Reorganize server files and address TODO comments
Changes:
- Remove unneeded dependencies from package.json
- Remove unneeded async build() methods from services
- Use constructor as often as possible
- Rename and move storage services for clarity
- creds.ts -> accounts.ts, and creds.json -> accounts.json
- admin-config.ts -> admin-account.ts
- vault.ts -> signing-keys.ts
- Rename ws.ts to websocket-server.ts for clarity and consistency
- Make WebSocketServer initialize using constructor and bind server upgrade to WebSocketServer.upgrade
- Remove unused send-account-message endpoint from account-router.ts
- Set issuer and audience claims for JWT
- Create new utils/jwt.ts file to remove code duplication for JWT signing and verifying
- Delete utils.ts and merge it with jami-swig.ts
- Handle potentially undefined types in jami-swig.ts
- Replace hard to read one-liners with functions in jami-swig.ts
- Rename types in jami-swig.ts for consistency with daemon
- Remove handled/answered TODO comments
- Remove TODO comment about using .env for jamid.node as it does not work for require()
GitLab: #87
Change-Id: I1e5216ffa79ea34dd7e9b61540fb7e37d1f66c9f
diff --git a/server/src/middleware/auth.ts b/server/src/middleware/auth.ts
index 4f06992..7bbd20c 100644
--- a/server/src/middleware/auth.ts
+++ b/server/src/middleware/auth.ts
@@ -17,15 +17,11 @@
*/
import { NextFunction, Request, Response } from 'express';
import { HttpStatusCode } from 'jami-web-common';
-import { jwtVerify } from 'jose';
-import { Container } from 'typedi';
-import { Vault } from '../vault.js';
+import { verifyJwt } from '../utils/jwt.js';
function createAuthenticationMiddleware(isAuthenticationRequired: boolean) {
return async (req: Request, res: Response, next: NextFunction) => {
- const publicKey = Container.get(Vault).publicKey;
-
const authorizationHeader = req.headers.authorization;
if (!authorizationHeader) {
if (isAuthenticationRequired) {
@@ -45,11 +41,8 @@
}
try {
- const { payload } = await jwtVerify(token, publicKey, {
- issuer: 'urn:example:issuer',
- audience: 'urn:example:audience',
- });
- res.locals.accountId = payload.id;
+ const { payload } = await verifyJwt(token);
+ res.locals.accountId = payload.accountId;
next();
} catch (e) {
res.status(HttpStatusCode.Unauthorized).send('Invalid access token');