Skip to content

Commit

Permalink
#360 Expose all endpoints to longtermtokens
Browse files Browse the repository at this point in the history
  • Loading branch information
tariqksoliman committed Apr 17, 2023
1 parent af11505 commit 4204e12
Showing 1 changed file with 25 additions and 4 deletions.
29 changes: 25 additions & 4 deletions run/server.js
Original file line number Diff line number Diff line change
Expand Up @@ -363,10 +363,31 @@ function ensureUser() {
) {
next();
} else {
res.render("login", {
user: req.user,
CLEARANCE_NUMBER: process.env.CLEARANCE_NUMBER || "CL##-####",
});
if (req.headers.authorization) {
const remoteAddress =
req.headers["x-forwarded-for"] || req.connection.remoteAddress;
validateLongTermToken(
req.headers.authorization,
() => {
req.isLongTermToken = true;
next();
},
() => {
res.send({ status: "failure", message: "Unauthorized Token!" });
logger(
"warn",
`Unauthorized token call made and rejected (from ${remoteAddress}, with token ${req.headers.authorization})`,
req.originalUrl,
req
);
}
);
} else {
res.render("login", {
user: req.user,
CLEARANCE_NUMBER: process.env.CLEARANCE_NUMBER || "CL##-####",
});
}
}
return;
};
Expand Down

0 comments on commit 4204e12

Please sign in to comment.