From f87cb17f52c8fc4b07b29ccf16d67853bc6c5e8e Mon Sep 17 00:00:00 2001
From: Pierre HUBERT <pierre.git@communiquons.org>
Date: Fri, 22 Nov 2019 09:42:01 +0100
Subject: [PATCH] Check client token

---
 src/entities/RequestHandler.ts | 27 +++++++++++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

diff --git a/src/entities/RequestHandler.ts b/src/entities/RequestHandler.ts
index f74b592..b79573a 100644
--- a/src/entities/RequestHandler.ts
+++ b/src/entities/RequestHandler.ts
@@ -1,4 +1,6 @@
 import { Response, Request } from "express";
+import { APIHelper } from "../helpers/APIHelper";
+import { APIClient } from "./APIClient";
 
 /**
  * Response to a request
@@ -7,6 +9,9 @@ import { Response, Request } from "express";
  */
 
 export class RequestHandler {
+
+	private client : APIClient = null;
+
 	public constructor(private req : Request, private response : Response) {}
 
 	/**
@@ -39,7 +44,7 @@ export class RequestHandler {
 		if(param.length < minLength)
 			this.error(400, "Parameter "+name+" is too short!");
 
-		return "";
+		return param;
 	}
 
 
@@ -54,7 +59,25 @@ export class RequestHandler {
 		const apiName = this.getString("serviceName");
 		const apiToken = this.getString("serviceToken");
 		
-		// Validate the token
+		// Validate the client
+		const client = await APIHelper.GetClient(apiName, apiToken);
+
+		if(client == null)
+			this.error(400, "Client not recognized!");
+		
+		if(client.domain) {
+			
+			const allowedOrigin = "http://" + client.domain;
+
+			const referer = this.req.get("Referer");
+			if(!referer || !referer.startsWith(allowedOrigin))
+				this.error(401, "Use of this client is prohibited from this domain!");
+			
+			this.response.set("Access-Control-Allow-Origin", allowedOrigin);
+		}
+
+		// Save client information for latter access
+		this.client = client;
 	}
 
 	/**