Add auth

Author: hirsch88

Diff for: .env.example

@@ -12,6 +12,11 @@ LOG_LEVEL="debug"
 LOG_JSON=false
 LOG_OUTPUT="dev"
 
+#
+# AUTHORIZATION
+#
+AUTH_ROUTE="http://localhost:3333/tokeninfo"
+
 #
 # DATABASE
 #

Diff for: package.json

@@ -9,6 +9,7 @@
   "scripts": {
     "start": "node dist/app.js",
     "test": "nps test",
+    "build": "nps build",
     "ts-node": "./node_modules/.bin/ts-node",
     "ts-node:fast": "./node_modules/.bin/ts-node -F",
     "console": "npm run ts-node:fast -- ./src/console/lib/console.ts",
@@ -50,13 +51,15 @@
     "@types/lodash": "^4.14.80",
     "@types/morgan": "^1.7.35",
     "@types/reflect-metadata": "0.0.5",
+    "@types/request": "^2.0.8",
     "@types/serve-favicon": "^2.2.29",
     "@types/uuid": "^3.4.3",
     "@types/winston": "^2.3.7",
     "ascii-art": "^1.4.2",
     "body-parser": "^1.18.2",
     "class-validator": "^0.7.3",
     "compression": "^1.7.1",
+    "copyfiles": "^1.2.0",
     "cors": "^2.8.4",
     "dotenv": "^4.0.0",
     "express": "^4.16.2",
@@ -71,6 +74,7 @@
     "nodemon": "^1.12.1",
     "path": "^0.12.7",
     "reflect-metadata": "^0.1.10",
+    "request": "^2.83.0",
     "routing-controllers": "^0.7.6",
     "serve-favicon": "^2.4.5",
     "swagger-ui-express": "^2.0.10",

Diff for: src/api/controllers/UserController.ts

@@ -1,18 +1,19 @@
-import { JsonController, Get, Post, Put, Param, Delete, Body, OnUndefined } from 'routing-controllers';
+import { JsonController, Get, Post, Put, Param, Delete, Body, OnUndefined, Authorized, CurrentUser } from 'routing-controllers';
 import { Inject } from 'typedi';
 import { UserService } from '../services/UserService';
 import { User } from '../models/User';
 import { UserNotFoundError } from '../errors/UserNotFoundError';
 
 
+@Authorized()
 @JsonController('/users')
 export class UserController {
 
     @Inject()
     private userService: UserService;
 
     @Get()
-    public find(): Promise<User[]> {
+    public find( @CurrentUser() user?: User): Promise<User[]> {
         return this.userService.find();
     }
 

Diff for: src/api/models/User.ts

@@ -16,4 +16,8 @@ export class User extends BaseEntity {
     @Column({ name: 'last_name' })
     public lastName: string;
 
+    @IsNotEmpty()
+    @Column()
+    public email: string;
+
 }

Diff for: src/auth/AuthService.ts

@@ -0,0 +1,45 @@
+import * as request from 'request';
+import { Service } from 'typedi';
+import { env } from '../core/env';
+import { ITokenInfo } from './ITokenInfo';
+
+
+@Service()
+export class AuthService {
+
+    public parseTokenFromRequest(req: myExpress.Request): string | null {
+        const authorization = req.header('authorization');
+
+        // Retrieve the token form the Authorization header
+        if (authorization && authorization.split(' ')[0] === 'Bearer') {
+            return authorization.split(' ')[1];
+        }
+
+        // No token was provided by the client
+        return null;
+    }
+
+    public getTokenInfo(token: string): Promise<ITokenInfo> {
+        return new Promise((resolve, reject) => {
+            request({
+                method: 'POST',
+                url: env.auth.route,
+                form: {
+                    id_token: token
+                }
+            }, (error: any, response: request.RequestResponse, body: any) => {
+                // Verify if the requests was successful and append user
+                // information to our extended express request object
+                if (!error) {
+                    if (response.statusCode === 200) {
+                        const tokeninfo = JSON.parse(body);
+                        return resolve(tokeninfo);
+                    }
+                    return reject(body);
+                }
+                return reject(error);
+            });
+        });
+    }
+
+}

Diff for: src/auth/ITokenInfo.ts

@@ -0,0 +1,3 @@
+export interface ITokenInfo {
+    user_id: string;
+}

Diff for: src/auth/authorizationChecker.ts

@@ -0,0 +1,33 @@
+import { Action } from 'routing-controllers';
+import { Container } from 'typedi';
+import { AuthService } from './AuthService';
+import { Log } from '../core/Log';
+
+const log = new Log(__filename);
+const authService = Container.get(AuthService);
+
+
+export async function authorizationChecker(action: Action, roles: string[]): Promise<boolean> {
+    // here you can use request/response objects from action
+    // also if decorator defines roles it needs to access the action
+    // you can use them to provide granular access check
+    // checker must return either boolean (true or false)
+    // either promise that resolves a boolean value
+    // demo code:
+    const token = authService.parseTokenFromRequest(action.request);
+
+    if (token === null) {
+        log.warn('No token given');
+        return false; // res.failed(403, 'You are not allowed to request this resource!');
+    }
+
+    // Request user info at auth0 with the provided token
+    try {
+        action.request.tokeninfo = await authService.getTokenInfo(token);
+        log.info('Successfully checked token');
+        return true;
+    } catch (e) {
+        log.warn(e);
+        return false;
+    }
+}

Diff for: src/auth/currentUserChecker.ts

@@ -0,0 +1,32 @@
+import { Action } from 'routing-controllers';
+import { User } from '../api/models/User';
+import { Log } from '../core/Log';
+import { ITokenInfo } from './ITokenInfo';
+// import { UserRepository } from '../api/repositories/UserRepository';
+// import { getConnection } from 'typeorm';
+
+const log = new Log(__filename);
+
+
+export async function currentUserChecker(action: Action): Promise<User | undefined> {
+    // here you can use request/response objects from action
+    // you need to provide a user object that will be injected in controller actions
+    // demo code:
+    const tokeninfo: ITokenInfo = action.request.tokeninfo;
+    log.info('todo user checker', tokeninfo);
+
+    // const connection = getConnection();
+
+    // const userRepository = connection.getRepository<User>(UserRepository);
+    // console.log(connection);
+    // const user = await userRepository.
+    //     findOne({
+    //         where: {
+    //             email: tokeninfo.user_id
+    //         }
+    //     });
+    // console.log(user);
+
+    return Promise.resolve(new User());
+}
+

Diff for: src/core/env.ts

@@ -18,6 +18,9 @@ export const env = {
         json: toBool(getOsEnv('LOG_JSON')),
         output: getOsEnv('LOG_OUTPUT')
     },
+    auth: {
+        route: getOsEnv('AUTH_ROUTE')
+    },
     db: {
         type: getOsEnv('DB_TYPE'),
         host: getOsEnv('DB_HOST'),

Diff for: src/loaders/expressLoader.ts

@@ -4,6 +4,8 @@ import { useContainer as ormUseContainer } from 'typeorm';
 import { useContainer as routingUseContainer, createExpressServer } from 'routing-controllers';
 import { MicroframeworkSettings, MicroframeworkLoader } from 'microframework';
 import { env } from '../core/env';
+import { authorizationChecker } from '../auth/authorizationChecker';
+import { currentUserChecker } from '../auth/currentUserChecker';
 
 
 export const expressLoader: MicroframeworkLoader = (settings: MicroframeworkSettings | undefined) => {
@@ -27,8 +29,13 @@ export const expressLoader: MicroframeworkLoader = (settings: MicroframeworkSett
          */
         controllers: [path.join(__dirname, '..', 'api/controllers/*{.js,.ts}')],
         middlewares: [path.join(__dirname, '..', 'api/middlewares/*{.js,.ts}')],
-        interceptors: [path.join(__dirname, '..', 'api/interceptors/*{.js,.ts}')]
+        interceptors: [path.join(__dirname, '..', 'api/interceptors/*{.js,.ts}')],
 
+        /**
+         * Authorization features
+         */
+        authorizationChecker,
+        currentUserChecker
     });
 
     // Run application to listen on given port

Diff for: src/loaders/typeormLoader.ts

@@ -1,7 +1,7 @@
+import * as path from 'path';
 import { createConnection } from 'typeorm';
 import { MicroframeworkSettings, MicroframeworkLoader } from 'microframework';
 import { env } from '../core/env';
-import { User } from '../api/models/User';
 
 
 export const typeormLoader: MicroframeworkLoader = async (settings: MicroframeworkSettings | undefined) => {
@@ -16,7 +16,7 @@ export const typeormLoader: MicroframeworkLoader = async (settings: Microframewo
         synchronize: env.db.synchronize,
         logging: env.db.logging,
         entities: [
-            User
+            path.join(__dirname, '..', 'api/models/*{.js,.ts}')
         ]
     });
 

Diff for: yarn.lock

@@ -43,6 +43,12 @@
     "@types/express-serve-static-core" "*"
     "@types/serve-static" "*"
 
+"@types/form-data@*":
+  version "2.2.1"
+  resolved "https://registry.yarnpkg.com/@types/form-data/-/form-data-2.2.1.tgz#ee2b3b8eaa11c0938289953606b745b738c54b1e"
+  dependencies:
+    "@types/node" "*"
+
 "@types/helmet@^0.0.37":
   version "0.0.37"
   resolved "https://registry.yarnpkg.com/@types/helmet/-/helmet-0.0.37.tgz#6b150f30219c0d6563e8e0a3fbcad8dd90fa4f68"
@@ -75,6 +81,13 @@
   version "0.0.5"
   resolved "https://registry.yarnpkg.com/@types/reflect-metadata/-/reflect-metadata-0.0.5.tgz#9c042bfa9803d577aad4f57dfbca4b7cae4286fe"
 
+"@types/request@^2.0.8":
+  version "2.0.8"
+  resolved "https://registry.yarnpkg.com/@types/request/-/request-2.0.8.tgz#424d3de255868107ed4dd6695c65c5f1766aba80"
+  dependencies:
+    "@types/form-data" "*"
+    "@types/node" "*"
+
 "@types/serve-favicon@^2.2.29":
   version "2.2.30"
   resolved "https://registry.yarnpkg.com/@types/serve-favicon/-/serve-favicon-2.2.30.tgz#5bea4ead966a9ad5e0f409141edba0cebf20da73"
@@ -981,6 +994,17 @@ cookie@0.3.1, cookie@^0.3.1:
   version "0.3.1"
   resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb"
 
+copyfiles@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/copyfiles/-/copyfiles-1.2.0.tgz#a8da3ac41aa2220ae29bd3c58b6984294f2c593c"
+  dependencies:
+    glob "^7.0.5"
+    ltcdr "^2.2.1"
+    minimatch "^3.0.3"
+    mkdirp "^0.5.1"
+    noms "0.0.0"
+    through2 "^2.0.1"
+
 core-js@^2.4.0, core-js@^2.4.1, core-js@^2.5.0:
   version "2.5.1"
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.1.tgz#ae6874dc66937789b80754ff5428df66819ca50b"
@@ -2884,6 +2908,10 @@ lru-cache@^4.0.0, lru-cache@^4.0.1:
     pseudomap "^1.0.2"
     yallist "^2.1.2"
 
+ltcdr@^2.2.1:
+  version "2.2.1"
+  resolved "https://registry.yarnpkg.com/ltcdr/-/ltcdr-2.2.1.tgz#5ab87ad1d4c1dab8e8c08bbf037ee0c1902287cf"
+
 make-dir@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-1.1.0.tgz#19b4369fe48c116f53c2af95ad102c0e39e85d51"
@@ -3134,6 +3162,13 @@ nodemon@^1.12.1:
     undefsafe "0.0.3"
     update-notifier "^2.2.0"
 
+noms@0.0.0:
+  version "0.0.0"
+  resolved "https://registry.yarnpkg.com/noms/-/noms-0.0.0.tgz#da8ebd9f3af9d6760919b27d9cdc8092a7332859"
+  dependencies:
+    inherits "^2.0.1"
+    readable-stream "~1.0.31"
+
 nopt@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/nopt/-/nopt-4.0.1.tgz#d0d4685afd5415193c8c7505602d0d17cd64474d"
@@ -3671,7 +3706,7 @@ read-pkg@^2.0.0:
     normalize-package-data "^2.3.2"
     path-type "^2.0.0"
 
-readable-stream@2.3.3, readable-stream@^2.0.0, readable-stream@^2.0.2, readable-stream@^2.0.5, readable-stream@^2.0.6, readable-stream@^2.1.4:
+readable-stream@2.3.3, readable-stream@^2.0.0, readable-stream@^2.0.2, readable-stream@^2.0.5, readable-stream@^2.0.6, readable-stream@^2.1.4, readable-stream@^2.1.5:
   version "2.3.3"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.3.tgz#368f2512d79f9d46fdfc71349ae7878bbc1eb95c"
   dependencies:
@@ -3692,6 +3727,15 @@ readable-stream@^1.0.31:
     isarray "0.0.1"
     string_decoder "~0.10.x"
 
+readable-stream@~1.0.31:
+  version "1.0.34"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c"
+  dependencies:
+    core-util-is "~1.0.0"
+    inherits "~2.0.1"
+    isarray "0.0.1"
+    string_decoder "~0.10.x"
+
 readdirp@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78"
@@ -3813,7 +3857,7 @@ request@2.81.0:
     tunnel-agent "^0.6.0"
     uuid "^3.0.0"
 
-request@^2.78.0, request@^2.79.0:
+request@^2.78.0, request@^2.79.0, request@^2.83.0:
   version "2.83.0"
   resolved "https://registry.yarnpkg.com/request/-/request-2.83.0.tgz#ca0b65da02ed62935887808e6f510381034e3356"
   dependencies:
@@ -4360,6 +4404,13 @@ throat@^4.0.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/throat/-/throat-4.1.0.tgz#89037cbc92c56ab18926e6ba4cbb200e15672a6a"
 
+through2@^2.0.1:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be"
+  dependencies:
+    readable-stream "^2.1.5"
+    xtend "~4.0.1"
+
 through@2, through@~2.3, through@~2.3.1, through@~2.3.4:
   version "2.3.8"
   resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5"
@@ -4912,7 +4963,7 @@ xmlhttprequest-ssl@~1.5.4:
   version "1.5.4"
   resolved "https://registry.yarnpkg.com/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.5.4.tgz#04f560915724b389088715cc0ed7813e9677bf57"
 
-xtend@^4.0.0, xtend@^4.0.1:
+xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af"