refs #6264 feat: remove validateToken endpoint
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Javier Segarra 2023-12-13 13:39:43 +01:00
parent d44cdcbd13
commit d364a50ec4
5 changed files with 11 additions and 76 deletions

View File

@ -29,7 +29,7 @@ module.exports = Self => {
const {accessToken: token} = ctx.req;
// Check if current token is valid
const isValid = await Self.validateToken(token);
const isValid = await validateToken(token);
if (isValid) throw new UserError(`The renew period has not been exceeded`, 'periodNotExceeded');
const {courtesyTime} = await models.AccessTokenConfig.findOne({fields: ['courtesyTime']});
@ -43,4 +43,14 @@ module.exports = Self => {
return {id: accessToken.id, ttl: accessToken.ttl};
};
async function validateToken(token) {
const accessTokenConfig = await models.AccessTokenConfig.findOne({fields: ['renewPeriod', 'courtesyTime']});
const now = Date.now();
const differenceMilliseconds = now - token.created;
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
const isValid = differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime;
return isValid;
}
};

View File

@ -1,43 +0,0 @@
const {models} = require('vn-loopback/server/server');
describe('Validate Token', () => {
const startingTime = Date.now();
let ctx = null;
beforeAll(async() => {
const unAuthCtx = {
req: {
headers: {},
connection: {
remoteAddress: '127.0.0.1'
},
getLocale: () => 'en'
},
args: {}
};
let login = await models.VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare');
let accessToken = await models.AccessToken.findById(login.token);
ctx = {req: {accessToken: accessToken}};
});
beforeEach(() => {
jasmine.clock().install();
jasmine.clock().mockDate(new Date(startingTime));
});
afterEach(() => {
jasmine.clock().uninstall();
});
it('Token is not expired', async() => {
const isValid = await models.VnUser.validateToken(ctx.req.accessToken);
expect(isValid).toBeTrue();
});
it('Token is expired', async() => {
jasmine.clock().mockDate(new Date(startingTime + 21600000));
const isValid = await models.VnUser.validateToken(ctx.req.accessToken);
expect(isValid).toBeFalse();
});
});

View File

@ -1,24 +0,0 @@
const {models} = require('vn-loopback/server/server');
module.exports = Self => {
Self.remoteMethod('validateToken', {
description: 'Validates the current logged user token',
returns: {
type: 'Boolean',
root: true
},
http: {
path: `/validateToken`,
verb: 'GET'
}
});
Self.validateToken = async function(token) {
const accessTokenConfig = await models.AccessTokenConfig.findOne({fields: ['renewPeriod', 'courtesyTime']});
const now = Date.now();
const differenceMilliseconds = now - token.created;
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
const isValid = differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime;
return isValid;
};
};

View File

@ -10,7 +10,6 @@ module.exports = function(Self) {
require('../methods/vn-user/sign-in')(Self);
require('../methods/vn-user/acl')(Self);
require('../methods/vn-user/recover-password')(Self);
require('../methods/vn-user/validate-token')(Self);
require('../methods/vn-user/privileges')(Self);
require('../methods/vn-user/validate-auth')(Self);
require('../methods/vn-user/renew-token')(Self);

View File

@ -102,13 +102,6 @@
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW"
},
{
"property": "validateToken",
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
},
{
"property": "validateAuth",