Skip to content

Commit

Permalink
refactor user validation into middleware (#422)
Browse files Browse the repository at this point in the history
  • Loading branch information
@tcrasset
tcrasset authored Aug 16, 2024
1 parent baf04a4 commit 7fcda08
Show file tree
Hide file tree
Showing 8 changed files with 41 additions and 75 deletions.
1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
"scripts": {
"start": "node app",
"lint": "eslint . --max-warnings 0",
"lint:fix": "eslint . --fix",
"build": "tsc",
"test": "NODE_ENV=test NODE_OPTIONS='--experimental-vm-modules --trace-warnings' jest --coverage",
"db:migrate": "NODE_ENV=development node src/run-migrations.js up",
Expand Down
4 changes: 1 addition & 3 deletions src/app-account.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import express from 'express';
import errorMiddleware from './util/error-middleware.js';
import { errorMiddleware } from './util/middlewares.js';
import validateUser, { validateAuthHeader } from './util/validate-user.js';
import {
bootstrap,
Expand Down Expand Up @@ -96,5 +96,3 @@ app.get('/validate', (req, res) => {
res.send({ status: 'ok', data: { validated: true } });
}
});

app.use(errorMiddleware);
10 changes: 2 additions & 8 deletions src/app-gocardless/app-gocardless.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import {
} from './errors.js';
import { handleError } from './util/handle-error.js';
import { sha256String } from '../util/hash.js';
import validateUser from '../util/validate-user.js';
import { validateUserMiddleware } from '../util/middlewares.js';

const app = express();
app.get('/link', function (req, res) {
Expand All @@ -20,13 +20,7 @@ app.get('/link', function (req, res) {

export { app as handlers };
app.use(express.json());
app.use(async (req, res, next) => {
let user = await validateUser(req, res);
if (!user) {
return;
}
next();
});
app.use(validateUserMiddleware);

app.post('/status', async (req, res) => {
res.send({
Expand Down
10 changes: 2 additions & 8 deletions src/app-secrets.js
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,13 @@
import express from 'express';
import validateUser from './util/validate-user.js';
import { secretsService } from './services/secrets-service.js';
import { validateUserMiddleware } from './util/middlewares.js';

const app = express();

export { app as handlers };
app.use(express.json());

app.use(async (req, res, next) => {
let user = await validateUser(req, res);
if (!user) {
return;
}
next();
});
app.use(validateUserMiddleware);

app.post('/', async (req, res) => {
const { name, value } = req.body;
Expand Down
48 changes: 2 additions & 46 deletions src/app-sync.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@ import fs from 'node:fs/promises';
import { Buffer } from 'node:buffer';
import express from 'express';
import * as uuid from 'uuid';
import validateUser from './util/validate-user.js';
import errorMiddleware from './util/error-middleware.js';
import { errorMiddleware, validateUserMiddleware } from './util/middlewares.js';
import getAccountDb from './account-db.js';
import { getPathForUserFile, getPathForGroupFile } from './util/paths.js';

Expand All @@ -16,6 +15,7 @@ app.use(errorMiddleware);
app.use(express.json());
app.use(express.raw({ type: 'application/actual-sync' }));

app.use(validateUserMiddleware);
export { app as handlers };

const OK_RESPONSE = { status: 'ok' };
Expand All @@ -27,11 +27,6 @@ const OK_RESPONSE = { status: 'ok' };
const SYNC_FORMAT_VERSION = 2;

app.post('/sync', async (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}

let requestPb;
try {
requestPb = SyncProtoBuf.SyncRequest.deserializeBinary(req.body);
Expand Down Expand Up @@ -126,11 +121,6 @@ app.post('/sync', async (req, res) => {
});

app.post('/user-get-key', (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}

let accountDb = getAccountDb();
let { fileId } = req.body;

Expand All @@ -153,10 +143,6 @@ app.post('/user-get-key', (req, res) => {
});

app.post('/user-create-key', (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}
let accountDb = getAccountDb();
let { fileId, keyId, keySalt, testContent } = req.body;

Expand All @@ -169,10 +155,6 @@ app.post('/user-create-key', (req, res) => {
});

app.post('/reset-user-file', async (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}
let accountDb = getAccountDb();
let { fileId } = req.body;

Expand All @@ -199,11 +181,6 @@ app.post('/reset-user-file', async (req, res) => {
});

app.post('/upload-user-file', async (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}

let accountDb = getAccountDb();
if (typeof req.headers['x-actual-name'] !== 'string') {
res.status(400).send('single x-actual-name is required');
Expand Down Expand Up @@ -293,10 +270,6 @@ app.post('/upload-user-file', async (req, res) => {
});

app.get('/download-user-file', async (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}
let accountDb = getAccountDb();
let fileId = req.headers['x-actual-file-id'];
if (typeof fileId !== 'string') {
Expand All @@ -319,10 +292,6 @@ app.get('/download-user-file', async (req, res) => {
});

app.post('/update-user-filename', (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}
let accountDb = getAccountDb();
let { fileId, name } = req.body;

Expand All @@ -342,11 +311,6 @@ app.post('/update-user-filename', (req, res) => {
});

app.get('/list-user-files', (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}

let accountDb = getAccountDb();
let rows = accountDb.all('SELECT * FROM files');

Expand All @@ -365,10 +329,6 @@ app.get('/list-user-files', (req, res) => {
});

app.get('/get-user-file-info', (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}
let accountDb = getAccountDb();
let fileId = req.headers['x-actual-file-id'];

Expand Down Expand Up @@ -397,10 +357,6 @@ app.get('/get-user-file-info', (req, res) => {
});

app.post('/delete-user-file', (req, res) => {
let user = validateUser(req, res);
if (!user) {
return;
}
let accountDb = getAccountDb();
let { fileId } = req.body;

Expand Down
10 changes: 0 additions & 10 deletions src/util/error-middleware.js
View file

This file was deleted.

27 changes: 27 additions & 0 deletions src/util/middlewares.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
import validateUser from './validate-user.js';

/**
* @param {Error} err
* @param {import('express').Request} req
* @param {import('express').Response} res
* @param {import('express').NextFunction} _next
*/
async function errorMiddleware(err, req, res, _next) {
console.log('ERROR', err);
res.status(500).send({ status: 'error', reason: 'internal-error' });
}

/**
* @param {import('express').Request} req
* @param {import('express').Response} res
* @param {import('express').NextFunction} next
*/
const validateUserMiddleware = async (req, res, next) => {
let user = await validateUser(req, res);
if (!user) {
return;
}
next();
};

export { validateUserMiddleware, errorMiddleware };
6 changes: 6 additions & 0 deletions upcoming-release-notes/422.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
category: Maintenance
authors: [tcrasset]
---

Refactor user validation into middleware

0 comments on commit 7fcda08

Please sign in to comment.