Aaltronav/dougal-software
1
0
Fork 0
mirror of https://gitlab.com/wgp/dougal/software.git synced 2025-12-06 10:57:07 +00:00
Code Issues Packages Projects Releases Activity
1,469 Commits 63 Branches 12 Tags
84510e8dc9f2ca63470fc82b213ce346f34df82a
Commit Graph

30 Commits

Author SHA1 Message Date
D. Berge
84510e8dc9 Add proper logging 2025-08-13 15:42:49 +02:00
D. Berge
a5ebff077d Fix authentication middleware erroring on IPv6 2025-08-13 11:50:20 +02:00
D. Berge
48d9f45fe0 Clean up debug messages 2025-08-11 22:06:20 +02:00
D. Berge
ae8e5d4ef6 Do not use cookies for backend authentication 2025-08-09 12:43:17 +02:00
D. Berge
a15c97078b Fix typo in access middleware 2025-08-07 10:41:29 +02:00
D. Berge
5487a3a49b Catch JWT expiration. 
Closes #321
 2025-07-26 10:56:23 +02:00
D. Berge
48e1369088 Fix host based authentication 2025-07-25 14:03:43 +02:00
D. Berge
3ea82cb660 Fix reading of credentials for issuing JWT 2025-07-24 23:03:05 +02:00
D. Berge
b8f58ac67c Add FIXME 2025-07-24 19:20:58 +02:00
D. Berge
b3e27ed1b9 Refactor auth.authentify. 
We now get the user's details directly from the JWT token.
 2025-07-24 19:15:36 +02:00
D. Berge
f5441d186f Refactor auth.access middleware. 
It users @dougal/user and @dougal/organisations classes.
 2025-07-24 19:14:19 +02:00
D. Berge
2657c42dcc Fix export statement 2025-07-13 11:13:31 +02:00
D. Berge
b7ae657137 Add auth.operations middleware. 
Adds an array of allowed operations on given context to the request
under `req.user.operations`.
 2025-07-13 00:02:48 +02:00
D. Berge
7c6d3fe5ee Check permissions against vessel if not on a project endpoint 2025-07-12 16:49:10 +02:00
D. Berge
ca4a14ffd9 Use new orgs based method for authorisation 2025-07-11 22:48:44 +02:00
D. Berge
addbe2d572 Refactor user authentication code to use database 2025-07-11 22:46:47 +02:00
D. Berge
1056122fff Fix missing parenthesis 2024-04-28 18:37:30 +02:00
D. Berge
7076b51a25 Add auth.access.role(roles) higher order middleware 2023-11-03 21:22:02 +01:00
D. Berge
4a18cb8a81 Remove useless code 2023-11-02 23:51:05 +01:00
D. Berge
4f165b0c83 Revert behaviour of new jwt-express version. 
Fixes breakage introduced in commit
cd00f8b995.
 2023-09-10 14:09:01 +02:00
D. Berge
cd00f8b995 Breaking-change Node package udpates (server) 2023-09-10 11:49:56 +02:00
D. Berge
aa7cbed611 Do not require authentication to query API version 2023-05-18 18:32:26 +02:00
D. Berge
141d5805ae Reissue user login tokens when close to expiring 2020-10-23 14:50:35 +02:00
D. Berge
3c86981dc6 Add authorisation middleware. 
Defines three levels of access:
* read: anyone who is logged in
* write: `user` and `admin` roles
* admin: `admin` roles
 2020-10-12 19:42:02 +02:00
D. Berge
5594b6863c Do not run authentication if headers already sent 2020-10-12 19:41:00 +02:00
D. Berge
947736e8c1 Check code rather than errno. 
Different versions of that library work
differently.
 2020-10-11 22:10:21 +02:00
D. Berge
cdd007ce88 Fix authentification middleware 2020-10-11 19:08:36 +02:00
D. Berge
2aca34e488 Read user login info from discrete file. 
`$DOUGAL_ROOT/etc/users.yaml` to be exact.
 2020-10-11 18:21:19 +02:00
D. Berge
a3bfb73937 Add authentication middleware. 
The user is authenticated by one of the following
methods, in order of priority:

* The presence of a valid JWT.
* Its IP.
* Its hostname.

In the case of the latter two methods, if authentication
is successful a JWT valid for 15 minutes will be generated
and passed back to the user in a cookie.
 2020-10-11 13:11:43 +02:00
D. Berge
4c5d29494c Initial commit 2020-08-08 23:59:13 +02:00