Added authUpdated subscription
This commit is contained in:
parent
0f2df50daa
commit
05db879b27
|
@ -6,6 +6,8 @@ import { encodePassword } from '../utils/activedirectory/encodePassword'
|
|||
import config from '../utils/activedirectory/config'
|
||||
import jwt from 'jsonwebtoken'
|
||||
|
||||
import { pubsub, AUTH_UPDATED } from '../pubsub'
|
||||
|
||||
class User {
|
||||
constructor(username) {
|
||||
this.username = username
|
||||
|
@ -227,13 +229,17 @@ class User {
|
|||
groups
|
||||
}
|
||||
|
||||
return prisma.user.upsert({
|
||||
const dbUser = await prisma.user.upsert({
|
||||
where: {
|
||||
sAMAccountName: user.sAMAccountName
|
||||
},
|
||||
update: user,
|
||||
create: user
|
||||
})
|
||||
|
||||
pubsub.publish(AUTH_UPDATED, { authUpdated: dbUser })
|
||||
|
||||
return dbUser
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
import { PubSub } from 'apollo-server'
|
||||
|
||||
const USER_PRESENCE_UPDATED = 'USER_PRESENCE_UPDATED'
|
||||
const AUTH_UPDATED = 'AUTH_UPDATED'
|
||||
|
||||
const pubsub = new PubSub()
|
||||
|
||||
export { pubsub, USER_PRESENCE_UPDATED }
|
||||
export { pubsub, USER_PRESENCE_UPDATED, AUTH_UPDATED }
|
||||
|
|
|
@ -1,10 +1,22 @@
|
|||
import { pubsub, USER_PRESENCE_UPDATED } from '../pubsub'
|
||||
|
||||
import { updateDevicesInfo } from '../utils/wifiUtils'
|
||||
import { pubsub, USER_PRESENCE_UPDATED, AUTH_UPDATED } from '../pubsub'
|
||||
import { withFilter } from 'apollo-server'
|
||||
import { validateToken } from '../utils/validateToken'
|
||||
|
||||
const Subscription = {
|
||||
userPresenceUpdated: {
|
||||
subscribe: () => pubsub.asyncIterator([USER_PRESENCE_UPDATED])
|
||||
},
|
||||
authUpdated: {
|
||||
subscribe: withFilter(
|
||||
() => pubsub.asyncIterator([AUTH_UPDATED]),
|
||||
(payload, variables, context) => {
|
||||
const { sAMAccountName } = validateToken(
|
||||
context.connection.context.authorization
|
||||
)
|
||||
|
||||
return payload.authUpdated.sAMAccountName == sAMAccountName
|
||||
}
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
import { SchemaDirectiveVisitor } from 'apollo-server'
|
||||
import { defaultFieldResolver } from 'graphql'
|
||||
import jwt from 'jsonwebtoken'
|
||||
|
||||
import { User } from '../classes/User'
|
||||
import { validateToken } from '../utils/validateToken'
|
||||
|
||||
class AuthDirective extends SchemaDirectiveVisitor {
|
||||
visitFieldDefinition(field, details) {
|
||||
|
@ -20,9 +20,8 @@ class AuthDirective extends SchemaDirectiveVisitor {
|
|||
if (authorizationHeader) {
|
||||
const token = authorizationHeader.replace('Bearer ', '')
|
||||
|
||||
const { sAMAccountName, pwdLastSet } = jwt.verify(
|
||||
token,
|
||||
process.env.JWT_SECRET
|
||||
const { sAMAccountName, pwdLastSet } = validateToken(
|
||||
authorizationHeader
|
||||
)
|
||||
|
||||
const user = await new User(sAMAccountName).init()
|
||||
|
|
|
@ -19,7 +19,7 @@ const server = new ApolloServer({
|
|||
subscriptions: {
|
||||
onConnect: connectionParams => {
|
||||
return {
|
||||
authorization: connectionParams.headers.Authorization
|
||||
authorization: connectionParams.Authorization
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
@ -48,6 +48,7 @@ const typeDefs = gql`
|
|||
|
||||
type Subscription {
|
||||
userPresenceUpdated: Int! @auth(roles: ["watcher"])
|
||||
authUpdated: User! @auth
|
||||
}
|
||||
|
||||
directive @auth(roles: [String!]) on FIELD_DEFINITION
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
import { promiseWrapper as AD } from 'activedirectory2'
|
||||
import config from './config'
|
||||
|
||||
// TODO: Refactor to instantiate in context creation function
|
||||
const ad = new AD(config)
|
||||
|
||||
ad.checkBinding = async () => {
|
||||
|
|
7
server/src/utils/validateToken.js
Normal file
7
server/src/utils/validateToken.js
Normal file
|
@ -0,0 +1,7 @@
|
|||
import jwt from 'jsonwebtoken'
|
||||
|
||||
export function validateToken(authorizationHeader) {
|
||||
const token = authorizationHeader.replace('Bearer ', '')
|
||||
|
||||
return jwt.verify(token, process.env.JWT_SECRET)
|
||||
}
|
Loading…
Reference in New Issue
Block a user