4417510579

Build Type

push

github

Committed by GitHub

Commit Message

chore(main): release 11.0.7 (#1221)

Run Details

259 of 259 branches covered (100.0%)

Branch coverage included in aggregate %.

527 of 527 relevant lines covered (100.0%)

14.21 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

100.0

/src/plugins/hashed-bearer-auth/index.js

const fp = require("fastify-plugin");
const bcrypt = require("bcryptjs");
const bearer = require("@fastify/bearer-auth");
const secJSON = require("secure-json-parse");

/**
 * @author Frazer Smith
 * @description Decorator plugin that adds bearer token authentication,
 * querying a database for bcrypt-hashed bearer token keys.
 * @param {object} server - Fastify instance.
 */
async function plugin(server) {
        await server.register(bearer, {
                errorResponse: (err) => ({
                        statusCode: 401,
                        error: "Unauthorized",
                        message: err.message,
                }),
                auth: async (key, req) => {
                        // DISTINCT SQL keyword not needed as PK constraints enforce unique values
                        const results = await server.db.query(
                                `SELECT name,
                    hash,
                    scopes
                FROM access.tokens
                WHERE expires > CURRENT_TIMESTAMP`
                        );

                        /**
                         * Database client packages return results in different structures,
                         * (mssql uses recordsets, pg uses rows) thus the optional chaining
                         */
                        const tokens = results?.recordsets?.[0] ?? results?.rows;

                        const authorized = await Promise.any(
                                tokens.map((token) =>
                                        bcrypt.compare(key, token.hash).then((result) => {
                                                if (result === true) {
                                                        return token;
                                                }
                                                throw new Error("No match");
                                        })
                                )
                        )
                                .then((token) => {
                                        req.scopes =
                                                typeof token.scopes === "string"
                                                        ? secJSON.parse(token.scopes)
                                                        : token.scopes;

                                        req.log.info({ client: token.name }, "requesting client");
                                        return true;
                                })
                                .catch(() => false);

                        return authorized;
                },
        });
}

module.exports = fp(plugin, {
        fastify: "4.x",
        name: "hashed-bearer-auth",
        dependencies: ["db"],
});

1	const fp = require("fastify-plugin");	1✔
2	const bcrypt = require("bcryptjs");	1✔
3	const bearer = require("@fastify/bearer-auth");	1✔
4	const secJSON = require("secure-json-parse");	1✔
5
6	/**
7	* @author Frazer Smith
8	* @description Decorator plugin that adds bearer token authentication,
9	* querying a database for bcrypt-hashed bearer token keys.
10	* @param {object} server - Fastify instance.
11	*/
12	async function plugin(server) {
13	await server.register(bearer, {	15✔
14	errorResponse: (err) => ({	2✔
15	statusCode: 401,
16	error: "Unauthorized",
17	message: err.message,
18	}),
19	auth: async (key, req) => {
20	// DISTINCT SQL keyword not needed as PK constraints enforce unique values
21	const results = await server.db.query(	6✔
22	`SELECT name,
23	hash,
24	scopes
25	FROM access.tokens
26	WHERE expires > CURRENT_TIMESTAMP`
27	);
28
29	/**
30	* Database client packages return results in different structures,
31	* (mssql uses recordsets, pg uses rows) thus the optional chaining
32	*/
33	const tokens = results?.recordsets?.[0] ?? results?.rows;	6✔
34
35	const authorized = await Promise.any(	6✔
36	tokens.map((token) =>
37	bcrypt.compare(key, token.hash).then((result) => {	8✔
38	if (result === true) {	8✔
39	return token;	4✔
40	}
41	throw new Error("No match");	4✔
42	})
43	)
44	)
45	.then((token) => {
46	req.scopes =	4✔
47	typeof token.scopes === "string"	4✔
48	? secJSON.parse(token.scopes)
49	: token.scopes;
50
51	req.log.info({ client: token.name }, "requesting client");	4✔
52	return true;	4✔
53	})
54	.catch(() => false);	2✔
55
56	return authorized;	6✔
57	},
58	});
59	}
60
61	module.exports = fp(plugin, {	1✔
62	fastify: "4.x",
63	name: "hashed-bearer-auth",
64	dependencies: ["db"],
65	});

Fdawgs / ydh-myydh-crud-api / 4417510579

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous