1
0
mirror of https://gitlab.com/comunic/comunicapiv2 synced 2024-11-22 13:29:22 +00:00

Check client token

This commit is contained in:
Pierre HUBERT 2019-11-22 09:42:01 +01:00
parent 2c4c914fbc
commit f87cb17f52

View File

@ -1,4 +1,6 @@
import { Response, Request } from "express"; import { Response, Request } from "express";
import { APIHelper } from "../helpers/APIHelper";
import { APIClient } from "./APIClient";
/** /**
* Response to a request * Response to a request
@ -7,6 +9,9 @@ import { Response, Request } from "express";
*/ */
export class RequestHandler { export class RequestHandler {
private client : APIClient = null;
public constructor(private req : Request, private response : Response) {} public constructor(private req : Request, private response : Response) {}
/** /**
@ -39,7 +44,7 @@ export class RequestHandler {
if(param.length < minLength) if(param.length < minLength)
this.error(400, "Parameter "+name+" is too short!"); this.error(400, "Parameter "+name+" is too short!");
return ""; return param;
} }
@ -54,7 +59,25 @@ export class RequestHandler {
const apiName = this.getString("serviceName"); const apiName = this.getString("serviceName");
const apiToken = this.getString("serviceToken"); const apiToken = this.getString("serviceToken");
// Validate the token // Validate the client
const client = await APIHelper.GetClient(apiName, apiToken);
if(client == null)
this.error(400, "Client not recognized!");
if(client.domain) {
const allowedOrigin = "http://" + client.domain;
const referer = this.req.get("Referer");
if(!referer || !referer.startsWith(allowedOrigin))
this.error(401, "Use of this client is prohibited from this domain!");
this.response.set("Access-Control-Allow-Origin", allowedOrigin);
}
// Save client information for latter access
this.client = client;
} }
/** /**