diff --git a/content b/content index 44e5f68..022872e 160000 --- a/content +++ b/content @@ -1 +1 @@ -Subproject commit 44e5f68fa51837b540608d5fabff2a1d5acf50ca +Subproject commit 022872e3d5a04ca7fa6843ea9355cfd60fbb4995 diff --git a/src/middleware/authentication.js b/src/middleware/authentication.js index f47223d..47d8412 100644 --- a/src/middleware/authentication.js +++ b/src/middleware/authentication.js @@ -1,59 +1,33 @@ // middleware/authCheck.js -const fetch = require("node-fetch"); // if not using global fetch +const fetch = require("node-fetch"); const VERIFY_URL = "https://auth.jasonpoage.com/api/verify"; -const CACHE_TTL_MS = 3000; - -const sessionCache = new Map(); - -function cacheKey(req) { - return req.headers["cookie"] || req.headers["authorization"] || ""; -} - -function isCachedValid(key) { - const entry = sessionCache.get(key); - if (!entry) return false; - return Date.now() - entry.timestamp < CACHE_TTL_MS && entry.status === 200; -} - -async function checkAuthFallback(req) { - try { - const res = await fetch(VERIFY_URL, { - headers: { cookie: req.headers["cookie"] || "" }, - credentials: "include" - }); - - const body = await res.text(); - - req.log.debug("[AuthCheck] Response status:", res.status); - req.log.debug("[AuthCheck] Response headers:", Object.fromEntries(res.headers.entries())); - req.log.debug("[AuthCheck] Response body:", body); - - sessionCache.set(cacheKey(req), { timestamp: Date.now(), status: res.status }); - - return res.status === 200; - } catch (err) { - req.log.error("[AuthCheck] Fetch error:", err); - return false; - } -} module.exports = async (req, res, next) => { - const remoteUser = req.headers["remote-user"]; - if (remoteUser) { - req.isAuthenticated = true; - req.log.info("Authenticated: ", remoteUser) - return next(); + const cookie = req.headers["cookie"] || ""; + const authHeader = req.headers["authorization"] || ""; + + try { + const resVerify = await fetch(VERIFY_URL, { + headers: { + cookie, + authorization: authHeader, + }, + credentials: "include", + }); + + // const body = await resVerify.text(); + + req.isAuthenticated = resVerify.status === 200; + + // req.log.debug("[AuthCheck] Response status:", resVerify.status); + // req.log.debug("[AuthCheck] Response headers:", Object.fromEntries(resVerify.headers.entries())); + // req.log.debug("[AuthCheck] Response body:", body); + + req.log.info("Authenticated Result", req.isAuthenticated); + } catch (err) { + req.isAuthenticated = false; + req.log.error("[AuthCheck] Fetch error:", err); } - const key = cacheKey(req); - if (isCachedValid(key) !== false ) { - req.isAuthenticated = true; - req.log.info("Authenticated Key", key) - return next(); - } - - req.isAuthenticated = await checkAuthFallback(req); - - req.log.info("Authenticated Result", req.isAuthenticated) next(); }; diff --git a/src/middleware/baseContext.js b/src/middleware/baseContext.js index e8cb659..03df026 100644 --- a/src/middleware/baseContext.js +++ b/src/middleware/baseContext.js @@ -3,6 +3,7 @@ module.exports = async function baseContextMiddleware(req, res, next) { const isAuthenticated = req.isAuthenticated; + console.log("test remote-user", req.isAuthenticated) const baseContext = await getBaseContext(isAuthenticated); res.locals.baseContext = baseContext;