OCram85/code-server
Archived
1
0
Fork 0
Code Pull Requests 2 Activity

refactor: make authenticated async everywhere

Browse Source 
Since this checks if they are authenticated using the hash/password and it's
async, we need to update authenticated to be async, which means we have to
update it everywhere it's used.
This commit is contained in:
Joe Previte
2021-06-02 13:21:59 -07:00
parent fcc3f0d951
commit 0cdbd33b46
5 changed files with 20 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/node/routes/domainProxy.ts
View File

@ -32,14 +32,15 @@ const maybeProxy = (req: Request): string | undefined => {
return port
}
router.all("*", (req, res, next) => {
router.all("*", async (req, res, next) => {
const port = maybeProxy(req)
if (!port) {
return next()
}
// Must be authenticated to use the proxy.
if (!authenticated(req)) {
const isAuthenticated = await authenticated(req)
if (!isAuthenticated) {
// Let the assets through since they're used on the login page.
if (req.path.startsWith("/static/") && req.method === "GET") {
return next()

4
src/node/routes/login.ts
View File

@ -49,9 +49,9 @@ const limiter = new RateLimiter()
export const router = Router()
router.use((req, res, next) => {
router.use(async (req, res, next) => {
const to = (typeof req.query.to === "string" && req.query.to) || "/"
if (authenticated(req)) {
if (await authenticated(req)) {
return redirect(req, res, to, { to: undefined })
}
next()

3
src/node/routes/static.ts
View File

@ -43,7 +43,8 @@ router.get("/(:commit)(/*)?", async (req, res) => {
// Make sure it's in code-server if you aren't authenticated. This lets
// unauthenticated users load the login assets.
if (!resourcePath.startsWith(rootPath) && !authenticated(req)) {
const isAuthenticated = await authenticated(req)
if (!resourcePath.startsWith(rootPath) && !isAuthenticated) {
throw new HttpError("Unauthorized", HttpCode.Unauthorized)
}

3
src/node/routes/vscode.ts
View File

@ -19,7 +19,8 @@ export const router = Router()
const vscode = new VscodeProvider()
router.get("/", async (req, res) => {
if (!authenticated(req)) {
const isAuthenticated = await authenticated(req)
if (!isAuthenticated) {
return redirect(req, res, "login", {
// req.baseUrl can be blank if already at the root.
to: req.baseUrl && req.baseUrl !== "/" ? req.baseUrl : undefined,