Mirror Job-Info-Test PB token validation flow
This commit is contained in:
@@ -57,6 +57,14 @@ async function createValidatedPbClient(token: string): Promise<PocketBase> {
|
||||
return client;
|
||||
}
|
||||
|
||||
function getRequestPbToken(c: any): string {
|
||||
const headerToken = String(c.req.header('x-pb-token') || '').trim();
|
||||
if (headerToken) return headerToken;
|
||||
const authHeader = String(c.req.header('authorization') || '').trim();
|
||||
const bearer = getBearerToken(authHeader);
|
||||
return String(bearer || '').trim();
|
||||
}
|
||||
|
||||
function decodeJwtPayload(token: string): Record<string, unknown> | null {
|
||||
try {
|
||||
const parts = String(token || '').split('.');
|
||||
@@ -454,10 +462,55 @@ app.get('/api/auth/msal-config', (c) => {
|
||||
});
|
||||
});
|
||||
|
||||
app.post('/api/auth/validate-pb-token', async (c) => {
|
||||
try {
|
||||
const body = await c.req.json().catch(() => ({}));
|
||||
const pbToken = String(body?.pbToken || '').trim();
|
||||
if (!pbToken) {
|
||||
return c.json({ valid: false, error: 'No token provided' }, 400);
|
||||
}
|
||||
|
||||
const tokenPayload = decodeJwtPayload(pbToken);
|
||||
let taskPb: PocketBase;
|
||||
try {
|
||||
taskPb = await createValidatedPbClient(pbToken);
|
||||
} catch (error) {
|
||||
const message = (error as Error)?.message || String(error);
|
||||
return c.json({
|
||||
valid: false,
|
||||
error: 'Invalid PocketBase token',
|
||||
details: message,
|
||||
tokenContext: {
|
||||
type: String(tokenPayload?.type || ''),
|
||||
collectionId: String(tokenPayload?.collectionId || ''),
|
||||
collectionName: String(tokenPayload?.collectionName || ''),
|
||||
},
|
||||
}, 401);
|
||||
}
|
||||
|
||||
const user = taskPb.authStore.record || taskPb.authStore.model || null;
|
||||
return c.json({
|
||||
valid: true,
|
||||
user: user ? {
|
||||
id: user.id || '',
|
||||
email: user.email || '',
|
||||
name: user.name || user.username || user.email || '',
|
||||
} : null,
|
||||
tokenContext: {
|
||||
type: String(tokenPayload?.type || ''),
|
||||
collectionId: String(tokenPayload?.collectionId || ''),
|
||||
collectionName: String(tokenPayload?.collectionName || ''),
|
||||
},
|
||||
});
|
||||
} catch (error) {
|
||||
return c.json({ valid: false, error: (error as Error)?.message || 'Validation failed' }, 500);
|
||||
}
|
||||
});
|
||||
|
||||
// GET /api/tasks/users
|
||||
// Requires: x-pb-token
|
||||
app.get('/api/tasks/users', async (c) => {
|
||||
const pbToken = c.req.header('x-pb-token');
|
||||
const pbToken = getRequestPbToken(c);
|
||||
if (!pbToken) return c.json({ success: false, message: 'Missing x-pb-token' }, 401);
|
||||
|
||||
let taskPb: PocketBase;
|
||||
@@ -526,7 +579,7 @@ app.get('/api/tasks/users', async (c) => {
|
||||
// GET /api/tasks/list?userId=<id>
|
||||
// Requires: x-pb-token
|
||||
app.get('/api/tasks/list', async (c) => {
|
||||
const pbToken = c.req.header('x-pb-token');
|
||||
const pbToken = getRequestPbToken(c);
|
||||
if (!pbToken) return c.json({ success: false, message: 'Missing x-pb-token' }, 401);
|
||||
|
||||
let taskPb: PocketBase;
|
||||
|
||||
Reference in New Issue
Block a user