yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore: Remove method override middleware (#4315)

Browse Source 
* chore: Remove method override middleware

* wip

* CodeQL

* max/min
This commit is contained in:
Tom Moor
2022-10-18 19:03:25 -04:00
committed by GitHub
parent 0da46321b8
commit 87e3f18e6d
32 changed files with 185 additions and 192 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
server/middlewares/authentication.test.ts
View File

@@ -1,3 +1,4 @@
import { DefaultState } from "koa";
import randomstring from "randomstring";
import ApiKey from "@server/models/ApiKey";
import { buildUser, buildTeam } from "@server/test/factories";
@@ -9,37 +10,35 @@ setupTestDatabase();
describe("Authentication middleware", () => {
describe("with JWT", () => {
it("should authenticate with correct token", async () => {
const state = {};
const state = {} as DefaultState;
const user = await buildUser();
const authMiddleware = auth();
await authMiddleware(
{
// @ts-expect-error ts-migrate(2740) FIXME: Type '{ get: Mock<string, []>; }' is missing the f... Remove this comment to see the full error message
// @ts-expect-error mock request
request: {
get: jest.fn(() => `Bearer ${user.getJwtToken()}`),
},
// @ts-expect-error ts-migrate(2322) FIXME: Type '{}' is not assignable to type 'DefaultState ... Remove this comment to see the full error message
state,
cache: {},
},
jest.fn()
);
// @ts-expect-error ts-migrate(2339) FIXME: Property 'user' does not exist on type '{}'.
expect(state.user.id).toEqual(user.id);
});
it("should return error with invalid token", async () => {
const state = {};
const state = {} as DefaultState;
const user = await buildUser();
const authMiddleware = auth();
try {
await authMiddleware(
{
// @ts-expect-error ts-migrate(2740) FIXME: Type '{ get: Mock<string, []>; }' is missing the f... Remove this comment to see the full error message
// @ts-expect-error mock request
request: {
get: jest.fn(() => `Bearer ${user.getJwtToken()}error`),
},
// @ts-expect-error ts-migrate(2322) FIXME: Type '{}' is not assignable to type 'DefaultState ... Remove this comment to see the full error message
state,
cache: {},
},
@@ -52,7 +51,7 @@ describe("Authentication middleware", () => {
});
describe("with API key", () => {
it("should authenticate user with valid API key", async () => {
const state = {};
const state = {} as DefaultState;
const user = await buildUser();
const authMiddleware = auth();
const key = await ApiKey.create({
@@ -60,31 +59,28 @@ describe("Authentication middleware", () => {
});
await authMiddleware(
{
// @ts-expect-error ts-migrate(2740) FIXME: Type '{ get: Mock<string, []>; }' is missing the f... Remove this comment to see the full error message
// @ts-expect-error mock request
request: {
get: jest.fn(() => `Bearer ${key.secret}`),
},
// @ts-expect-error ts-migrate(2322) FIXME: Type '{}' is not assignable to type 'DefaultState ... Remove this comment to see the full error message
state,
cache: {},
},
jest.fn()
);
// @ts-expect-error ts-migrate(2339) FIXME: Property 'user' does not exist on type '{}'.
expect(state.user.id).toEqual(user.id);
});
it("should return error with invalid API key", async () => {
const state = {};
const state = {} as DefaultState;
const authMiddleware = auth();
try {
await authMiddleware(
{
// @ts-expect-error ts-migrate(2740) FIXME: Type '{ get: Mock<string, []>; }' is missing the f... Remove this comment to see the full error message
// @ts-expect-error mock request
request: {
get: jest.fn(() => `Bearer ${randomstring.generate(38)}`),
},
// @ts-expect-error ts-migrate(2322) FIXME: Type '{}' is not assignable to type 'DefaultState ... Remove this comment to see the full error message
state,
cache: {},
},
@@ -97,17 +93,16 @@ describe("Authentication middleware", () => {
});
it("should return error message if no auth token is available", async () => {
const state = {};
const state = {} as DefaultState;
const authMiddleware = auth();
try {
await authMiddleware(
{
// @ts-expect-error ts-migrate(2740) FIXME: Type '{ get: Mock<string, []>; }' is missing the f... Remove this comment to see the full error message
// @ts-expect-error mock request
request: {
get: jest.fn(() => "error"),
},
// @ts-expect-error ts-migrate(2322) FIXME: Type '{}' is not assignable to type 'DefaultState ... Remove this comment to see the full error message
state,
cache: {},
},
@@ -121,54 +116,49 @@ describe("Authentication middleware", () => {
});
it("should allow passing auth token as a GET param", async () => {
const state = {};
const state = {} as DefaultState;
const user = await buildUser();
const authMiddleware = auth();
await authMiddleware(
{
request: {
// @ts-expect-error ts-migrate(2322) FIXME: Type 'Mock<null, []>' is not assignable to type '(... Remove this comment to see the full error message
// @ts-expect-error mock request
get: jest.fn(() => null),
query: {
token: user.getJwtToken(),
},
},
body: {},
// @ts-expect-error ts-migrate(2322) FIXME: Type '{}' is not assignable to type 'DefaultState ... Remove this comment to see the full error message
state,
cache: {},
},
jest.fn()
);
// @ts-expect-error ts-migrate(2339) FIXME: Property 'user' does not exist on type '{}'.
expect(state.user.id).toEqual(user.id);
});
it("should allow passing auth token in body params", async () => {
const state = {};
const state = {} as DefaultState;
const user = await buildUser();
const authMiddleware = auth();
await authMiddleware(
{
request: {
// @ts-expect-error ts-migrate(2322) FIXME: Type 'Mock<null, []>' is not assignable to type '(... Remove this comment to see the full error message
// @ts-expect-error mock request
get: jest.fn(() => null),
body: {
token: user.getJwtToken(),
},
},
body: {
token: user.getJwtToken(),
},
// @ts-expect-error ts-migrate(2322) FIXME: Type '{}' is not assignable to type 'DefaultState ... Remove this comment to see the full error message
state,
cache: {},
},
jest.fn()
);
// @ts-expect-error ts-migrate(2339) FIXME: Property 'user' does not exist on type '{}'.
expect(state.user.id).toEqual(user.id);
});
it("should return an error for suspended users", async () => {
const state = {};
const state = {} as DefaultState;
const admin = await buildUser();
const user = await buildUser({
suspendedAt: new Date(),
@@ -180,11 +170,10 @@ describe("Authentication middleware", () => {
try {
await authMiddleware(
{
// @ts-expect-error ts-migrate(2740) FIXME: Type '{ get: Mock<string, []>; }' is missing the f... Remove this comment to see the full error message
// @ts-expect-error mock request
request: {
get: jest.fn(() => `Bearer ${user.getJwtToken()}`),
},
// @ts-expect-error ts-migrate(2322) FIXME: Type '{}' is not assignable to type 'DefaultState ... Remove this comment to see the full error message
state,
cache: {},
},
@@ -201,7 +190,7 @@ describe("Authentication middleware", () => {
});
it("should return an error for deleted team", async () => {
const state = {};
const state = {} as DefaultState;
const team = await buildTeam();
const user = await buildUser({
teamId: team.id,
@@ -213,11 +202,10 @@ describe("Authentication middleware", () => {
try {
await authMiddleware(
{
// @ts-expect-error ts-migrate(2740) FIXME: Type '{ get: Mock<string, []>; }' is missing the f... Remove this comment to see the full error message
// @ts-expect-error mock request
request: {
get: jest.fn(() => `Bearer ${user.getJwtToken()}`),
},
// @ts-expect-error ts-migrate(2322) FIXME: Type '{}' is not assignable to type 'DefaultState ... Remove this comment to see the full error message
state,
cache: {},
},

11
server/middlewares/authentication.ts
View File

@@ -43,13 +43,12 @@ export default function auth(options: AuthenticationOptions = {}) {
);
}
} else if (
ctx.body &&
typeof ctx.body === "object" &&
"token" in ctx.body
ctx.request.body &&
typeof ctx.request.body === "object" &&
"token" in ctx.request.body
) {
// @ts-expect-error ts-migrate(2571) FIXME: Object is of type 'unknown'.
token = ctx.body.token;
} else if (ctx.request.query.token) {
token = ctx.request.body.token;
} else if (ctx.request.query?.token) {
token = ctx.request.query.token;
} else {
token = ctx.cookies.get("accessToken");

15
server/middlewares/methodOverride.ts
View File

@@ -1,15 +0,0 @@
import { Context, Next } from "koa";
import queryString from "query-string";
export default function methodOverride() {
return async function methodOverrideMiddleware(ctx: Context, next: Next) {
// TODO: Need to remove this use of ctx.body to enable proper typing of requests
if (ctx.method === "POST") {
ctx.body = ctx.request.body;
} else if (ctx.method === "GET") {
ctx.body = queryString.parse(ctx.querystring);
}
return next();
};
}