Commit 791e69b0 authored by Evgeniy Zaitsev's avatar Evgeniy Zaitsev
Browse files

v0.0.22

parent 0b4468ee
...@@ -11,31 +11,32 @@ function * checkSessionToken(next) { ...@@ -11,31 +11,32 @@ function * checkSessionToken(next) {
this.throwResponseErrorIfNeed(this.errors); this.throwResponseErrorIfNeed(this.errors);
const user = yield * fetchUser.call(this, sessionToken); const user = yield fetchUser.call(this, sessionToken);
this.throwResponseErrorIfNeed(!user, 'session token is invalid');
this.logger.log(__filename, 'user', user); this.logger.log(__filename, 'user', user);
this.throwResponseErrorIfNeed(!user || !user.id, 'session token is invalid');
this.state.user = user; this.state.user = user;
yield next; yield next;
} }
function * fetchUser(sessionToken) { function fetchUser(sessionToken) {
const queryString = `?service_id=${this.config.service.id}`; const queryString = `?service_id=${this.config.service.id}`;
const path = urlJoin('p', this.state.project.id, 'sessions', sessionToken); const path = '/p/' + this.state.project.id + '/sessions/' + sessionToken;
const url = urlJoin(this.state.instance.auth_endpoint, path + queryString); const url = urlJoin(this.state.instance.auth_endpoint, path + queryString);
const salt = sha1(Date.now() + 'salt' + Date.now()); const salt = sha1(Date.now() + 'salt' + Date.now());
const signeableContent = path + queryString; const signeableContent = path + queryString;
const signature = this.config.accessToken + signeableContent + salt; const signature = sha1(this.config.accessToken + signeableContent + salt);
const headers = {'x-lvis-salt': salt, 'x-lvis-signature': signature};
this.logger.log(__filename, queryString, path, signeableContent, salt);
this.logger.log(__filename, 'fetch user url:', url); this.logger.log(__filename, 'fetch user url:', url, 'headers:', headers);
yield fetch(url, {headers: {'X-LViS-Salt': salt, 'X-LViS-Signature': signature}}) return fetch(url, {headers: headers}).then(res => res.json());
.then(res => res.json())
.then(user => user && Object.assign(user, {sessionToken: sessionToken}));
} }
module.exports = checkSessionToken; module.exports = checkSessionToken;
{ {
"name": "service-sdk", "name": "service-sdk",
"version": "0.0.21", "version": "0.0.22",
"private": true, "private": true,
"description": "Service SDK for LViS", "description": "Service SDK for LViS",
"keywords": [], "keywords": [],
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment