fluxerapp/fluxer
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
2f443dc661b8a44ca2a100197609bc89df59749d
fluxer/packages/api/src/middleware/AuthMiddleware.tsx
Hampus Kraft d5abd1a7e4 refactor progress
2026-02-17 12:22:36 +00:00

67 lines
2.3 KiB
TypeScript
Raw Blame History

/*
* Copyright (C) 2026 Fluxer Contributors
*
* This file is part of Fluxer.
*
* Fluxer is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Fluxer is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with Fluxer. If not, see <https://www.gnu.org/licenses/>.
*/
import type {HonoEnv} from '@fluxer/api/src/types/HonoEnv';
import {AccessDeniedError} from '@fluxer/errors/src/domains/core/AccessDeniedError';
import {UnauthorizedError} from '@fluxer/errors/src/domains/core/UnauthorizedError';
import {AccountSuspiciousActivityError} from '@fluxer/errors/src/domains/user/AccountSuspiciousActivityError';
import {createMiddleware} from 'hono/factory';
function ensureOAuth2BearerRouteSupport(
authTokenType: 'session' | 'bearer' | 'bot' | 'admin_api_key' | undefined,
oauthBearerAllowed: boolean | undefined,
): void {
if (authTokenType === 'bearer' && !oauthBearerAllowed) {
throw new AccessDeniedError();
}
}
export const LoginRequired = createMiddleware<HonoEnv>(async (ctx, next) => {
const user = ctx.get('user');
if (!user) {
throw new UnauthorizedError();
}
ensureOAuth2BearerRouteSupport(ctx.get('authTokenType'), ctx.get('oauthBearerAllowed'));
if (user.suspiciousActivityFlags !== null && user.suspiciousActivityFlags !== 0) {
throw new AccountSuspiciousActivityError(user.suspiciousActivityFlags);
}
await next();
});
export const LoginRequiredAllowSuspicious = createMiddleware<HonoEnv>(async (ctx, next) => {
const user = ctx.get('user');
if (!user) {
throw new UnauthorizedError();
}
ensureOAuth2BearerRouteSupport(ctx.get('authTokenType'), ctx.get('oauthBearerAllowed'));
await next();
});
export const DefaultUserOnly = createMiddleware<HonoEnv>(async (ctx, next) => {
const user = ctx.get('user');
if (!user) {
throw new UnauthorizedError();
}
if (user.isBot) {
throw new AccessDeniedError();
}
await next();
});
Reference in New Issue View Git Blame Copy Permalink