Skip to content

Instantly share code, notes, and snippets.

@jonstorer

jonstorer/.gitignore

Last active December 27, 2016 15:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jonstorer/1a4d1c08429dfc6ec99cdc2230350ed4 to your computer and use it in GitHub Desktop.
Save jonstorer/1a4d1c08429dfc6ec99cdc2230350ed4 to your computer and use it in GitHub Desktop.
Download ZIP
Auth Proxy to APIs POC
Raw
.gitignore
node_modules
npm-debug.log
Raw
api.js
module.exports = function (gd) {
const express = gd.express;
const jwt = gd.jwt;
const config = gd.config;
const morgan = gd.morgan;
const request = gd.request;
const url = gd.url;
const app = express();
app.use(morgan('dev'));
// validate token
app.use(function (req, res, next) {
let token = req.headers.Authorization || req.headers.authorization;
let matches = token.match(/Bearer (.+)/);
let match = matches && matches[1];
if (match) {
jwt.verify(match, config.jwt_secret, function (err, user) {
next(err);
});
} else {
next(new Error('bad token'));
}
});
// proxy request
let proxy = function (base_url) {
return function (req, res, next) {
let currentUrl = url.parse(req.originalUrl);
let apiUrl = url.parse(base_url);
apiUrl.pathname = currentUrl.pathname;
if (currentUrl.query) { apiUrl.search = "?" + currentUrl.query; }
req.pipe(request(url.format(apiUrl))).pipe(res)
};
};
app.use('*widgets*', proxy(config.widget.base_url));
app.use(proxy(config.user.base_url));
var server = app.listen(config.api.port, function (err) {
if (err) { console.log(err); }
console.info('Api on port %s.', server.address().port);
});
};
Raw
config.js
module.exports = {
jwt_secret: 'so sekret',
web: {
base_url: 'http://localhost:9374',
port: 9374
},
user: {
base_url: 'http://localhost:9375',
port: 9375
},
api: {
base_url: 'http://localhost:9376',
port: 9376
},
widget: {
base_url: 'http://localhost:9377',
port: 9377
}
}
Raw
database.js
module.exports = {
users: {
1: {
id: 1,
name: 'User (Full)',
widgets: [
{ id: 'w1', name: 'Widgey' },
{ id: 'w2', name: 'Wudgey' }
],
authorization: {
users: { create: true, read: true, update: true, delete: true },
widgets: { create: true, read: true, update: true, delete: true }
}
},
2: {
id: 2,
name: 'User (Nothing)',
widgets: [
{ id: 'w3', name: 'Wodgey' },
{ id: 'w4', name: 'Wadgey' }
],
authorization: {
users: { create: false, read: false, update: false, delete: false },
widgets: { create: false, read: false, update: false, delete: false }
}
}
},
clients: {
1: {
id: 1,
name: 'Client (Full)',
authorization: {
users: { create: true, read: true, update: true, delete: true },
widgets: { create: true, read: true, update: true, delete: true }
}
},
2: {
id: 2,
name: 'Client (Nothing)',
authorization: {
users: { create: false, read: false, update: false, delete: false },
widgets: { create: false, read: false, update: false, delete: false }
}
}
}
};
Raw
index.html
<html>
<head>
</head>
<body>
<a href="/a/v1/me">Request /me as user 1</a>
<br/> <br/>
<a href="/a/v1/me?id=2">Request /me as user 2</a>
<br/> <br/>
<a href="/c/v1/users/1">Request /users/1 as client 1</a>
<br/> <br/>
<a href="/c/v1/users/1?id=2">Request /users/1 as client 2</a>
<br/> <br/>
<a href="/a/v1/users/1/widgets">Request /users/1/widgets as user 1</a>
</body>
</html>
Raw
index.js
const globalDependencies = {
express: require('express'),
morgan: require('morgan'),
jwt: require('jsonwebtoken'),
request: require('request'),
url: require('url'),
path: require('path'),
config: require('./config'),
database: require('./database')
};
(require('./web'))(globalDependencies);
(require('./api'))(globalDependencies);
(require('./user'))(globalDependencies);
(require('./widget'))(globalDependencies);
Raw
package.json
{
"name": "proxy_poc",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"start": "node ."
},
"author": "",
"license": "ISC",
"dependencies": {
"express": "^4.14.0",
"jsonwebtoken": "^7.2.1",
"morgan": "^1.7.0",
"request": "^2.79.0"
}
}
Raw
user.js
module.exports = function (gd) {
const express = gd.express;
const config = gd.config;
const jwt = gd.jwt;
const database = require('./database');
let authorize = function (scope, action) {
return function (req, res, next) {
if (req.user.authorization[scope][action]) {
next();
} else {
res.json(401, 'Unauthorized');
};
};
};
const app = express();
app.use(gd.morgan('dev'));
app.use(function (req, res, next) {
req.user = jwt.decode(req.headers.authorization.match(/Bearer (.+)/)[1]);
next();
});
app.get('/v1/me', authorize('users', 'read'), function (req, res, next) {
res.json(database.users[req.user.id]);
});
app.get('/v1/users/:id', authorize('users', 'read'), function (req, res, next) {
res.json(database.users[req.params.id]);
});
var server = app.listen(config.user.port, function (err) {
if (err) { console.log(err); }
console.info('User on port %s.', server.address().port);
});
};
Raw
web.js
module.exports = function (gd) {
const express = gd.express;
const jwt = gd.jwt;
const config = gd.config;
const url = gd.url;
const request = gd.request;
const morgan = gd.morgan;
const path = gd.path;
const database = gd.database;
let userToken = function (req, res, next) {
let id = req.query.id || 1;
let user = database.users[id];
let token = jwt.sign(user, config.jwt_secret);
req.headers.Authorization = 'Bearer ' + token;
next();
}
let clientToken = function (req, res, next) {
let id = req.query.id || 1;
let client = database.clients[id];
let token = jwt.sign(client, config.jwt_secret);
req.headers.Authorization = 'Bearer ' + token;
next();
}
let proxy = function (req, res, next) {
let currentUrl = url.parse(req.url);
let apiUrl = url.parse(config.api.base_url);
apiUrl.pathname = currentUrl.pathname;
if (currentUrl.query) { apiUrl.search = "?" + currentUrl.query; }
console.log(url.format(apiUrl));
req.pipe(request(url.format(apiUrl))).pipe(res)
};
const app = express();
app.use(morgan('dev'));
app.use(express.static(__dirname));
app.use('/a', userToken, proxy);
app.use('/c', clientToken, proxy);
var server = app.listen(config.web.port, function (err) {
if (err) { console.log(err); }
console.info('Web on port %s.', server.address().port);
});
};
Raw
widget.js
module.exports = function (gd) {
const express = gd.express;
const config = gd.config;
const jwt = gd.jwt;
const database = require('./database');
let authorize = function (scope, action) {
return function (req, res, next) {
if (req.user.authorization[scope][action]) {
next();
} else {
res.json(401, 'Unauthorized');
};
};
};
const app = express();
app.use(gd.morgan('dev'));
app.use(function (req, res, next) {
req.user = jwt.decode(req.headers.authorization.match(/Bearer (.+)/)[1]);
next();
});
app.get('/v1/users/:id/widgets', authorize('widgets', 'read'), function (req, res, next) {
res.json(database.users[req.params.id].widgets);
});
var server = app.listen(config.widget.port, function (err) {
if (err) { console.log(err); }
console.info('Widget on port %s.', server.address().port);
});
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment