WIP still, tuning up auth and room wildcard with middleware
This commit is contained in:
Nate Anderson
@@ -0,0 +1,47 @@
|
||||
import 'dart:io';
|
||||
|
||||
import 'package:backend/authenticator.dart';
|
||||
import 'package:dart_frog/dart_frog.dart';
|
||||
|
||||
Authenticator? _authenticator;
|
||||
|
||||
Middleware authenticatorMiddlewareProvider() {
|
||||
return provider<Authenticator>((context) => _authenticator ??= Authenticator());
|
||||
}
|
||||
|
||||
typedef Applies = Future<bool> Function(RequestContext context);
|
||||
|
||||
Future<bool> _defaultApplies(RequestContext context) async => true;
|
||||
|
||||
Middleware tokenAuthMiddleware({
|
||||
Applies applies = _defaultApplies,
|
||||
}) {
|
||||
return (handler) => (context) async {
|
||||
if (!await applies(context)) {
|
||||
return handler(context);
|
||||
}
|
||||
final auth = context.read<Authenticator>();
|
||||
// use `auth.verifyToken(token)` to check the jwt that came in the request header bearer
|
||||
final authHeader = context.request.headers['authorization'];
|
||||
final auths = authHeader?.split(' ');
|
||||
if (authHeader == null || !authHeader.startsWith('Bearer ') || auths == null || auths.length != 2) {
|
||||
log.fine('Denied request - No Auth - ${context.request.method.value} ${context.request.uri.path}');
|
||||
return Response(statusCode: HttpStatus.unauthorized);
|
||||
}
|
||||
final token = auths.last;
|
||||
|
||||
final (user, tokStatus) = await auth.verifyToken(token);
|
||||
|
||||
if (user == null) {
|
||||
log.fine(
|
||||
'Denied request - Bad Auth:$tokStatus - ${context.request.method.value} ${context.request.uri.path}, no auth');
|
||||
return Response(statusCode: HttpStatus.unauthorized);
|
||||
}
|
||||
|
||||
return handler(
|
||||
context.provide(
|
||||
() => user,
|
||||
),
|
||||
);
|
||||
};
|
||||
}
|
||||
@@ -0,0 +1,24 @@
|
||||
import 'package:dart_frog/dart_frog.dart';
|
||||
import 'package:logging/logging.dart';
|
||||
|
||||
final log = Logger('ServerLogger');
|
||||
|
||||
Middleware loggerMiddleware() {
|
||||
return (Handler handler) {
|
||||
return (RequestContext context) async {
|
||||
final request = context.request;
|
||||
final startTime = DateTime.now();
|
||||
|
||||
final response = await handler(context);
|
||||
|
||||
final duration = DateTime.now().difference(startTime);
|
||||
|
||||
log.info(
|
||||
'${request.method.name} ${request.uri.path} '
|
||||
'${response.statusCode} ${duration.inMilliseconds}ms',
|
||||
);
|
||||
|
||||
return response;
|
||||
};
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user