remove web.jwt.encryptionkey requirement

when running just CouchDB, make sure fasten services are not present.
added auth interceptor when session has expired.
This commit is contained in:
Jason Kulatunga 2022-10-09 12:59:09 -07:00
parent 8f933e626d
commit d89cb920af
6 changed files with 51 additions and 10 deletions

View File

@ -6,7 +6,7 @@ go mod vendor
go run backend/cmd/fasten/fasten.go start --config ./config.example.yaml --debug go run backend/cmd/fasten/fasten.go start --config ./config.example.yaml --debug
docker build -t fasten-couchdb -f docker/couchdb/Dockerfile . docker build -t fasten-couchdb -f docker/couchdb/Dockerfile .
docker run --rm -it -p 5984:5984 -v './.couchdb/data:/opt/couchdb/data' fasten-couchdb docker run --rm -it -p 5984:5984 -v `pwd`/.couchdb/data:/opt/couchdb/data fasten-couchdb
``` ```
# Docker # Docker

View File

@ -77,9 +77,5 @@ func (c *configuration) ReadConfig(configFilePath string) error {
// This function ensures that required configuration keys (that must be manually set) are present // This function ensures that required configuration keys (that must be manually set) are present
func (c *configuration) ValidateConfig() error { func (c *configuration) ValidateConfig() error {
if !c.IsSet("web.jwt.encryptionkey") {
return errors.ConfigValidationError("`web.jwt.encryptionkey` configuration option must be set")
}
return nil return nil
} }

View File

@ -11,6 +11,6 @@ RUN curl https://github.com/just-containers/s6-overlay/releases/download/v1.21.8
COPY /docker/couchdb/local.ini /opt/couchdb/etc/ COPY /docker/couchdb/local.ini /opt/couchdb/etc/
COPY /docker/rootfs / COPY /docker/rootfs /
RUN rm -rf /etc/services/fasten #delete the fasten app from the couchdbase container. RUN rm -rf /etc/services.d/fasten #delete the fasten app from the couchdbase container.
ENTRYPOINT ["/init"] ENTRYPOINT ["/init"]

View File

@ -19,12 +19,11 @@ import { AuthSigninComponent } from './pages/auth-signin/auth-signin.component';
import { FormsModule } from '@angular/forms'; import { FormsModule } from '@angular/forms';
import { NgxDropzoneModule } from 'ngx-dropzone'; import { NgxDropzoneModule } from 'ngx-dropzone';
import { CanActivateAuthGuard } from './services/can-activate.auth-guard'; import { CanActivateAuthGuard } from './services/can-activate.auth-guard';
import {FastenApiService} from './services/fasten-api.service';
import {FastenDbService} from './services/fasten-db.service'; import {FastenDbService} from './services/fasten-db.service';
import {Router} from '@angular/router'; import {Router} from '@angular/router';
import { SourceDetailComponent } from './pages/source-detail/source-detail.component'; import { SourceDetailComponent } from './pages/source-detail/source-detail.component';
import {ResourceListComponent} from './components/resource-list/resource-list.component';
import { HighlightModule, HIGHLIGHT_OPTIONS } from 'ngx-highlightjs'; import { HighlightModule, HIGHLIGHT_OPTIONS } from 'ngx-highlightjs';
import {AuthInterceptorService} from './services/auth-interceptor.service';
@NgModule({ @NgModule({
declarations: [ declarations: [
@ -51,6 +50,12 @@ import { HighlightModule, HIGHLIGHT_OPTIONS } from 'ngx-highlightjs';
HighlightModule HighlightModule
], ],
providers: [ providers: [
{
provide: HTTP_INTERCEPTORS,
useClass: AuthInterceptorService,
multi: true,
deps: [FastenDbService, Router]
},
CanActivateAuthGuard, CanActivateAuthGuard,
{ {
provide: HIGHLIGHT_OPTIONS, provide: HIGHLIGHT_OPTIONS,

View File

@ -0,0 +1,39 @@
import { Injectable, Injector } from '@angular/core';
import {HttpErrorResponse, HttpEvent, HttpHandler, HttpInterceptor, HttpRequest} from '@angular/common/http';
import { FastenDbService } from './fasten-db.service';
import {Router} from '@angular/router';
import {Observable, of, throwError} from 'rxjs';
import {catchError} from 'rxjs/operators';
@Injectable({
providedIn: 'root'
})
// based on https://stackoverflow.com/questions/46017245/how-to-handle-unauthorized-requestsstatus-with-401-or-403-with-new-httpclient
export class AuthInterceptorService implements HttpInterceptor {
constructor(private fastenDbService: FastenDbService, private router: Router) { }
private handleAuthError(err: HttpErrorResponse): Observable<any> {
//handle your auth error or rethrow
if (err.status === 401 || err.status === 403) {
//navigate /delete cookies or whatever
this.fastenDbService.Logout()
this.router.navigateByUrl(`/auth/signin`);
// if you've caught / handled the error, you don't want to rethrow it unless you also want downstream consumers to have to handle it as well.
return of(err.message); // or EMPTY may be appropriate here
}
return throwError(err);
}
intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
//only intercept requests to the fasten API, all other requests should be sent as-is
if(!req.url.startsWith('/api/secure/')){
return next.handle(req)
}
// catch the error, make specific functions for catching specific errors and you can chain through them with more catch operators
return next.handle(req).pipe(catchError(x=> this.handleAuthError(x))); //here use an arrow function, otherwise you may get "Cannot read property 'navigate' of undefined" on angular 4.4.2/net core 2/webpack 2.70
}
}

View File

@ -86,9 +86,10 @@ export class FastenDbService extends PouchdbRepository {
//if we have a local database, lets see if we have an active session to the remote database. //if we have a local database, lets see if we have an active session to the remote database.
const remotePouchDb = new PouchDB(this.getRemoteUserDb(localStorage.getItem("current_user")), {skip_setup: true}); const remotePouchDb = new PouchDB(this.getRemoteUserDb(localStorage.getItem("current_user")), {skip_setup: true});
const session = await remotePouchDb.getSession() const session = await remotePouchDb.getSession()
console.warn("IsAuthenticated? getSession() ====> ", !!session) const isAuth = !!session?.userCtx?.name
console.warn("IsAuthenticated? getSession() ====> ", isAuth)
return !!session return isAuth
} catch (e) { } catch (e) {
return false return false
} }