mirror of
https://github.com/nestriness/nestri.git
synced 2025-12-12 16:55:37 +02:00
457aac2258
## Description - [x] Adds support for AWS SSO, which makes us (the team) able to use SST and update the components independently - [x] Splits the webpage into the landing page (Qwik), and Astro (the console) in charge of playing. This allows us to pass in Environment Variables to the console - ~Migrates the docs from Nuxt to Nextjs, and connects them to SST. This allows us to use Fumadocs _citation needed_ that's much more beautiful, and supports OpenApi~ - Cloudflare pages with github integration is not working on our new CF account. So we will have to push the pages deployment manually with Github actions - [x] Moves the current set up from my personal CF and AWS accounts to dedicated Nestri accounts - ## Related Issues <!-- List any related issues (e.g., "Closes #123", "Fixes #456") --> ## Type of Change - [ ] Bug fix (non-breaking change) - [x] New feature (non-breaking change) - [ ] Breaking change (fix or feature that changes existing functionality) - [x] Documentation update - [ ] Other (please describe): ## Checklist - [x] I have updated relevant documentation - [x] My code follows the project's coding style - [x] My changes generate no new warnings/errors ## Notes for Reviewers <!-- Point out areas you'd like reviewers to focus on, questions you have, or decisions that need discussion --> Please approve my PR 🥹 ## Screenshots/Demo <!-- If applicable, add screenshots or a GIF demo of your changes (especially for UI changes) --> ## Additional Context <!-- Add any other context about the pull request here -->
69 lines
2.0 KiB
TypeScript
69 lines
2.0 KiB
TypeScript
import { Resource } from "sst";
|
|
import { subjects } from "../subjects";
|
|
import { type MiddlewareHandler } from "hono";
|
|
// import { User } from "@nestri/core/user/index";
|
|
import { VisibleError } from "@nestri/core/error";
|
|
import { HTTPException } from "hono/http-exception";
|
|
import { useActor, withActor } from "@nestri/core/actor";
|
|
import { createClient } from "@openauthjs/openauth/client";
|
|
|
|
const client = createClient({
|
|
issuer: Resource.Urls.auth,
|
|
clientID: "api",
|
|
});
|
|
|
|
export const notPublic: MiddlewareHandler = async (c, next) => {
|
|
const actor = useActor();
|
|
if (actor.type === "public")
|
|
throw new HTTPException(401, { message: "Unauthorized" });
|
|
return next();
|
|
};
|
|
|
|
export const auth: MiddlewareHandler = async (c, next) => {
|
|
const authHeader =
|
|
c.req.query("authorization") ?? c.req.header("authorization");
|
|
if (!authHeader) return next();
|
|
const match = authHeader.match(/^Bearer (.+)$/);
|
|
if (!match) {
|
|
throw new VisibleError(
|
|
"auth.token",
|
|
"Bearer token not found or improperly formatted",
|
|
);
|
|
}
|
|
const bearerToken = match[1];
|
|
let result = await client.verify(subjects, bearerToken!);
|
|
if (result.err) {
|
|
throw new HTTPException(401, {
|
|
message: "Unauthorized",
|
|
});
|
|
}
|
|
|
|
if (result.subject.type === "user") {
|
|
const teamID = c.req.header("x-nestri-team") //|| c.req.query("teamID");
|
|
if (!teamID) return withActor(result.subject, next);
|
|
// const email = result.subject.properties.email;
|
|
return withActor(
|
|
{
|
|
type: "system",
|
|
properties: {
|
|
teamID,
|
|
},
|
|
},
|
|
next
|
|
// async () => {
|
|
// const user = await User.fromEmail(email);
|
|
// if (!user || user.length === 0) {
|
|
// c.status(401);
|
|
// return c.text("Unauthorized");
|
|
// }
|
|
// return withActor(
|
|
// {
|
|
// type: "member",
|
|
// properties: { userID: user[0].id, workspaceID: user.workspaceID },
|
|
// },
|
|
// next,
|
|
// );
|
|
// },
|
|
);
|
|
}
|
|
}; |