mirror of
https://gitlab.com/comunic/comunicapiv2
synced 2024-12-27 22:18:52 +00:00
Check client token
This commit is contained in:
parent
2c4c914fbc
commit
f87cb17f52
@ -1,4 +1,6 @@
|
||||
import { Response, Request } from "express";
|
||||
import { APIHelper } from "../helpers/APIHelper";
|
||||
import { APIClient } from "./APIClient";
|
||||
|
||||
/**
|
||||
* Response to a request
|
||||
@ -7,6 +9,9 @@ import { Response, Request } from "express";
|
||||
*/
|
||||
|
||||
export class RequestHandler {
|
||||
|
||||
private client : APIClient = null;
|
||||
|
||||
public constructor(private req : Request, private response : Response) {}
|
||||
|
||||
/**
|
||||
@ -39,7 +44,7 @@ export class RequestHandler {
|
||||
if(param.length < minLength)
|
||||
this.error(400, "Parameter "+name+" is too short!");
|
||||
|
||||
return "";
|
||||
return param;
|
||||
}
|
||||
|
||||
|
||||
@ -54,7 +59,25 @@ export class RequestHandler {
|
||||
const apiName = this.getString("serviceName");
|
||||
const apiToken = this.getString("serviceToken");
|
||||
|
||||
// Validate the token
|
||||
// Validate the client
|
||||
const client = await APIHelper.GetClient(apiName, apiToken);
|
||||
|
||||
if(client == null)
|
||||
this.error(400, "Client not recognized!");
|
||||
|
||||
if(client.domain) {
|
||||
|
||||
const allowedOrigin = "http://" + client.domain;
|
||||
|
||||
const referer = this.req.get("Referer");
|
||||
if(!referer || !referer.startsWith(allowedOrigin))
|
||||
this.error(401, "Use of this client is prohibited from this domain!");
|
||||
|
||||
this.response.set("Access-Control-Allow-Origin", allowedOrigin);
|
||||
}
|
||||
|
||||
// Save client information for latter access
|
||||
this.client = client;
|
||||
}
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user