summaryrefslogtreecommitdiff
path: root/src/api/authenticate.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/api/authenticate.ts')
-rw-r--r--src/api/authenticate.ts61
1 files changed, 61 insertions, 0 deletions
diff --git a/src/api/authenticate.ts b/src/api/authenticate.ts
new file mode 100644
index 0000000000..5798adb83d
--- /dev/null
+++ b/src/api/authenticate.ts
@@ -0,0 +1,61 @@
+import * as express from 'express';
+import App from './models/app';
+import User from './models/user';
+import Userkey from './models/userkey';
+
+export interface IAuthContext {
+ /**
+ * App which requested
+ */
+ app: any;
+
+ /**
+ * Authenticated user
+ */
+ user: any;
+
+ /**
+ * Weather if the request is via the (Misskey Web Client or user direct) or not
+ */
+ isSecure: boolean;
+}
+
+export default (req: express.Request) =>
+ new Promise<IAuthContext>(async (resolve, reject) => {
+ const token = req.body['i'];
+ if (token) {
+ const user = await User
+ .findOne({ token: token });
+
+ if (user === null) {
+ return reject('user not found');
+ }
+
+ return resolve({
+ app: null,
+ user: user,
+ isSecure: true
+ });
+ }
+
+ const userkey = req.headers['userkey'] || req.body['_userkey'];
+ if (userkey) {
+ const userkeyDoc = await Userkey.findOne({
+ key: userkey
+ });
+
+ if (userkeyDoc === null) {
+ return reject('invalid userkey');
+ }
+
+ const app = await App
+ .findOne({ _id: userkeyDoc.app_id });
+
+ const user = await User
+ .findOne({ _id: userkeyDoc.user_id });
+
+ return resolve({ app: app, user: user, isSecure: false });
+ }
+
+ return resolve({ app: null, user: null, isSecure: false });
+});
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 18:53:37 +0000