You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
56 lines
1.5 KiB
56 lines
1.5 KiB
const express = require("express")
|
|
const jwt = require("jsonwebtoken")
|
|
|
|
const config = require("../config")
|
|
const { query } = require("../rpdata/client")
|
|
|
|
const router = express.Router()
|
|
|
|
router.post("/", (req, res) => {
|
|
if (!req.header("Content-Type").startsWith("application/json")) {
|
|
res.status(400).json({errors: [{message: "Incorrect input type, expected application/json"}]})
|
|
return
|
|
}
|
|
|
|
const user = res.locals.user
|
|
const permissions = (req.header("X-Permissions") || "").split(",").filter(t => t != "" && t != "undefined" && t != "null")
|
|
let authorization = req.header("Authorization")
|
|
if (authorization == "null") {
|
|
authorization = ""
|
|
}
|
|
|
|
if (!authorization && permissions.length > 0 && user.loggedIn) {
|
|
authorization = `Bearer ${generateToken(user.name, permissions)}`
|
|
}
|
|
|
|
fetch(config.graphqlEndpoint, {
|
|
method: "POST",
|
|
headers: {
|
|
"Content-Type": "application/json",
|
|
"Authorization": authorization,
|
|
},
|
|
body: JSON.stringify(req.body),
|
|
credentials: "include",
|
|
}).then(fetchRes => {
|
|
res.setHeader("Content-Type", fetchRes.headers.get("Content-Type"))
|
|
res.status(fetchRes.status)
|
|
|
|
return fetchRes.json()
|
|
}).then(json => {
|
|
res.json(json)
|
|
}).catch(err => {
|
|
res.status(500).text(err)
|
|
return null
|
|
})
|
|
})
|
|
|
|
|
|
/**
|
|
* @param {string} user
|
|
* @param {string[]} permissions
|
|
*/
|
|
function generateToken(user, permissions) {
|
|
return jwt.sign({user, permissions, exp: Math.floor((Date.now() / 1000) + 1200)}, config.backend.secret, {header: {kid: config.backend.kid}})
|
|
}
|
|
|
|
module.exports = router
|