40 lines
1.2 KiB
JavaScript
40 lines
1.2 KiB
JavaScript
|
const { Authorizer } = require('@authorizerdev/authorizer-js')
|
||
|
|
const { Server } = require('@hocuspocus/server')
|
||
|
|
|
||
|
|
const authorizer = new Authorizer({
|
||
|
|
clientID: process.env.AUTHORIZER_CLIENT_ID,
|
||
|
|
authorizerURL: 'https://auth.discours.io',
|
||
|
|
redirectURL: 'https://testing.discours.io',
|
||
|
|
})
|
||
|
|
;(async () => {
|
||
|
|
const server = await Server.configure({
|
||
|
|
port: 4242,
|
||
|
|
async onConnect({ connection }) {
|
||
|
|
connection.requiresAuthentication = true
|
||
|
|
},
|
||
|
|
async onAuthenticate(data) {
|
||
|
|
if (data.requestHeaders) {
|
||
|
|
const params = {
|
||
|
|
token_type: 'access_token',
|
||
|
|
token: data.requestHeaders['authorization'] || '',
|
||
|
|
}
|
||
|
|
if (params.token) {
|
||
|
|
const response = await authorizer.validateJWTToken(params)
|
||
|
|
if (response?.data?.is_valid) {
|
||
|
|
const { sub: user, allowed_roles: roles } = response.data.claims
|
||
|
|
console.debug(`user_id: ${user} roles: ${roles}`)
|
||
|
|
return {
|
||
|
|
id: user,
|
||
|
|
roles,
|
||
|
|
}
|
||
|
|
}
|
||
|
|
console.error('no valid auth token presented')
|
||
|
|
throw new Error('Not authorized!')
|
||
|
|
}
|
||
|
|
}
|
||
|
|
},
|
||
|
|
}).listen()
|
||
|
|
|
||
|
|
server.listen()
|
||
|
|
})()
|