Remove middleware to secure access API.

This commit is contained in:
gparant 2020-05-10 17:31:27 +02:00
parent 029a7a9a64
commit 69777ad1cb
5 changed files with 38 additions and 60 deletions

View File

@ -6,27 +6,28 @@ import {Application, Request, Response} from 'express';
import bodyParser = require('body-parser');
import * as http from "http";
import {MapController} from "./Controller/MapController";
import {AuthenticateMiddleware} from "./Middleware/AuthenticateMiddleware";
class App {
public app: Application;
public server: http.Server;
public ioSocketController: IoSocketController;
public authenticateController: AuthenticateController;
//public AuthenticateMiddleware: AuthenticateMiddleware;
public mapController: MapController;
constructor() {
this.app = express();
//config server http
this.config();
this.server = http.createServer(this.app);
this.config();
this.crossOrigin();
//TODO add middleware with access token to secure api
//create socket controllers
this.ioSocketController = new IoSocketController(this.server);
this.authenticateController = new AuthenticateController(this.app);
//this.AuthenticateMiddleware = new AuthenticateMiddleware(this.app);
this.mapController = new MapController(this.app);
}
@ -34,9 +35,15 @@ class App {
private config(): void {
this.app.use(bodyParser.json());
this.app.use(bodyParser.urlencoded({extended: false}));
}
private crossOrigin(){
this.app.use((req: Request, res: Response, next) => {
res.header("Access-Control-Allow-Origin", "*"); // update to match the domain you will make the request from
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
res.setHeader("Access-Control-Allow-Origin", "*"); // update to match the domain you will make the request from
// Request methods you wish to allow
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
// Request headers you wish to allow
res.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
}

View File

@ -1,5 +1,4 @@
import express from "express";
import path from "path";
import {Application, Request, Response} from "express";
import {OK} from "http-status-codes";
import {ROOM_STARTED, ROOMS, URL_ROOM_STARTED} from "../Enum/EnvironmentVariable";
@ -9,7 +8,7 @@ export class MapController {
constructor(App: Application) {
this.App = App;
this.getMpas();
this.getMaps();
this.assetMaps();
}

View File

@ -1,32 +0,0 @@
import {Application, Request, Response} from "express";
import {BAD_REQUEST} from "http-status-codes";
import Jwt, {JsonWebTokenError} from "jsonwebtoken";
import {SECRET_KEY} from "../Enum/EnvironmentVariable";
export class AuthenticateMiddleware{
App: Application;
constructor(App: Application) {
this.App = App;
this.tokenVerification();
}
tokenVerification() {
this.App.use((req: Request, res: Response, next: any) => {
let token = req.header("Access-Token");
if (!token) {
return res.status(BAD_REQUEST).send({
message: "you must to be connected to get the map"
});
}
return Jwt.verify(token, SECRET_KEY, (err: JsonWebTokenError, tokenDecoded: object) => {
if (err) {
return res.status(BAD_REQUEST).send({
message: "you must to be connected to get the map"
});
}
return next();
});
})
}
}

View File

@ -2,7 +2,7 @@ import {GameManager} from "./Phaser/Game/GameManager";
const SocketIo = require('socket.io-client');
import Axios from "axios";
import {API_URL, ROOM} from "./Enum/EnvironmentVariable";
import {API_URL} from "./Enum/EnvironmentVariable";
enum EventMessage{
WEBRTC_SIGNAL = "webrtc-signal",
@ -212,8 +212,10 @@ export class Connexion implements ConnexionInterface {
});
}
loadMaps() : Promise<any>{
return Axios.get(`${API_URL}/maps`).then((res) => {
//TODO add middleware with access token to secure api
loadMaps() : Promise<any> {
return Axios.get(`${API_URL}/maps`)
.then((res) => {
return res.data;
}).catch((err) => {
console.error(err);

View File

@ -93,17 +93,19 @@ export class LogincScene extends Phaser.Scene implements GameSceneInterface {
}
private async login(name: string) {
Promise.all([
gameManager.connect(name, this.selectedPlayer.texture.key),
gameManager.loadMaps()
]).then((data) => {
if (!data) {
return gameManager.connect(name, this.selectedPlayer.texture.key).then(() => {
return gameManager.loadMaps().then((scene : any) => {
if (!scene) {
return;
}
let scene: any = data[1];
let game = new GameScene(scene.mapStart.key, `${API_URL}${scene.mapStart.url}`);
this.scene.add(scene.mapStart.key, game, false);
this.scene.start(scene.mapStart.key);
return scene;
}).catch((err) => {
console.error(err);
throw err;
});
}).catch((err) => {
console.error(err);
throw err;