Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-07 05:46:10 +01:00
Code Issues Packages Projects Releases Activity

server-ts: Address review

Browse Source
This commit is contained in:
Elian Doran
2024-04-03 19:22:49 +03:00
parent f857b8a9bb
commit 5d452a1525
8 changed files with 20 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/services/auth.ts
View File

@@ -7,13 +7,11 @@ import utils = require('./utils');
import passwordEncryptionService = require('./encryption/password_encryption');
import config = require('./config');
import passwordService = require('./encryption/password');
import type { Request } from 'express';
const noAuthentication = config.General && config.General.noAuthentication === true;
// TODO: We are using custom types for request & response because couldn't extract those pesky express types.
interface Request {
method: string;
path: string;
interface AppRequest extends Request {
headers: {
authorization?: string;
"trilium-cred"?: string;
@@ -30,7 +28,7 @@ interface Response {
type Callback = () => void;
function checkAuth(req: Request, res: Response, next: Callback) {
function checkAuth(req: AppRequest, res: Response, next: Callback) {
if (!sqlInit.isDbInitialized()) {
res.redirect("setup");
}
@@ -44,7 +42,7 @@ function checkAuth(req: Request, res: Response, next: Callback) {
// for electron things which need network stuff
// currently, we're doing that for file upload because handling form data seems to be difficult
function checkApiAuthOrElectron(req: Request, res: Response, next: Callback) {
function checkApiAuthOrElectron(req: AppRequest, res: Response, next: Callback) {
if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
reject(req, res, "Logged in session not found");
}
@@ -53,7 +51,7 @@ function checkApiAuthOrElectron(req: Request, res: Response, next: Callback) {
}
}
function checkApiAuth(req: Request, res: Response, next: Callback) {
function checkApiAuth(req: AppRequest, res: Response, next: Callback) {
if (!req.session.loggedIn && !noAuthentication) {
reject(req, res, "Logged in session not found");
}
@@ -62,7 +60,7 @@ function checkApiAuth(req: Request, res: Response, next: Callback) {
}
}
function checkAppInitialized(req: Request, res: Response, next: Callback) {
function checkAppInitialized(req: AppRequest, res: Response, next: Callback) {
if (!sqlInit.isDbInitialized()) {
res.redirect("setup");
}
@@ -71,7 +69,7 @@ function checkAppInitialized(req: Request, res: Response, next: Callback) {
}
}
function checkPasswordSet(req: Request, res: Response, next: Callback) {
function checkPasswordSet(req: AppRequest, res: Response, next: Callback) {
if (!utils.isElectron() && !passwordService.isPasswordSet()) {
res.redirect("set-password");
} else {
@@ -79,7 +77,7 @@ function checkPasswordSet(req: Request, res: Response, next: Callback) {
}
}
function checkPasswordNotSet(req: Request, res: Response, next: Callback) {
function checkPasswordNotSet(req: AppRequest, res: Response, next: Callback) {
if (!utils.isElectron() && passwordService.isPasswordSet()) {
res.redirect("login");
} else {
@@ -87,7 +85,7 @@ function checkPasswordNotSet(req: Request, res: Response, next: Callback) {
}
}
function checkAppNotInitialized(req: Request, res: Response, next: Callback) {
function checkAppNotInitialized(req: AppRequest, res: Response, next: Callback) {
if (sqlInit.isDbInitialized()) {
reject(req, res, "App already initialized.");
}
@@ -96,7 +94,7 @@ function checkAppNotInitialized(req: Request, res: Response, next: Callback) {
}
}
function checkEtapiToken(req: Request, res: Response, next: Callback) {
function checkEtapiToken(req: AppRequest, res: Response, next: Callback) {
if (etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
next();
}
@@ -105,7 +103,7 @@ function checkEtapiToken(req: Request, res: Response, next: Callback) {
}
}
function reject(req: Request, res: Response, message: string) {
function reject(req: AppRequest, res: Response, message: string) {
log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
res.setHeader("Content-Type", "text/plain")
@@ -113,7 +111,7 @@ function reject(req: Request, res: Response, message: string) {
.send(message);
}
function checkCredentials(req: Request, res: Response, next: Callback) {
function checkCredentials(req: AppRequest, res: Response, next: Callback) {
if (!sqlInit.isDbInitialized()) {
res.setHeader("Content-Type", "text/plain")
.status(400)