diff --git a/src/api/Server.ts b/src/api/Server.ts
index 49229494..ced82dce 100644
--- a/src/api/Server.ts
+++ b/src/api/Server.ts
@@ -32,7 +32,7 @@ import "missing-native-js-functions";
import morgan from "morgan";
import path from "path";
import { red } from "picocolors";
-import { Authentication, CORS } from "./middlewares/";
+import { CORS, initAuthentication } from "./middlewares/";
import { BodyParser } from "./middlewares/BodyParser";
import { ErrorHandler } from "./middlewares/ErrorHandler";
import { initRateLimits } from "./middlewares/RateLimit";
@@ -97,7 +97,7 @@ export class FosscordServer extends Server {
// @ts-ignore
this.app = api;
- api.use(Authentication);
+ initAuthentication(api);
await initRateLimits(api);
await initTranslation(api);
@@ -126,6 +126,10 @@ export class FosscordServer extends Server {
app.use("/api/v9", api);
app.use("/api", api); // allow unversioned requests
+ try {
+ require("./middlewares/TestClient").default(this.app);
+ // eslint-disable-next-line no-empty
+ } catch (error) {}
this.app.use(ErrorHandler);
Sentry.errorHandler(this.app);
diff --git a/src/api/middlewares/Authentication.ts b/src/api/middlewares/Authentication.ts
index 771f0de8..e6e2f59a 100644
--- a/src/api/middlewares/Authentication.ts
+++ b/src/api/middlewares/Authentication.ts
@@ -18,8 +18,9 @@
import { checkToken, Config, Rights } from "@fosscord/util";
import * as Sentry from "@sentry/node";
-import { NextFunction, Request, Response } from "express";
+import { NextFunction, Request, Response, Router } from "express";
import { HTTPError } from "lambert-server";
+import { createSecretKey, KeyObject } from "crypto";
export const NO_AUTHORIZATION_ROUTES = [
// Authentication routes
@@ -69,6 +70,16 @@ declare global {
}
}
+let jwtPublicKey: KeyObject;
+
+// Initialize the jwt secret as a key object so it does not need to be regenerated for each request.
+export function initAuthentication(api: Router) {
+ jwtPublicKey = createSecretKey(
+ Buffer.from(Config.get().security.jwtSecret),
+ );
+ api.use(Authentication);
+}
+
export async function Authentication(
req: Request,
res: Response,
@@ -90,11 +101,9 @@ export async function Authentication(
Sentry.setUser({ id: req.user_id });
try {
- const { jwtSecret } = Config.get().security;
-
const { decoded, user } = await checkToken(
req.headers.authorization,
- jwtSecret,
+ jwtPublicKey,
);
req.token = decoded;
diff --git a/src/util/util/Token.ts b/src/util/util/Token.ts
index ffc442aa..67e4b879 100644
--- a/src/util/util/Token.ts
+++ b/src/util/util/Token.ts
@@ -19,6 +19,7 @@
import jwt, { VerifyOptions } from "jsonwebtoken";
import { Config } from "./Config";
import { User } from "../entities";
+import { KeyObject } from "crypto";
export const JWTOptions: VerifyOptions = { algorithms: ["HS256"] };
@@ -62,7 +63,7 @@ async function checkEmailToken(
export function checkToken(
token: string,
- jwtSecret: string,
+ jwtSecret: string | KeyObject,
isEmailVerification = false,
): Promise<UserTokenData> {
return new Promise((res, rej) => {
|
