Skip to content

Commit

Permalink
fix: trpc-rest missing var
Browse files Browse the repository at this point in the history
  • Loading branch information
@nadilas
nadilas committed Feb 5, 2023
1 parent 5ba6b51 commit 77c06be
Show file tree
Hide file tree
Showing 8 changed files with 42 additions and 67 deletions.
Binary file modified .yarn/install-state.gz
View file
Binary file not shown.
0 apps/api/pages/api/v1/[...rest].ts → apps/api/pages/api/v1/[...trpc].ts
View file
File renamed without changes.
21 changes: 18 additions & 3 deletions packages/api/src/trpc.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,9 @@ import type { Session, User } from "@dotinc/bouncer-auth";
import { svix } from "@dotinc/bouncer-events";
import { prisma } from "@dotinc/bouncer-db";
import micromatch from "micromatch";
import { getLogger } from "@dotinc/bouncer-core";

const logger = getLogger("trpc");

type CreateContextOptions = {
session: Session | null;
Expand Down Expand Up @@ -63,8 +66,7 @@ export const createTRPCContext = async (opts: CreateNextContextOptions) => {
const apiKeyHeader = req.headers["x-api-key"];

if (apiKeyHeader && typeof apiKeyHeader === "string") {
const split = apiKeyHeader.split(" ");
auth = split[1] ?? null;
auth = apiKeyHeader;
}
// check if we have a direct user from the web ui instead
else {
Expand Down Expand Up @@ -162,10 +164,12 @@ const userByApiKey = (apiKey: string) => {

// root key check
if (!apiKeys.includes(apiKey)) {
logger.error({ apiKey }, "request x-api-key is not whitelisted");
return null;
}
const emails = env.AUTH_ACL.split(",");
if (emails.length < 1) {
logger.error({ acl: env.AUTH_ACL }, "AUTH_ACL is not configured properly");
return null;
}

Expand All @@ -182,7 +186,10 @@ const userByApiKey = (apiKey: string) => {
*/
export const enforceApiKeyOrACL = t.middleware(async ({ ctx, next }) => {
if (!ctx.auth) {
throw new TRPCError({ code: "FORBIDDEN" });
logger.error(
"UNAUTHORIZED: Session is not available and x-api-key is not defined"
);
throw new TRPCError({ code: "UNAUTHORIZED" });
}

let auth: User;
Expand All @@ -191,6 +198,10 @@ export const enforceApiKeyOrACL = t.middleware(async ({ ctx, next }) => {
// only run db query if the key is whitelisted
const apiKeyUser = await userByApiKey(ctx.auth);
if (!apiKeyUser) {
logger.error(
{ apiKey: ctx.auth },
"FORBIDDEN: x-api-key is not bound to user"
);
// api key is not bound to user
throw new TRPCError({ code: "FORBIDDEN" });
}
Expand All @@ -199,6 +210,10 @@ export const enforceApiKeyOrACL = t.middleware(async ({ ctx, next }) => {
// coming from a session, a user is already present
// check if the user is a valid admin
if (!ctx.auth.email || !validateEmailWithACL(ctx.auth.email)) {
logger.error(
{ email: ctx.auth.email },
"FORBIDDEN: current user e-mail is not set or not whitelisted"
);
// user is not whitelisted
throw new TRPCError({ code: "FORBIDDEN" });
}
Expand Down
5 changes: 1 addition & 4 deletions packages/core/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,16 +32,13 @@
"homepage": "https://github.com/dotindustries/bouncer",
"dependencies": {
"@dotinc/bouncer-db": "workspace:*",
"axios": "1.1.3",
"date-fns": "^2.29.3",
"openapi-merge": "^1.3.2"
"pino": "^8.8.0"
},
"peerDependencies": {
"zod": "^3.19.1"
},
"devDependencies": {
"@types/express": "^4.17.14",
"atlassian-openapi": "^1.0.17",
"rimraf": "^3.0.2",
"tsc-alias": "^1.7.0",
"tsup": "^6.3.0",
Expand Down
1 change: 1 addition & 0 deletions packages/core/src/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
export * from "~/common";
export * from "~/events";
export * from "~/utils/log";
7 changes: 7 additions & 0 deletions packages/core/src/utils/log-level.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
const logLevelData = {
"*": "silent",
trpc: "debug",
home: "info",
};

export default logLevelData;
12 changes: 12 additions & 0 deletions packages/core/src/utils/log.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
import logLevelData from "./log-level";
import pino, { Logger } from "pino";

const logLevels = new Map<string, string>(Object.entries(logLevelData));

export function getLogLevel(logger: string): string {
return logLevels.get(logger) || logLevels.get("*") || "info";
}

export function getLogger(name: string): Logger {
return pino({ name, level: getLogLevel(name) });
}
63 changes: 3 additions & 60 deletions yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1997,11 +1997,8 @@ __metadata:
resolution: "@dotinc/bouncer-core@workspace:packages/core"
dependencies:
"@dotinc/bouncer-db": "workspace:*"
"@types/express": ^4.17.14
atlassian-openapi: ^1.0.17
axios: 1.1.3
date-fns: ^2.29.3
openapi-merge: ^1.3.2
pino: ^8.8.0
rimraf: ^3.0.2
tsc-alias: ^1.7.0
tsup: ^6.3.0
Expand Down Expand Up @@ -5146,7 +5143,7 @@ __metadata:
languageName: node
linkType: hard

"@types/express-serve-static-core@npm:^4.17.18, @types/express-serve-static-core@npm:^4.17.31":
"@types/express-serve-static-core@npm:^4.17.18":
version: 4.17.32
resolution: "@types/express-serve-static-core@npm:4.17.32"
dependencies:
Expand All @@ -5169,18 +5166,6 @@ __metadata:
languageName: node
linkType: hard

"@types/express@npm:^4.17.14":
version: 4.17.15
resolution: "@types/express@npm:4.17.15"
dependencies:
"@types/body-parser": "*"
"@types/express-serve-static-core": ^4.17.31
"@types/qs": "*"
"@types/serve-static": "*"
checksum: b4acd8a836d4f6409cdf79b12d6e660485249b62500cccd61e7997d2f520093edf77d7f8498ca79d64a112c6434b6de5ca48039b8fde2c881679eced7e96979b
languageName: node
linkType: hard

"@types/glob@npm:^7.1.1":
version: 7.2.0
resolution: "@types/glob@npm:7.2.0"
Expand Down Expand Up @@ -6211,16 +6196,6 @@ __metadata:
languageName: node
linkType: hard

"atlassian-openapi@npm:^1.0.17, atlassian-openapi@npm:^1.0.8":
version: 1.0.17
resolution: "atlassian-openapi@npm:1.0.17"
dependencies:
jsonpointer: ^5.0.0
urijs: ^1.19.10
checksum: 372a454e8f5e000e016e261b2151019f0b3dabfad908593c71aae23ebd5b9998c374ae3c0bf0d85dd55dbcca94d5d93e38edf02346d0bd2cb34d3fd20968ddaf
languageName: node
linkType: hard

"atob@npm:^2.1.2":
version: 2.1.2
resolution: "atob@npm:2.1.2"
Expand Down Expand Up @@ -12470,13 +12445,6 @@ __metadata:
languageName: node
linkType: hard

"jsonpointer@npm:^5.0.0":
version: 5.0.1
resolution: "jsonpointer@npm:5.0.1"
checksum: 0b40f712900ad0c846681ea2db23b6684b9d5eedf55807b4708c656f5894b63507d0e28ae10aa1bddbea551241035afe62b6df0800fc94c2e2806a7f3adecd7c
languageName: node
linkType: hard

"jsx-ast-utils@npm:^2.4.1 || ^3.0.0, jsx-ast-utils@npm:^3.3.3":
version: 3.3.3
resolution: "jsx-ast-utils@npm:3.3.3"
Expand Down Expand Up @@ -14309,17 +14277,6 @@ __metadata:
languageName: node
linkType: hard

"openapi-merge@npm:^1.3.2":
version: 1.3.2
resolution: "openapi-merge@npm:1.3.2"
dependencies:
atlassian-openapi: ^1.0.8
lodash: ^4.17.15
ts-is-present: ^1.1.1
checksum: 53284a563270177422db8c7536544913c133dfc5cc7058a1043f3092b5aa997b8224a83c59569d18620f94ccf0a014fcb735e22941a9259b2c60861002f01638
languageName: node
linkType: hard

"openapi-types@npm:^12.0.2, openapi-types@npm:^12.1.0":
version: 12.1.0
resolution: "openapi-types@npm:12.1.0"
Expand Down Expand Up @@ -14982,7 +14939,7 @@ __metadata:
languageName: node
linkType: hard

"pino@npm:^8.4.2":
"pino@npm:^8.4.2, pino@npm:^8.8.0":
version: 8.8.0
resolution: "pino@npm:8.8.0"
dependencies:
Expand Down Expand Up @@ -17631,13 +17588,6 @@ __metadata:
languageName: node
linkType: hard

"ts-is-present@npm:^1.1.1":
version: 1.2.2
resolution: "ts-is-present@npm:1.2.2"
checksum: 3620ecf48219d0dd108e493260a207f4733d8e39a18dffec23c7ed2b1ef2aba7158d0dfafe36f3f27d0092472535a5e474ce04ade54e972e64b2b6329d20ab0b
languageName: node
linkType: hard

"ts-morph@npm:^16.0.0":
version: 16.0.0
resolution: "ts-morph@npm:16.0.0"
Expand Down Expand Up @@ -18252,13 +18202,6 @@ __metadata:
languageName: node
linkType: hard

"urijs@npm:^1.19.10":
version: 1.19.11
resolution: "urijs@npm:1.19.11"
checksum: f9b95004560754d30fd7dbee44b47414d662dc9863f1cf5632a7c7983648df11d23c0be73b9b4f9554463b61d5b0a520b70df9e1ee963ebb4af02e6da2cc80f3
languageName: node
linkType: hard

"urix@npm:^0.1.0":
version: 0.1.0
resolution: "urix@npm:0.1.0"
Expand Down

0 comments on commit 77c06be

Please sign in to comment.