Files
standardnotes-server/packages/auth/src/Controller/LockMiddleware.ts
T
Karol SójkoandGitHub dc71e6777f feat: home-server package initial setup with Api Gateway and Auth services (#605)
* fix(api-gateway): reduce exports

* wip controllers

* fix: imports of controllers

* fix(api-gateway): rename http service interface to proxy interface

* wip: self-registering services and controllers

* wip: add registering controller method bindings and services in container

* feat: merge two services together

* wip: resolving endpoints to direct code calls

* wip: bind controller container to a singleton

* fix: controller binding to instantiate and self-register on controller container

* fix: move signout endpoint to auth controller

* wip: define inversify controllers in the controller container

* fix(auth): bind inversify controllers to controller container

* fix(auth): linter issues

* fix(auth): specs

* fix(auth): inversify controllers bindings

* wip: endpoint resolving

* wip: add endpoint for more auth controllers

* wip: add sessions controller endpoint resolvings

* wip: add subscription invites endpoint resolvings

* wip: add subscription tokens endpoint resolvings

* wip: add all binding for auth server controllers

* wip: fix migrations path

* fix: configure default env vars and ci setup
2023-05-16 11:38:56 +02:00

53 lines
1.6 KiB
TypeScript

import { Username } from '@standardnotes/domain-core'
import { NextFunction, Request, Response } from 'express'
import { inject, injectable } from 'inversify'
import { BaseMiddleware } from 'inversify-express-utils'
import TYPES from '../Bootstrap/Types'
import { LockRepositoryInterface } from '../Domain/User/LockRepositoryInterface'
import { UserRepositoryInterface } from '../Domain/User/UserRepositoryInterface'
@injectable()
export class LockMiddleware extends BaseMiddleware {
constructor(
@inject(TYPES.Auth_UserRepository) private userRepository: UserRepositoryInterface,
@inject(TYPES.Auth_LockRepository) private lockRepository: LockRepositoryInterface,
) {
super()
}
async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
try {
let identifier = request.body.email ?? request.body.username
const usernameOrError = Username.create(identifier)
if (usernameOrError.isFailed()) {
response.status(400).send({
error: {
message: usernameOrError.getError(),
},
})
}
const username = usernameOrError.getValue()
const user = await this.userRepository.findOneByUsernameOrEmail(username)
if (user !== null) {
identifier = user.uuid
}
if (await this.lockRepository.isUserLocked(identifier)) {
response.status(423).send({
error: {
message: 'Too many successive login requests. Please try your request again later.',
},
})
return
}
return next()
} catch (error) {
return next(error)
}
}
}