zadam/trilium
1
1
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-01-26 17:07:56 +08:00
Code Issues Projects Releases Packages Wiki Activity

logging API auth rejections

Browse source
This commit is contained in:
zadam 2019-07-25 21:05:16 +02:00
parent b488adc330
commit 78ffac8232
1 changed files with 11 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
src/services/auth.js
View file

@ -1,6 +1,7 @@
"use strict"; "use strict";
const sql = require('./sql'); const sql = require('./sql');
const log = require('./log');
const sqlInit = require('./sql_init'); const sqlInit = require('./sql_init');
const utils = require('./utils'); const utils = require('./utils');
const passwordEncryptionService = require('./password_encryption'); const passwordEncryptionService = require('./password_encryption');
@ -22,7 +23,7 @@ async function checkAuth(req, res, next) {
// currently we're doing that for file upload because handling form data seems to be difficult // currently we're doing that for file upload because handling form data seems to be difficult
async function checkApiAuthOrElectron(req, res, next) { async function checkApiAuthOrElectron(req, res, next) {
if (!req.session.loggedIn && !utils.isElectron()) { if (!req.session.loggedIn && !utils.isElectron()) {
res.status(401).send("Not authorized"); reject(req, res, "Not authorized");
} }
else { else {
next(); next();
@ -31,7 +32,7 @@ async function checkApiAuthOrElectron(req, res, next) {
async function checkApiAuth(req, res, next) { async function checkApiAuth(req, res, next) {
if (!req.session.loggedIn) { if (!req.session.loggedIn) {
res.status(401).send("Not authorized"); reject(req, res, "Not authorized");
} }
else { else {
next(); next();
@ -49,7 +50,7 @@ async function checkAppInitialized(req, res, next) {
async function checkAppNotInitialized(req, res, next) { async function checkAppNotInitialized(req, res, next) {
if (await sqlInit.isDbInitialized()) { if (await sqlInit.isDbInitialized()) {
res.status(400).send("App already initialized."); reject(req, res, "App already initialized.");
} }
else { else {
next(); next();
@ -60,13 +61,19 @@ async function checkToken(req, res, next) {
const token = req.headers.authorization; const token = req.headers.authorization;
if (await sql.getValue("SELECT COUNT(*) FROM api_tokens WHERE isDeleted = 0 AND token = ?", [token]) === 0) { if (await sql.getValue("SELECT COUNT(*) FROM api_tokens WHERE isDeleted = 0 AND token = ?", [token]) === 0) {
res.status(401).send("Not authorized"); reject(req, res, "Not authorized");
} }
else { else {
next(); next();
} }
} }
function reject(req, res, message) {
log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
res.status(401).send(message);
}
async function checkBasicAuth(req, res, next) { async function checkBasicAuth(req, res, next) {
const header = req.headers.authorization || ''; const header = req.headers.authorization || '';
const token = header.split(/\s+/).pop() || ''; const token = header.split(/\s+/).pop() || '';