Refactor middleware for readability purpose.

leganz · leganz · commit cea02af76f4f · 2020-06-28T00:53:04.000+02:00
Update the readme for this repository
diff --git a/README.md b/README.md
@@ -1,8 +1,10 @@
 # PRINT API based on Google Chrome
 
+[![Maintainability](https://api.codeclimate.com/v1/badges/c1f89cb8d7f346b1d4c4/maintainability)](https://codeclimate.com/github/AMBERSIVE/print-api/maintainability)
+
 This repository provides a simple api wrapper for puppeteer (the nodejs way to interact with google chrome headless). It also provides some functions to include it into a given application landscape (like creating the pdf and sending it back to a given endpoint of choice).
 
-The [CHANGELOG](CHANGELOG.md) gives you information  
+The [CHANGELOG](CHANGELOG.md) gives you information about the latest changes.
 
 ## Installation
 
diff --git a/src/middlewares/auth.middleware.ts b/src/middlewares/auth.middleware.ts
@@ -13,59 +13,91 @@ export class AuthMiddleware implements NestMiddleware {
 
   async use(req: any, res: any, next: () => void) {
     
-    const jwtActive = this.configService.get<boolean>('jwt.active');
-    const basicAuthActive = this.configService.get<boolean>('basicAuth.active');
-
-    if (jwtActive == true) {
-
-        // Authentication via JWT
-        let token = req.headers.authorization ? req.headers.authorization.replace('Bearer ', '') : '';
-        let secret = this.configService.get<string>('jwt.secret');
-
-        let verify = jwt.verify(token, secret, (err, decoded) => {
-          if (err) {
-            switch(err.name){
-                case 'JsonWebTokenError':
-                  throw new HttpException({
-                    status: HttpStatus.UNAUTHORIZED,
-                    error: `[${err.name}]: ${err.message}`,
-                    message: err.message
-                  }, HttpStatus.UNAUTHORIZED);
-                  break;
-            }
-          }
-        });    
-    }
-    else if (basicAuthActive == true) {
-
-        // Basic authentiation 
-        let token = req.headers.authorization;
-        let message;
-
-        if (token === undefined || token.indexOf('Basic ') !== 0) {
-            message = 'invalid authentication.';
-            throw new HttpException({
-              status: HttpStatus.UNAUTHORIZED,
-              error: `[BASIC AUTH]: ${message}`,
-              message: message
-            }, HttpStatus.UNAUTHORIZED);
-        }
+    const jwtActive:boolean = this.configService.get<string>('jwt.active') == "true";
+    const basicAuthActive:boolean = this.configService.get<string>('basicAuth.active') == "true";
 
-        const base64Credentials =  token.split(' ')[1];
-        const credentials = Buffer.from(base64Credentials, 'base64').toString('ascii');
-        const [username, password] = credentials.split(':');  
-
-        if (this.configService.get<string>('basicAuth.user') != username || this.configService.get<string>('basicAuth.secret') != password) {
-            message = 'invalid credentials.';
-            throw new HttpException({
-              status: HttpStatus.UNAUTHORIZED,
-              error: `[BASIC AUTH]: ${message}`,
-              message: message
-            }, HttpStatus.UNAUTHORIZED);
-        }
+    let allowed:boolean = true;
+
+    if (jwtActive === true) {
+        allowed = await this.checkJwt(req);        
+    }
+    else if (basicAuthActive === true) {
+        allowed = await this.checkBasicAuth(req);  
+    }
 
+    if (allowed == false) {
+      throw new HttpException({
+        status: HttpStatus.UNAUTHORIZED
+      }, HttpStatus.UNAUTHORIZED);
     }
      
     next();
   }
+
+  /**
+   * Check if the validation with JWT works
+   * @param req 
+   */
+  protected checkJwt(req: any):boolean {
+
+      // Authentication via JWT
+      let token = req.headers.authorization ? req.headers.authorization.replace('Bearer ', '') : '';
+      let secret = this.configService.get<string>('jwt.secret');
+
+      let verify = jwt.verify(token, secret, (err, decoded) => {
+        if (err) {
+          switch(err.name){
+              case 'JsonWebTokenError':
+                throw new HttpException({
+                  status: HttpStatus.UNAUTHORIZED,
+                  error: `[${err.name}]: ${err.message}`,
+                  message: err.message
+                }, HttpStatus.UNAUTHORIZED);
+                break;
+          }
+        }
+        return true;
+      });  
+
+      return (verify == true);
+
+  }
+
+  /**
+   * Check basic authentication
+   * @param req 
+   */
+  protected checkBasicAuth(req:any):boolean {
+
+    // Basic authentiation 
+    let token:string = req.headers.authorization;
+    let message:string;
+
+    if (token === undefined || token.indexOf('Basic ') !== 0) {
+        message = 'invalid authentication.';
+        throw new HttpException({
+          status: HttpStatus.UNAUTHORIZED,
+          error: `[BASIC AUTH]: ${message}`,
+          message: message
+        }, HttpStatus.UNAUTHORIZED);
+    }
+
+    const base64Credentials =  token.split(' ')[1];
+    const credentials = Buffer.from(base64Credentials, 'base64').toString('ascii');
+    const [username, password] = credentials.split(':');  
+
+    if (this.configService.get<string>('basicAuth.user') != username || this.configService.get<string>('basicAuth.secret') != password) {
+        message = 'invalid credentials.';
+        throw new HttpException({
+          status: HttpStatus.UNAUTHORIZED,
+          error: `[BASIC AUTH]: ${message}`,
+          message: message
+        }, HttpStatus.UNAUTHORIZED);
+        return false;
+    }
+
+    return true;
+
+  }
+
 }
