summaryrefslogtreecommitdiff
path: root/src/server/api/authenticate.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/api/authenticate.ts')
-rw-r--r--src/server/api/authenticate.ts69
1 files changed, 69 insertions, 0 deletions
diff --git a/src/server/api/authenticate.ts b/src/server/api/authenticate.ts
new file mode 100644
index 0000000000..537c3d1e1f
--- /dev/null
+++ b/src/server/api/authenticate.ts
@@ -0,0 +1,69 @@
+import * as express from 'express';
+import App from './models/app';
+import { default as User, IUser } from './models/user';
+import AccessToken from './models/access-token';
+import isNativeToken from './common/is-native-token';
+
+export interface IAuthContext {
+ /**
+ * App which requested
+ */
+ app: any;
+
+ /**
+ * Authenticated user
+ */
+ user: IUser;
+
+ /**
+ * Whether requested with a User-Native Token
+ */
+ isSecure: boolean;
+}
+
+export default (req: express.Request) => new Promise<IAuthContext>(async (resolve, reject) => {
+ const token = req.body['i'] as string;
+
+ if (token == null) {
+ return resolve({
+ app: null,
+ user: null,
+ isSecure: false
+ });
+ }
+
+ if (isNativeToken(token)) {
+ const user: IUser = await User
+ .findOne({ 'account.token': token });
+
+ if (user === null) {
+ return reject('user not found');
+ }
+
+ return resolve({
+ app: null,
+ user: user,
+ isSecure: true
+ });
+ } else {
+ const accessToken = await AccessToken.findOne({
+ hash: token.toLowerCase()
+ });
+
+ if (accessToken === null) {
+ return reject('invalid signature');
+ }
+
+ const app = await App
+ .findOne({ _id: accessToken.app_id });
+
+ const user = await User
+ .findOne({ _id: accessToken.user_id });
+
+ return resolve({
+ app: app,
+ user: user,
+ isSecure: false
+ });
+ }
+});
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 15:51:13 +0000