namespace _zeitbild.api { /** * @todo zu plankton auslagern? */ type type_stuff = { version: (null | string); headers: Record; path_parameters: Record; query_parameters: Record; }; /** */ export async function session_from_stuff( stuff : {headers : Record;} ) : Promise<{key : string; value : lib_plankton.session.type_session}> { const key : string = (stuff.headers["X-Session-Key"] || stuff.headers["X-Session-Key".toLowerCase()]); const value : lib_plankton.session.type_session = await lib_plankton.session.get(key); return {"key": key, "value": value}; } /** * @todo outsource? */ export async function web_auth( authorization_string : (null | string) ) : Promise<(null | _zeitbild.type_user_id)> { if (authorization_string === null) { return Promise.resolve<(null | _zeitbild.type_user_id)>(null); } else { const parts : Array = authorization_string.split(" "); const strategy : string = parts[0]; const data_raw : string = parts.slice(1).join(" "); switch (strategy) { default: { lib_plankton.log.notice( "zeitbild.web_auth.unhandled_strategy", { "strategy": strategy, } ); return Promise.resolve<(null | _zeitbild.type_user_id)>(null); break; } case "Basic": { const data_raw_decoded : string = lib_plankton.base64.decode(data_raw); const parts_ : Array = data_raw_decoded.split(":"); const username : string = parts_[0]; const password_is : string = parts_.slice(1).join(":"); const {"value": user_id, "error": error} = await lib_plankton.call.try_catch_wrap_async<_zeitbild.type_user_id>( () => _zeitbild.service.user.identify(username) ); if (error !== null) { lib_plankton.log.notice( "zeitbild.web_auth.unknown_user", { "username": username, } ); return Promise.resolve<(null | _zeitbild.type_user_id)>(null); } else { const password_shall : string = lib_plankton.sha256.get( username, _zeitbild.conf.get()["misc"]["auth_salt"] ); if (! (password_is === password_shall)) { /** * @todo remove */ lib_plankton.log.notice( "zeitbild.web_auth.wrong_pasword", { "shall": password_shall, "is": password_is, } ); return Promise.resolve<(null | _zeitbild.type_user_id)>(null); } else { return Promise.resolve<(null | _zeitbild.type_user_id)>(user_id); } } break; } } } } /** */ export const restriction_logged_in : lib_plankton.rest_caldav.type_restriction = ( (stuff) => ( session_from_stuff(stuff) .then(() => Promise.resolve(true)) .catch(() => Promise.resolve(false)) ) ); /** */ export const restriction_basic_auth : lib_plankton.rest_caldav.type_restriction = ( (stuff) => ( web_auth( stuff.headers["Authorization"] ?? stuff.headers["authorization"] ?? null ) .then( (user_id) => Promise.resolve( (user_id !== null) ) ) ) ); /** */ export const restriction_none : lib_plankton.rest_caldav.type_restriction = ( (stuff) => Promise.resolve(true) ); /** */ export function register( rest_subject : lib_plankton.rest_caldav.type_rest, http_method : lib_plankton.caldav.enum_method, path : string, options : { active ?: ((version : string) => boolean); restriction ?: (null | lib_plankton.rest_caldav.type_restriction); execution ?: lib_plankton.rest_caldav.type_execution; title ?: (null | string); description ?: (null | string); query_parameters ?: ((version : (null | string)) => Array< { name : string; description : (null | string); required : boolean; } >); input_schema ?: ((version: (null | string)) => lib_plankton.rest_caldav.type_oas_schema); output_schema ?: ((version: (null | string)) => lib_plankton.rest_caldav.type_oas_schema); request_body_mimetype ?: string; request_body_decode ?: ((http_request_body : Buffer, http_request_header_content_type : (null | string)) => any); response_body_mimetype ?: string; response_body_encode ?: ((output : any) => Buffer); } = {} ) : void { options = Object.assign( { }, options ); lib_plankton.rest_caldav.register( rest_subject, http_method, (_zeitbild.conf.get().server.path_base + path), options ); } }