in progress - currentapp token

5 years ago · dd0b4baef5
5 changed files with 93 additions and 89 deletions
--- a/packages/auth/src/middleware/authenticated.js
+++ b/packages/auth/src/middleware/authenticated.js
@ -15,6 +15,8 @@ async function setCurrentAppContext(ctx) {
    return
  }

+  console.log("THE APP ID", appId)
+
  const currentAppCookie = getCookie(ctx, Cookies.CurrentApp, { decrypt: true })
  const appIdChanged = appId && currentAppCookie.appId !== appId
  if (appIdChanged) {
@ -45,6 +47,8 @@ module.exports = async (ctx, next) => {

    ctx.appId = await setCurrentAppContext(ctx)

+    console.log("CONTEXT", ctx)
+
    await next()
  } catch (err) {
    console.log(err)
--- a/packages/server/src/api/controllers/static/index.js
+++ b/packages/server/src/api/controllers/static/index.js
@ -36,7 +36,7 @@ const COMP_LIB_BASE_APP_VERSION = "0.2.5"
 exports.serveBuilder = async function(ctx) {
  let builderPath = resolve(TOP_LEVEL_PATH, "builder")
  if (ctx.file === "index.html") {
-    await setBuilderToken(ctx)
+    // await setBuilderToken(ctx)
  }
  await send(ctx, ctx.file, { root: builderPath })
 }
--- a/packages/server/src/middleware/authenticated.js
+++ b/packages/server/src/middleware/authenticated.js
@ -1,73 +1,73 @@
-const jwt = require("jsonwebtoken")
-const STATUS_CODES = require("../utilities/statusCodes")
-const { getRole, getBuiltinRoles } = require("../utilities/security/roles")
-const { AuthTypes } = require("../constants")
-const {
-  getAppId,
-  getCookieName,
-  clearCookie,
-  setCookie,
-  isClient,
-} = require("../utilities")
+// const jwt = require("jsonwebtoken")
+// const STATUS_CODES = require("../utilities/statusCodes")
+// const { getRole, getBuiltinRoles } = require("../utilities/security/roles")
+// const { AuthTypes } = require("../constants")
+// const {
+//   getAppId,
+//   getCookieName,
+//   clearCookie,
+//   setCookie,
+//   isClient,
+// } = require("../utilities")

-module.exports = async (ctx, next) => {
-  if (ctx.path === "/builder") {
-    await next()
-    return
-  }
+// module.exports = async (ctx, next) => {
+//   if (ctx.path === "/builder") {
+//     await next()
+//     return
+//   }

-  // do everything we can to make sure the appId is held correctly
-  // we hold it in state as a
-  let appId = getAppId(ctx)
-  const cookieAppId = ctx.cookies.get(getCookieName("currentapp"))
-  const builtinRoles = getBuiltinRoles()
-  if (appId && cookieAppId !== appId) {
-    setCookie(ctx, appId, "currentapp")
-  } else if (cookieAppId) {
-    appId = cookieAppId
-  }
-  let token, authType
-  if (!isClient(ctx)) {
-    token = ctx.cookies.get(getCookieName())
-    authType = AuthTypes.BUILDER
-  }
+//   // do everything we can to make sure the appId is held correctly
+//   // we hold it in state as a
+//   let appId = getAppId(ctx)
+//   const cookieAppId = ctx.cookies.get(getCookieName("currentapp"))
+//   const builtinRoles = getBuiltinRoles()
+//   if (appId && cookieAppId !== appId) {
+//     setCookie(ctx, appId, "currentapp")
+//   } else if (cookieAppId) {
+//     appId = cookieAppId
+//   }
+//   let token, authType
+//   if (!isClient(ctx)) {
+//     token = ctx.cookies.get(getCookieName())
+//     authType = AuthTypes.BUILDER
+//   }

-  if (!token && appId) {
-    token = ctx.cookies.get(getCookieName(appId))
-    authType = AuthTypes.APP
-  }
+//   if (!token && appId) {
+//     token = ctx.cookies.get(getCookieName(appId))
+//     authType = AuthTypes.APP
+//   }

-  if (!token) {
-    ctx.auth.authenticated = false
-    ctx.appId = appId
-    ctx.user = {
-      role: builtinRoles.PUBLIC,
-    }
-    await next()
-    return
-  }
+//   if (!token) {
+//     ctx.auth.authenticated = false
+//     ctx.appId = appId
+//     ctx.user = {
+//       role: builtinRoles.PUBLIC,
+//     }
+//     await next()
+//     return
+//   }

-  try {
-    ctx.auth.authenticated = authType
-    const jwtPayload = jwt.verify(token, ctx.config.jwtSecret)
-    ctx.appId = appId
-    ctx.auth.apiKey = jwtPayload.apiKey
-    ctx.user = {
-      ...jwtPayload,
-      role: await getRole(appId, jwtPayload.roleId),
-    }
-    // appId no longer carried in user, make sure
-    delete ctx.user.appId
-  } catch (err) {
-    console.log(err)
-    if (authType === AuthTypes.BUILDER) {
-      clearCookie(ctx)
-      ctx.status = 200
-      return
-    } else {
-      ctx.throw(err.status || STATUS_CODES.FORBIDDEN, err.text)
-    }
-  }
+//   try {
+//     ctx.auth.authenticated = authType
+//     const jwtPayload = jwt.verify(token, ctx.config.jwtSecret)
+//     ctx.appId = appId
+//     ctx.auth.apiKey = jwtPayload.apiKey
+//     ctx.user = {
+//       ...jwtPayload,
+//       role: await getRole(appId, jwtPayload.roleId),
+//     }
+//     // appId no longer carried in user, make sure
+//     delete ctx.user.appId
+//   } catch (err) {
+//     console.log(err)
+//     if (authType === AuthTypes.BUILDER) {
+//       clearCookie(ctx)
+//       ctx.status = 200
+//       return
+//     } else {
+//       ctx.throw(err.status || STATUS_CODES.FORBIDDEN, err.text)
+//     }
+//   }

-  await next()
-}
+//   await next()
+// }
--- a/packages/server/src/middleware/authorized.js
+++ b/packages/server/src/middleware/authorized.js
@ -40,7 +40,6 @@ module.exports = (permType, permLevel = null) => async (ctx, next) => {

  const role = ctx.user.role
  const isAdmin = ADMIN_ROLES.includes(role._id)
-  // const isAuthed = ctx.auth.authenticated
  const isAuthed = ctx.isAuthenticated

  const { basePermissions, permissions } = await getUserPermissions(
--- a/packages/server/src/utilities/builder/setBuilderToken.js
+++ b/packages/server/src/utilities/builder/setBuilderToken.js
@ -3,30 +3,31 @@ const env = require("../../environment")
 const CouchDB = require("../../db")
 const jwt = require("jsonwebtoken")
 const { DocumentTypes, SEPARATOR } = require("../../db/utils")
-const { setCookie, clearCookie } = require("../index")
-const APP_PREFIX = DocumentTypes.APP + SEPARATOR
+const { setCookie } = require("@budibase/auth")
+// const { setCookie, clearCookie } = require("../index")
+// const APP_PREFIX = DocumentTypes.APP + SEPARATOR

 module.exports = async (ctx, appId, version) => {
-  const builderUser = {
-    userId: "BUILDER",
-    roleId: BUILTIN_ROLE_IDS.BUILDER,
-    version,
-  }
-  if (env.BUDIBASE_API_KEY) {
-    builderUser.apiKey = env.BUDIBASE_API_KEY
-  }
-  const token = jwt.sign(builderUser, ctx.config.jwtSecret, {
-    expiresIn: "30 days",
-  })
+  // const builderUser = {
+  //   userId: "BUILDER",
+  //   roleId: BUILTIN_ROLE_IDS.BUILDER,
+  //   version,
+  // }
+  // if (env.BUDIBASE_API_KEY) {
+  //   builderUser.apiKey = env.BUDIBASE_API_KEY
+  // }
+  // const token = jwt.sign(builderUser, ctx.config.jwtSecret, {
+  //   expiresIn: "30 days",
+  // })

  // set the builder token
-  setCookie(ctx, token, "builder")
+  // setCookie(ctx, token, "builder")
  setCookie(ctx, appId, "currentapp")
  // need to clear all app tokens or else unable to use the app in the builder
-  let allDbNames = await CouchDB.allDbs()
-  allDbNames.map(dbName => {
-    if (dbName.startsWith(APP_PREFIX)) {
-      clearCookie(ctx, dbName)
-    }
-  })
+  // let allDbNames = await CouchDB.allDbs()
+  // allDbNames.map(dbName => {
+  //   if (dbName.startsWith(APP_PREFIX)) {
+  //     clearCookie(ctx, dbName)
+  //   }
+  // })
 }