GitLab steht wegen Wartungsarbeiten am Montag, den 10. Mai, zwischen 17:00 und 19:00 Uhr nicht zur Verfügung.

Fixes tests

parent 8f2699f5
......@@ -33,7 +33,7 @@ export class MemberRouter extends AbstractRouter {
}
@Get('/token/bonus')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async getCurrentBonusToken(@HeaderParam('authorization') token: string): Promise<string> {
const member = await MemberDAO.getMemberByToken(token);
if (!member) {
......@@ -55,7 +55,7 @@ export class MemberRouter extends AbstractRouter {
}
@Put('/')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async addMember(
@BodyParam('member') member: IMemberSerialized, //
@HeaderParam('authorization') token: string, //
......@@ -114,7 +114,7 @@ export class MemberRouter extends AbstractRouter {
}
@Put('/reading-confirmation')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async addReadingConfirmation(@HeaderParam('authorization') token: string, //
): Promise<IMessage> {
......@@ -138,7 +138,7 @@ export class MemberRouter extends AbstractRouter {
}
@Put('/confidence-value')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async addConfidenceValue(
@HeaderParam('authorization') token: string, //
@BodyParam('confidenceValue') confidenceValue: number, //
......@@ -164,7 +164,7 @@ export class MemberRouter extends AbstractRouter {
}
@Put('/response')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async addResponse(
@HeaderParam('authorization') token: string, //
@Body() body: any, // Must use body since string value '3,14' of body.response results in a JSON.parse error if using BodyParam
......
......@@ -53,7 +53,7 @@ import { AbstractRouter } from './AbstractRouter';
export class QuizRouter extends AbstractRouter {
@Get('/answer-result')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async getAnswerResult(
@HeaderParam('authorization', { required: true }) token: string, //
): Promise<IAnswerResult> {
......@@ -70,7 +70,7 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/bonus-token')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async getCanUseBonusToken(
@HeaderParam('authorization', { required: true }) token: string, //
): Promise<boolean> {
......@@ -103,7 +103,6 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/status/:quizName?') //
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@OpenAPI({
summary: 'Returns the status of a quiz',
parameters: [
......@@ -114,7 +113,10 @@ export class QuizRouter extends AbstractRouter {
},
],
})
@UseBefore(routeCache.cacheSeconds(5, req => `${RoutingCache.QuizStatus}_${req.params.quizName}`))
@UseBefore(...[
AuthService.decodeLoginToken,
routeCache.cacheSeconds(5, req => `${RoutingCache.QuizStatus}_${req.params.quizName}`),
])
public async getIsAvailableQuiz(
@Params() params: { [key: string]: any }, //
@HeaderParam('authorization', { required: false }) token: string, //
......@@ -273,7 +275,7 @@ export class QuizRouter extends AbstractRouter {
}
@Post('/upload')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async uploadQuiz(
@HeaderParam('authorization') privateKey: string, //
@UploadedFiles('uploadFiles[]') uploadedFiles: any, //
......@@ -325,7 +327,7 @@ export class QuizRouter extends AbstractRouter {
}
@Post('/next')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async startQuiz(
@HeaderParam('authorization') token: string, //
@BodyParam('quizName') quizName: string, //
......@@ -448,7 +450,7 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/start-time')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async getStartTime(@HeaderParam('authorization') token: string): Promise<number> {
const member = await MemberDAO.getMemberByToken(token);
if (!member) {
......@@ -557,7 +559,7 @@ export class QuizRouter extends AbstractRouter {
}
@Post('/settings')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async updateQuizSettings(
@HeaderParam('authorization') token: string, //
@BodyParam('quizName') quizName: string, //
......@@ -586,7 +588,7 @@ export class QuizRouter extends AbstractRouter {
}
@Put('/')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async addQuiz(
@HeaderParam('authorization') privateKey: string, //
@BodyParam('quiz') quiz: IQuiz, //
......@@ -678,7 +680,7 @@ export class QuizRouter extends AbstractRouter {
}
@Put('/save')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async saveQuiz(
@HeaderParam('authorization') privateKey: string, //
@BodyParam('quiz') quiz: IQuiz, //
......@@ -719,7 +721,7 @@ export class QuizRouter extends AbstractRouter {
}
@Delete('/active/:quizName')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async deleteActiveQuiz(
@Param('quizName') quizName: string, //
@HeaderParam('authorization') privateKey: string, //
......@@ -739,7 +741,7 @@ export class QuizRouter extends AbstractRouter {
}
@Delete('/:quizName')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async deleteQuiz(
@Param('quizName') quizName: string, //
@HeaderParam('authorization') privateKey: string, //
......@@ -764,7 +766,7 @@ export class QuizRouter extends AbstractRouter {
}
@Post('/reset/:quizName')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
public async resetQuiz(
@Param('quizName') quizName: string, //
@HeaderParam('authorization') privateKey: string, //
......@@ -787,7 +789,7 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/export/:quizName/:privateKey/:theme/:language') //
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
@UseBefore(routeCache.cacheSeconds(5, req => `${RoutingCache.QuizExportSheet}_${req.url}`))
@ContentType('application/vnd.openxmlformats-officedocument.spreadsheetml.sheet') //
public async getExportFile(
......@@ -843,7 +845,7 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/leaderboard/:quizName/:amount/:questionIndex?') //
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
@UseBefore(routeCache.cacheSeconds(20, (req: Request) => {
return `${req.url}_${req.headers.authorization}`;
}))
......@@ -909,7 +911,7 @@ export class QuizRouter extends AbstractRouter {
}
@Post('/private')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
private async setQuizAsPrivate(@BodyParam('name') quizName: string, @HeaderParam('authorization') privateKey: string): Promise<void> {
const existingQuiz = await QuizDAO.getQuizByName(quizName);
if (!existingQuiz) {
......@@ -923,7 +925,7 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/public')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
private async getPublicQuizzes(@HeaderParam('authorization') privateKey: string): Promise<Array<QuizModelItem>> {
return (
await QuizDAO.getAllPublicQuizzes()
......@@ -931,7 +933,7 @@ export class QuizRouter extends AbstractRouter {
}
@Post('/public/init')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
private async initQuizInstance(
@BodyParam('name') quizName: string,
@BodyParam('readingConfirmationEnabled', {required: false}) readingConfirmationEnabled: boolean,
......@@ -985,7 +987,7 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/public/amount')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
private async getPublicQuizAmount(@HeaderParam('authorization') privateKey: string): Promise<number> {
return (
await this.getPublicQuizzes(privateKey)
......@@ -993,7 +995,7 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/public/own')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
private async getOwnPublicQuizzes(@HeaderParam('authorization') privateKey: string): Promise<Array<QuizModelItem>> {
return (
await QuizDAO.getAllPublicQuizzes()
......@@ -1001,7 +1003,7 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/public/amount/own')
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
private async getOwnPublicQuizAmount(@HeaderParam('authorization') privateKey: string): Promise<number> {
return (
await this.getOwnPublicQuizzes(privateKey)
......@@ -1015,7 +1017,7 @@ export class QuizRouter extends AbstractRouter {
}
@Get('/quiz/:quizName?') //
@UseBefore((req, res, next) => req.headers.authorization = (AuthService.decodeLoginToken(req.headers.authorization) as any) && next())
@UseBefore(AuthService.decodeLoginToken)
@UseBefore(routeCache.cacheSeconds(10, req => `${RoutingCache.QuizData}_${req.params.quizName}`))
@OpenAPI({
summary: 'Returns the data of a quiz',
......
import { NextFunction, Request, Response } from 'express';
import * as jwt from 'jsonwebtoken';
import { UnauthorizedError } from 'routing-controllers';
import UserDAO from '../db/UserDAO';
......@@ -64,7 +65,10 @@ export class AuthService {
});
}
public static decodeLoginToken(token: string): string {
return token?.match(/bearer /i) ? (this.decodeToken(token.substr(7)) as any).privateKey : token;
public static decodeLoginToken(req: Request, res: Response, next: NextFunction): void {
const token = req.headers.authorization;
req.headers.authorization = token?.match(/bearer /i) ? (this.decodeToken(token.substr(7)) as any).privateKey : token;
return next();
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment