = differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime;
|
|
||||||
|
|
||||||
return isValid;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
@ -10,7 +10,6 @@ module.exports = function(Self) {
|
||||||
require('../methods/vn-user/sign-in')(Self);
|
require('../methods/vn-user/sign-in')(Self);
|
||||||
require('../methods/vn-user/acl')(Self);
|
require('../methods/vn-user/acl')(Self);
|
||||||
require('../methods/vn-user/recover-password')(Self);
|
require('../methods/vn-user/recover-password')(Self);
|
||||||
require('../methods/vn-user/validate-token')(Self);
|
|
||||||
require('../methods/vn-user/privileges')(Self);
|
require('../methods/vn-user/privileges')(Self);
|
||||||
require('../methods/vn-user/validate-auth')(Self);
|
require('../methods/vn-user/validate-auth')(Self);
|
||||||
require('../methods/vn-user/renew-token')(Self);
|
require('../methods/vn-user/renew-token')(Self);
|
||||||
|
|
|
||||||
|
|
@ -102,13 +102,6 @@
|
||||||
"principalType": "ROLE",
|
"principalType": "ROLE",
|
||||||
"principalId": "$everyone",
|
"principalId": "$everyone",
|
||||||
"permission": "ALLOW"
|
"permission": "ALLOW"
|
||||||
},
|
|
||||||
{
|
|
||||||
"property": "validateToken",
|
|
||||||
"accessType": "EXECUTE",
|
|
||||||
"principalType": "ROLE",
|
|
||||||
"principalId": "$authenticated",
|
|
||||||
"permission": "ALLOW"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"property": "validateAuth",
|
"property": "validateAuth",
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue