From 16102e520f50811356567c55eb2cfaed81cf89f7 Mon Sep 17 00:00:00 2001 From: Raymond Feng Date: Sun, 24 May 2020 12:55:04 -0700 Subject: [PATCH] feat(authentication): add a middleware for authentication --- .../src/authentication.component.ts | 19 ++++++------ packages/authentication/src/keys.ts | 8 +++++ .../src/providers/auth-action.provider.ts | 31 +++++++++++++++++-- 3 files changed, 46 insertions(+), 12 deletions(-) diff --git a/packages/authentication/src/authentication.component.ts b/packages/authentication/src/authentication.component.ts index df158aaf35bd..f3638c17e987 100644 --- a/packages/authentication/src/authentication.component.ts +++ b/packages/authentication/src/authentication.component.ts @@ -3,23 +3,22 @@ // This file is licensed under the MIT License. // License text available at https://opensource.org/licenses/MIT -import {bind, Component, ContextTags, ProviderMap} from '@loopback/core'; +import {bind, Component, ContextTags} from '@loopback/core'; import {AuthenticationBindings} from './keys'; import { AuthenticateActionProvider, + AuthenticationMiddlewareProvider, AuthenticationStrategyProvider, AuthMetadataProvider, } from './providers'; @bind({tags: {[ContextTags.KEY]: AuthenticationBindings.COMPONENT}}) export class AuthenticationComponent implements Component { - providers?: ProviderMap; - - constructor() { - this.providers = { - [AuthenticationBindings.AUTH_ACTION.key]: AuthenticateActionProvider, - [AuthenticationBindings.STRATEGY.key]: AuthenticationStrategyProvider, - [AuthenticationBindings.METADATA.key]: AuthMetadataProvider, - }; - } + providers = { + [AuthenticationBindings.AUTH_ACTION.key]: AuthenticateActionProvider, + [AuthenticationBindings.STRATEGY.key]: AuthenticationStrategyProvider, + [AuthenticationBindings.METADATA.key]: AuthMetadataProvider, + [AuthenticationBindings.AUTHENTICATION_MIDDLEWARE + .key]: AuthenticationMiddlewareProvider, + }; } diff --git a/packages/authentication/src/keys.ts b/packages/authentication/src/keys.ts index 28f1bb7e55fa..615e0dfdb608 100644 --- a/packages/authentication/src/keys.ts +++ b/packages/authentication/src/keys.ts @@ -5,6 +5,7 @@ import {BindingKey, MetadataAccessor} from '@loopback/core'; import {SecurityBindings, UserProfile} from '@loopback/security'; +import {Middleware} from '@loopback/rest'; import {AuthenticationComponent} from './authentication.component'; import { AuthenticateFn, @@ -88,6 +89,13 @@ export namespace AuthenticationBindings { 'authentication.actions.authenticate', ); + /** + * Binding key for AUTHENTICATION_MIDDLEWARE + */ + export const AUTHENTICATION_MIDDLEWARE = BindingKey.create( + 'middleware.authentication', + ); + /** * Key used to inject authentication metadata, which is used to determine * whether a request requires authentication or not. diff --git a/packages/authentication/src/providers/auth-action.provider.ts b/packages/authentication/src/providers/auth-action.provider.ts index 40e54f0fbbfe..daed73473253 100644 --- a/packages/authentication/src/providers/auth-action.provider.ts +++ b/packages/authentication/src/providers/auth-action.provider.ts @@ -3,8 +3,14 @@ // This file is licensed under the MIT License. // License text available at https://opensource.org/licenses/MIT -import {Getter, inject, Provider, Setter} from '@loopback/core'; -import {Request, RedirectRoute} from '@loopback/rest'; +import {bind, Getter, inject, Provider, Setter} from '@loopback/core'; +import { + asMiddleware, + Middleware, + RedirectRoute, + Request, + RestTags, +} from '@loopback/rest'; import {SecurityBindings, UserProfile} from '@loopback/security'; import {AuthenticationBindings} from '../keys'; import { @@ -80,3 +86,24 @@ export class AuthenticateActionProvider implements Provider { } } } + +@bind( + asMiddleware({ + chain: RestTags.REST_MIDDLEWARE_CHAIN, + group: 'authentication', + upstreamGroups: ['cors', 'findRoute'], + }), +) +export class AuthenticationMiddlewareProvider implements Provider { + constructor( + @inject(AuthenticationBindings.AUTH_ACTION) + private authenticate: AuthenticateFn, + ) {} + + value(): Middleware { + return async (ctx, next) => { + await this.authenticate(ctx.request); + return next(); + }; + } +}