2024-03-04 15:44:49 +00:00
|
|
|
import { Authorizer } from '@authorizerdev/authorizer-js';
|
2024-03-04 16:37:18 +00:00
|
|
|
import { Server } from '@hocuspocus/server';
|
2024-02-17 11:40:34 +00:00
|
|
|
|
2024-03-04 16:37:18 +00:00
|
|
|
const port = process.env.PORT || 4000;
|
2024-02-17 11:40:34 +00:00
|
|
|
const authorizer = new Authorizer({
|
2024-03-04 15:43:44 +00:00
|
|
|
clientID: process.env.AUTHORIZER_CLIENT_ID || '',
|
|
|
|
|
authorizerURL: process.env.AUTHORIZER_URL || 'https://auth.discours.io',
|
|
|
|
|
redirectURL: process.env.REDIRECT_URL || 'https://testing.discours.io',
|
2024-02-17 11:55:31 +00:00
|
|
|
});
|
|
|
|
|
|
2024-02-17 12:25:44 +00:00
|
|
|
const server = Server.configure({
|
2024-03-04 15:43:44 +00:00
|
|
|
port,
|
|
|
|
|
onConnect({ connection }) {
|
|
|
|
|
connection.requiresAuthentication = true;
|
|
|
|
|
},
|
|
|
|
|
onAuthenticate(data) {
|
2024-03-04 16:25:01 +00:00
|
|
|
return new Promise((resolve, reject) => {
|
2024-03-04 16:37:18 +00:00
|
|
|
const headers = data.requestHeaders;
|
2024-03-04 16:25:01 +00:00
|
|
|
if (!headers) {
|
|
|
|
|
console.error('Request headers not found');
|
2024-03-04 16:37:18 +00:00
|
|
|
return reject(new Error('Required header is not present'));
|
2024-03-04 16:25:01 +00:00
|
|
|
}
|
2024-03-04 15:43:44 +00:00
|
|
|
|
2024-03-04 16:37:18 +00:00
|
|
|
const shout_id = parseInt(data.documentName.replace('shout-', ''), 10);
|
|
|
|
|
console.debug(`shout_id extracted: ${shout_id}`);
|
2024-03-04 15:43:44 +00:00
|
|
|
|
2024-03-04 16:37:18 +00:00
|
|
|
const token = data.token || headers['authorization'] || '';
|
2024-03-04 16:25:01 +00:00
|
|
|
if (!token) {
|
|
|
|
|
console.error('Authorization token not found');
|
2024-03-04 16:37:18 +00:00
|
|
|
return reject(new Error('Token is not found'));
|
2024-03-04 16:25:01 +00:00
|
|
|
}
|
2024-03-04 15:43:44 +00:00
|
|
|
|
2024-03-04 16:37:18 +00:00
|
|
|
authorizer.validateJWTToken({ token_type: 'access_token', token })
|
2024-03-04 16:25:01 +00:00
|
|
|
.then(response => {
|
|
|
|
|
if (!response?.data?.is_valid) {
|
|
|
|
|
console.error('Invalid authorization token');
|
2024-03-04 16:37:18 +00:00
|
|
|
return reject(new Error('Token is invalid'));
|
2024-03-04 16:25:01 +00:00
|
|
|
}
|
2024-03-04 15:43:44 +00:00
|
|
|
|
2024-03-04 16:37:18 +00:00
|
|
|
const { sub: user_id, allowed_roles: roles } = response.data.claims;
|
|
|
|
|
console.debug(`user_id: ${user_id} roles: ${roles}`);
|
2024-03-04 15:43:44 +00:00
|
|
|
|
2024-03-04 16:25:01 +00:00
|
|
|
if (roles.includes('editor')) {
|
2024-03-04 16:37:18 +00:00
|
|
|
return resolve({
|
2024-03-04 16:25:01 +00:00
|
|
|
id: user_id,
|
2024-03-04 16:37:18 +00:00
|
|
|
roles: Array.isArray(roles) ? roles : roles.split(','),
|
|
|
|
|
});
|
2024-03-04 15:43:44 +00:00
|
|
|
}
|
|
|
|
|
|
2024-03-04 16:45:17 +00:00
|
|
|
fetch('https://core.discours.io/', {
|
2024-03-04 16:37:18 +00:00
|
|
|
method: 'POST',
|
|
|
|
|
headers: { 'Content-Type': 'application/json' },
|
|
|
|
|
body: JSON.stringify({
|
|
|
|
|
query: `
|
|
|
|
|
query {
|
|
|
|
|
get_author(user_id: $user_id) {
|
|
|
|
|
id
|
|
|
|
|
slug
|
|
|
|
|
user
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
`,
|
|
|
|
|
variables: { user_id },
|
|
|
|
|
}),
|
2024-03-04 16:25:01 +00:00
|
|
|
})
|
2024-03-04 16:37:18 +00:00
|
|
|
.then(res => res.json())
|
|
|
|
|
.then(data => {
|
|
|
|
|
const { id: author_id } = data.get_author
|
|
|
|
|
if (author_id) {
|
2024-03-04 16:45:17 +00:00
|
|
|
fetch('https://core.discours.io/', {
|
2024-03-04 16:37:18 +00:00
|
|
|
method: 'POST',
|
|
|
|
|
headers: { 'Content-Type': 'application/json' },
|
|
|
|
|
body: JSON.stringify({
|
|
|
|
|
query: `query {
|
|
|
|
|
get_shout(shout_id: $shout_id) {
|
|
|
|
|
id
|
|
|
|
|
slug
|
|
|
|
|
authors
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
`,
|
|
|
|
|
variables: { shout_id },
|
|
|
|
|
}),
|
|
|
|
|
})
|
|
|
|
|
.then(res => res.json())
|
|
|
|
|
.then(data => {
|
|
|
|
|
const { authors } = data.get_shout;
|
|
|
|
|
if (authors.includes(author_id)) {
|
|
|
|
|
return resolve({
|
|
|
|
|
id: user_id,
|
|
|
|
|
author: author_id,
|
|
|
|
|
roles: Array.isArray(roles) ? roles : roles.split(','),
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
return reject(new Error('User is not in authors list'));
|
|
|
|
|
})
|
|
|
|
|
.catch(e => {
|
|
|
|
|
console.error('Error fetching shout data:', e.message);
|
|
|
|
|
console.error(e.stack);
|
|
|
|
|
return reject(new Error('Error fetching shout data'));
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
.catch(e => {
|
|
|
|
|
console.error('Error fetching author data:', e.message);
|
|
|
|
|
console.error(e.stack);
|
|
|
|
|
return reject(new Error('Error fetching author data'));
|
|
|
|
|
});
|
2024-03-04 15:43:44 +00:00
|
|
|
})
|
2024-03-04 16:25:01 +00:00
|
|
|
.catch(e => {
|
|
|
|
|
console.error('Error validating authorization token:', e.message);
|
|
|
|
|
console.error(e.stack);
|
2024-03-04 16:37:18 +00:00
|
|
|
return reject(new Error('Error validating authorization token'));
|
2024-03-04 16:25:01 +00:00
|
|
|
});
|
2024-03-04 16:37:18 +00:00
|
|
|
});
|
|
|
|
|
},
|
2024-02-17 12:25:44 +00:00
|
|
|
});
|
2024-02-17 11:40:34 +00:00
|
|
|
|
2024-03-04 16:37:18 +00:00
|
|
|
server.listen().then(r => console.info('Server started'));
|
