9f607d250d
## Description 1. Move everything related to client from app folder to client folder (`.yarn`, `yarn.lock`, package.json, .gitignore) 2. Move `ast` and `rst` to client packages 3. Fix running scripts in packages 4. Add running unit tests in packages in CI TODO: It is necessary to consider enabling the `nmHoistingLimits: workspaces` option, since now all packages are hoisted to the root, there may be issues with dependencies in workspaces. Also, there is a possibility of implicit use of packages. https://yarnpkg.com/configuration/yarnrc#nmHoistingLimits #### PR fixes following issue(s) Fixes #23333 #### Type of change - Chore (housekeeping or task changes that don't impact user perception) ## Testing #### How Has This Been Tested? - [x] Manual - [x] Jest - [x] Cypress ## Checklist: #### Dev activity - [x] My code follows the style guidelines of this project - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [x] My changes generate no new warnings - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [ ] PR is being merged under a feature flag Co-authored-by: Valera Melnikov <melnikov.vv@greendatasoft.ru>
71 lines
2.1 KiB
TypeScript
71 lines
2.1 KiB
TypeScript
import type { Socket } from "socket.io";
|
|
import log from "loglevel";
|
|
import axios from "axios";
|
|
|
|
const API_BASE_URL = process.env.APPSMITH_API_BASE_URL;
|
|
|
|
export async function tryAuth(socket: Socket) {
|
|
/* ********************************************************* */
|
|
// TODO: This change is not being used at the moment. Instead of using the environment variable API_BASE_URL
|
|
// we should be able to derive the API_BASE_URL from the host header. This will make configuration simpler
|
|
// for the user. The problem with this implementation is that Axios doesn't work for https endpoints currently.
|
|
// This needs to be debugged.
|
|
/* ********************************************************* */
|
|
|
|
// const host = socket.handshake.headers.host;
|
|
const connectionCookie = socket?.handshake?.headers?.cookie;
|
|
if (
|
|
connectionCookie === undefined ||
|
|
connectionCookie === null ||
|
|
connectionCookie === ""
|
|
) {
|
|
return false;
|
|
}
|
|
|
|
const matchedCookie = connectionCookie.match(/\bSESSION=\S+/);
|
|
if (!matchedCookie) {
|
|
return false;
|
|
}
|
|
|
|
const sessionCookie = matchedCookie[0];
|
|
let response;
|
|
try {
|
|
response = await axios.request({
|
|
method: "GET",
|
|
url: API_BASE_URL + "/users/me",
|
|
headers: {
|
|
Cookie: sessionCookie,
|
|
},
|
|
});
|
|
} catch (error) {
|
|
if (error.response?.status === 401) {
|
|
// eslint-disable-next-line no-console
|
|
console.info(
|
|
"401 received when authenticating user with cookie: " + sessionCookie,
|
|
);
|
|
} else if (error.response) {
|
|
log.error(
|
|
"Error response received while authentication: ",
|
|
error.response,
|
|
);
|
|
} else {
|
|
log.error("Error authenticating", error);
|
|
}
|
|
return false;
|
|
}
|
|
|
|
const email = response?.data?.data?.email;
|
|
const name = response?.data?.data?.name ?? email;
|
|
|
|
// If the session check API succeeds & the email/name is anonymousUser, then the user is not authenticated
|
|
// and we should not allow them to join any rooms
|
|
if (email == null || email === "anonymousUser" || name === "anonymousUser") {
|
|
return false;
|
|
}
|
|
|
|
socket.data.email = email;
|
|
socket.data.name = name;
|
|
|
|
return true;
|
|
}
|