remove web.jwt.encryptionkey requirement
when running just CouchDB, make sure fasten services are not present. added auth interceptor when session has expired.
This commit is contained in:
parent
8f933e626d
commit
d89cb920af
|
@ -6,7 +6,7 @@ go mod vendor
|
||||||
go run backend/cmd/fasten/fasten.go start --config ./config.example.yaml --debug
|
go run backend/cmd/fasten/fasten.go start --config ./config.example.yaml --debug
|
||||||
|
|
||||||
docker build -t fasten-couchdb -f docker/couchdb/Dockerfile .
|
docker build -t fasten-couchdb -f docker/couchdb/Dockerfile .
|
||||||
docker run --rm -it -p 5984:5984 -v './.couchdb/data:/opt/couchdb/data' fasten-couchdb
|
docker run --rm -it -p 5984:5984 -v `pwd`/.couchdb/data:/opt/couchdb/data fasten-couchdb
|
||||||
```
|
```
|
||||||
|
|
||||||
# Docker
|
# Docker
|
||||||
|
|
|
@ -77,9 +77,5 @@ func (c *configuration) ReadConfig(configFilePath string) error {
|
||||||
// This function ensures that required configuration keys (that must be manually set) are present
|
// This function ensures that required configuration keys (that must be manually set) are present
|
||||||
func (c *configuration) ValidateConfig() error {
|
func (c *configuration) ValidateConfig() error {
|
||||||
|
|
||||||
if !c.IsSet("web.jwt.encryptionkey") {
|
|
||||||
return errors.ConfigValidationError("`web.jwt.encryptionkey` configuration option must be set")
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,6 +11,6 @@ RUN curl https://github.com/just-containers/s6-overlay/releases/download/v1.21.8
|
||||||
|
|
||||||
COPY /docker/couchdb/local.ini /opt/couchdb/etc/
|
COPY /docker/couchdb/local.ini /opt/couchdb/etc/
|
||||||
COPY /docker/rootfs /
|
COPY /docker/rootfs /
|
||||||
RUN rm -rf /etc/services/fasten #delete the fasten app from the couchdbase container.
|
RUN rm -rf /etc/services.d/fasten #delete the fasten app from the couchdbase container.
|
||||||
|
|
||||||
ENTRYPOINT ["/init"]
|
ENTRYPOINT ["/init"]
|
||||||
|
|
|
@ -19,12 +19,11 @@ import { AuthSigninComponent } from './pages/auth-signin/auth-signin.component';
|
||||||
import { FormsModule } from '@angular/forms';
|
import { FormsModule } from '@angular/forms';
|
||||||
import { NgxDropzoneModule } from 'ngx-dropzone';
|
import { NgxDropzoneModule } from 'ngx-dropzone';
|
||||||
import { CanActivateAuthGuard } from './services/can-activate.auth-guard';
|
import { CanActivateAuthGuard } from './services/can-activate.auth-guard';
|
||||||
import {FastenApiService} from './services/fasten-api.service';
|
|
||||||
import {FastenDbService} from './services/fasten-db.service';
|
import {FastenDbService} from './services/fasten-db.service';
|
||||||
import {Router} from '@angular/router';
|
import {Router} from '@angular/router';
|
||||||
import { SourceDetailComponent } from './pages/source-detail/source-detail.component';
|
import { SourceDetailComponent } from './pages/source-detail/source-detail.component';
|
||||||
import {ResourceListComponent} from './components/resource-list/resource-list.component';
|
|
||||||
import { HighlightModule, HIGHLIGHT_OPTIONS } from 'ngx-highlightjs';
|
import { HighlightModule, HIGHLIGHT_OPTIONS } from 'ngx-highlightjs';
|
||||||
|
import {AuthInterceptorService} from './services/auth-interceptor.service';
|
||||||
|
|
||||||
@NgModule({
|
@NgModule({
|
||||||
declarations: [
|
declarations: [
|
||||||
|
@ -51,6 +50,12 @@ import { HighlightModule, HIGHLIGHT_OPTIONS } from 'ngx-highlightjs';
|
||||||
HighlightModule
|
HighlightModule
|
||||||
],
|
],
|
||||||
providers: [
|
providers: [
|
||||||
|
{
|
||||||
|
provide: HTTP_INTERCEPTORS,
|
||||||
|
useClass: AuthInterceptorService,
|
||||||
|
multi: true,
|
||||||
|
deps: [FastenDbService, Router]
|
||||||
|
},
|
||||||
CanActivateAuthGuard,
|
CanActivateAuthGuard,
|
||||||
{
|
{
|
||||||
provide: HIGHLIGHT_OPTIONS,
|
provide: HIGHLIGHT_OPTIONS,
|
||||||
|
|
|
@ -0,0 +1,39 @@
|
||||||
|
import { Injectable, Injector } from '@angular/core';
|
||||||
|
import {HttpErrorResponse, HttpEvent, HttpHandler, HttpInterceptor, HttpRequest} from '@angular/common/http';
|
||||||
|
import { FastenDbService } from './fasten-db.service';
|
||||||
|
import {Router} from '@angular/router';
|
||||||
|
import {Observable, of, throwError} from 'rxjs';
|
||||||
|
import {catchError} from 'rxjs/operators';
|
||||||
|
|
||||||
|
@Injectable({
|
||||||
|
providedIn: 'root'
|
||||||
|
})
|
||||||
|
|
||||||
|
// based on https://stackoverflow.com/questions/46017245/how-to-handle-unauthorized-requestsstatus-with-401-or-403-with-new-httpclient
|
||||||
|
export class AuthInterceptorService implements HttpInterceptor {
|
||||||
|
|
||||||
|
constructor(private fastenDbService: FastenDbService, private router: Router) { }
|
||||||
|
|
||||||
|
private handleAuthError(err: HttpErrorResponse): Observable<any> {
|
||||||
|
//handle your auth error or rethrow
|
||||||
|
if (err.status === 401 || err.status === 403) {
|
||||||
|
//navigate /delete cookies or whatever
|
||||||
|
this.fastenDbService.Logout()
|
||||||
|
this.router.navigateByUrl(`/auth/signin`);
|
||||||
|
// if you've caught / handled the error, you don't want to rethrow it unless you also want downstream consumers to have to handle it as well.
|
||||||
|
return of(err.message); // or EMPTY may be appropriate here
|
||||||
|
}
|
||||||
|
return throwError(err);
|
||||||
|
}
|
||||||
|
|
||||||
|
intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
|
||||||
|
//only intercept requests to the fasten API, all other requests should be sent as-is
|
||||||
|
if(!req.url.startsWith('/api/secure/')){
|
||||||
|
return next.handle(req)
|
||||||
|
}
|
||||||
|
|
||||||
|
// catch the error, make specific functions for catching specific errors and you can chain through them with more catch operators
|
||||||
|
return next.handle(req).pipe(catchError(x=> this.handleAuthError(x))); //here use an arrow function, otherwise you may get "Cannot read property 'navigate' of undefined" on angular 4.4.2/net core 2/webpack 2.70
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
|
@ -86,9 +86,10 @@ export class FastenDbService extends PouchdbRepository {
|
||||||
//if we have a local database, lets see if we have an active session to the remote database.
|
//if we have a local database, lets see if we have an active session to the remote database.
|
||||||
const remotePouchDb = new PouchDB(this.getRemoteUserDb(localStorage.getItem("current_user")), {skip_setup: true});
|
const remotePouchDb = new PouchDB(this.getRemoteUserDb(localStorage.getItem("current_user")), {skip_setup: true});
|
||||||
const session = await remotePouchDb.getSession()
|
const session = await remotePouchDb.getSession()
|
||||||
console.warn("IsAuthenticated? getSession() ====> ", !!session)
|
const isAuth = !!session?.userCtx?.name
|
||||||
|
console.warn("IsAuthenticated? getSession() ====> ", isAuth)
|
||||||
|
|
||||||
return !!session
|
return isAuth
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue