From a6d9465b1183de328f8edcb6f474d921ab123276 Mon Sep 17 00:00:00 2001 From: David Ludwig Date: Mon, 19 Apr 2021 23:35:12 -0500 Subject: [PATCH] Fix request authentication. Add middleware support to requests --- src/server/services/WebServer/requests/Request.ts | 12 ++++++------ .../WebServer/requests/RequestImdbMovieRequest.ts | 10 +++++----- .../WebServer/requests/RequestMovieRequest.ts | 13 +++++++++++++ .../WebServer/requests/RequestTmdbMovieRequest.ts | 6 +++--- 4 files changed, 27 insertions(+), 14 deletions(-) create mode 100644 src/server/services/WebServer/requests/RequestMovieRequest.ts diff --git a/src/server/services/WebServer/requests/Request.ts b/src/server/services/WebServer/requests/Request.ts index 6a632c4..3c59247 100644 --- a/src/server/services/WebServer/requests/Request.ts +++ b/src/server/services/WebServer/requests/Request.ts @@ -6,16 +6,16 @@ export default class Request * Handle the incoming request */ public async handle(request: FastifyRequest, reply: FastifyReply) { - if (!this.checkFormat(request)) { - reply.status(401); + if (!this.isAuthorized(request)) { + reply.status(403); return { - status: "unauthorized" + status: "Forbidden" }; } if (!this.checkFormat(request)) { reply.status(400); return { - status: "bad request" + status: "Bad request" }; } try { @@ -23,7 +23,7 @@ export default class Request } catch(errors) { reply.status(422); return { - status: "unprocessable entities", + status: "Unprocessable entities", errors }; } @@ -34,7 +34,7 @@ export default class Request /** * Check if the user is authorized to make this request */ - public isAuthorized() { + public isAuthorized(request: FastifyRequest) { return true; } diff --git a/src/server/services/WebServer/requests/RequestImdbMovieRequest.ts b/src/server/services/WebServer/requests/RequestImdbMovieRequest.ts index d286889..a531f8a 100644 --- a/src/server/services/WebServer/requests/RequestImdbMovieRequest.ts +++ b/src/server/services/WebServer/requests/RequestImdbMovieRequest.ts @@ -1,11 +1,11 @@ -import { FastifyRequest } from "fastify"; import validate from "validate.js"; -import Request from "./Request"; +import { MiddlewareRequest } from "../middleware"; +import { IAuthMiddlewareParams } from "../middleware/auth"; +import RequestMovieRequest from "./RequestMovieRequest"; - -export default class RequestImdbMovieRequest extends Request +export default class RequestImdbMovieRequest extends RequestMovieRequest { - public validate(request: FastifyRequest) { + public validate(request: MiddlewareRequest) { return validate.async(request.params, { imdb_id: { presence: { diff --git a/src/server/services/WebServer/requests/RequestMovieRequest.ts b/src/server/services/WebServer/requests/RequestMovieRequest.ts new file mode 100644 index 0000000..8a71691 --- /dev/null +++ b/src/server/services/WebServer/requests/RequestMovieRequest.ts @@ -0,0 +1,13 @@ +import { MiddlewareRequest } from "../middleware"; +import { IAuthMiddlewareParams } from "../middleware/auth"; +import Request from "./Request"; + +export default class RequestMovieRequest extends Request +{ + /** + * Ensure the user is able to request movies + */ + public isAuthorized(request: MiddlewareRequest) { + return true; + } +} diff --git a/src/server/services/WebServer/requests/RequestTmdbMovieRequest.ts b/src/server/services/WebServer/requests/RequestTmdbMovieRequest.ts index 3a8e001..c37ab35 100644 --- a/src/server/services/WebServer/requests/RequestTmdbMovieRequest.ts +++ b/src/server/services/WebServer/requests/RequestTmdbMovieRequest.ts @@ -1,9 +1,9 @@ import { FastifyRequest } from "fastify"; import validate from "validate.js"; -import Request from "./Request"; +import { IAuthMiddlewareParams } from "../middleware/auth"; +import RequestMovieRequest from "./RequestMovieRequest"; - -export default class RequestTmdbMovieRequest extends Request +export default class RequestTmdbMovieRequest extends RequestMovieRequest { public validate(request: FastifyRequest) { return validate.async(request.params, {