From 5e86d7ab9c5200d794c3adb2b422d20a2aefd2ce Mon Sep 17 00:00:00 2001
From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>
Date: Sat, 13 Aug 2022 02:00:50 +0200
Subject: restructure to single project

---
 api/src/middlewares/Authentication.ts | 72 -----------------------------------
 1 file changed, 72 deletions(-)
 delete mode 100644 api/src/middlewares/Authentication.ts

(limited to 'api/src/middlewares/Authentication.ts')

diff --git a/api/src/middlewares/Authentication.ts b/api/src/middlewares/Authentication.ts
deleted file mode 100644
index 2d9ccf57..00000000
--- a/api/src/middlewares/Authentication.ts
+++ /dev/null
@@ -1,72 +0,0 @@
-import { NextFunction, Request, Response } from "express";
-import { HTTPError } from "@fosscord/util";
-import { checkToken, Config, Rights } from "@fosscord/util";
-
-export const NO_AUTHORIZATION_ROUTES = [
-	// Authentication routes
-	"/auth/login",
-	"/auth/register",
-	"/auth/location-metadata",
-	"/auth/mfa/totp",
-	// Routes with a seperate auth system
-	"/webhooks/",
-	// Public information endpoints 
-	"/ping",
-	"/gateway",
-	"/experiments",
-	"/updates",
-	"/downloads/",
-	"/scheduled-maintenances/upcoming.json",
-	// Public kubernetes integration
-	"/-/readyz",
-	"/-/healthz",
-	// Client analytics
-	"/science",
-	"/track",
-	// Public policy pages
-	"/policies/instance",
-	// Asset delivery
-	/\/guilds\/\d+\/widget\.(json|png)/
-];
-
-export const API_PREFIX = /^\/api(\/v\d+)?/;
-export const API_PREFIX_TRAILING_SLASH = /^\/api(\/v\d+)?\//;
-
-declare global {
-	namespace Express {
-		interface Request {
-			user_id: string;
-			user_bot: boolean;
-			token: string;
-			rights: Rights;
-		}
-	}
-}
-
-export async function Authentication(req: Request, res: Response, next: NextFunction) {
-	if (req.method === "OPTIONS") return res.sendStatus(204);
-	const url = req.url.replace(API_PREFIX, "");
-	if (url.startsWith("/invites") && req.method === "GET") return next();
-	if (
-		NO_AUTHORIZATION_ROUTES.some((x) => {
-			if (typeof x === "string") return url.startsWith(x);
-			return x.test(url);
-		})
-	)
-		return next();
-	if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401));
-
-	try {
-		const { jwtSecret } = Config.get().security;
-
-		const { decoded, user }: any = await checkToken(req.headers.authorization, jwtSecret);
-
-		req.token = decoded;
-		req.user_id = decoded.id;
-		req.user_bot = user.bot;
-		req.rights = new Rights(Number(user.rights));
-		return next();
-	} catch (error: any) {
-		return next(new HTTPError(error?.toString(), 400));
-	}
-}
-- 
cgit 1.5.1