ETA/ETAApi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Move ACL responsability to each Application Controller

Browse Source
This commit is contained in:
Josepablo C
2024-08-06 12:57:07 -06:00
parent 6b4c475a38
commit f8d41db04d
5 changed files with 26 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
v2/server/src/Apps/Account/Controller/index.js
View File

@@ -7,8 +7,6 @@ function dummy_middleware( req, res ){
return res.status(500).send({ error:"Not implemented yet" });
}
router.post('/register', dummy_middleware );
router.post('/authorize', async( req, res ) => {
try{
const email = req.body.email;
@@ -121,4 +119,14 @@ router.patch('/recover', async(req,res) => {
}
} );
/// Block access to the next list of endpoints if JWT is not valid
router.use( async (req, res, next) => {
if( ! req.JWT?.isValid ){
return res.status(401).send({error:"Unauthorized",code:401});
}
return next();
} );
router.use('/register' , dummy_middleware );
module.exports = router;

6
v2/server/src/Apps/PrivateResources/Controller/graphql/resolvers.js
View File

@@ -6,17 +6,17 @@ const { Account, User, Company, getUserById, getCompanyById, findUsersPage, find
// Queries
//////////////////////////////////////////////
async function account( args, context ) {
const account = new Account( context.graphQLContext.userId );
const account = new Account( context.requestContext.userId );
return account;
}
async function profile( args, context ) {
const profile = new User( context.graphQLContext.userId );
const profile = new User( context.requestContext.userId );
return profile;
}
async function company( args, context ) {
const company = new Company( context.graphQLContext.companyId );
const company = new Company( context.requestContext.companyId );
return company;
}

4
v2/server/src/Apps/PrivateResources/Controller/index.js
View File

@@ -8,7 +8,7 @@ const schemaDescription = require('./graphql/schema.js');
const schemaResolvers = require('./graphql/resolvers.js');
router.get('/test', async (req, res) => {
console.log( req.graphQLContext );
console.log( req.requestContext );
res.status(200).send({
msg : "It is alive!"
});
@@ -18,7 +18,7 @@ router.post( '/graphql',
createHandler({
schema: schemaDescription,
rootValue : schemaResolvers,
context: async (req, params) => { return { graphQLContext : req.raw.graphQLContext }; },
context: async (req, params) => { return { requestContext : req.raw.requestContext }; },
graphiql: true
})
);