app.ts ➔ createApp - Code Metrics - Inspection of "Enabled jwt authentication" - solutosoft/typescript-api-starter - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( e6aee2...1ab6c1 )

by Leandro

created 2021-07-09 18:01 UTC

app.ts ➔ createApp A

↳ Parent: src/app.ts

Complexity

Conditions

Size

Total Lines	32
Code Lines	27

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	27
dl	0
loc	32
rs	9.232
c	0
b	0
f	0
cc	1

// eslint-disable-next-line import/no-unassigned-import
import "reflect-metadata";
import { Action, createExpressServer, UnauthorizedError, useContainer } from "routing-controllers";
import { getCustomRepository } from "typeorm";
import { AuthController } from "./controllers/AuthController";
import { isProduction, loadEnv } from "./utils/global";
import { CompressionMiddleware } from "./middlewares/CompressionMiddleware";
import { DatabaseMiddleware } from "./middlewares/DatabaseMiddleware";
import { SecurityHstsMiddleware } from "./middlewares/SecurityHstsMiddleware";
import { SecurityMiddleware } from "./middlewares/SecurityMiddleware";
import { SecurityNoCacheMiddleware } from "./middlewares/SecurityNoCacheMiddleware";
import { UserRepository } from "./repositories/UserRepository";
import { checkJwt, createJwt } from "./utils/jwt";
import { User } from "./entities/User";

async function findUser(action: Action): Promise<User | false> {
  const request = action.request;
  const response = action.response;

  const authorization = request.headers["authorization"];
  const apiKey = request.query.key || request.headers["x-api-key"];

  const repository = getCustomRepository(UserRepository);

  if (authorization) {
    try {
      const payload = checkJwt(authorization);
      const token = createJwt(payload);
      response.setHeader("token", `Bearer ${token}`);
      return await repository.findOne({ username: payload.username });
    } catch  {
      return false;
    }
  }

  if (apiKey) {
    return await repository.findOneByApiKey(apiKey);
  }

  return false;
}

export function createApp() {
  loadEnv();

  return createExpressServer({
    development: !isProduction(),
    validation: false,
    cors: {
      origin: true,
      allowedHeaders: [
        "accept",
        "content-type",
        "x-requested-with",
        "x-api-key",
      ],
    },
    controllers: [
      AuthController,
    ],
    middlewares: [
      CompressionMiddleware,
      DatabaseMiddleware,
      SecurityHstsMiddleware,
      SecurityMiddleware,
      SecurityNoCacheMiddleware,
    ],
    currentUserChecker: async (action: Action) => {
      return await findUser(action);
    },
    authorizationChecker: async (action: Action, roles: string[]) => {
      const user = await findUser(action);
      return user && !roles.length;
    },
  });
}


1			// eslint-disable-next-line import/no-unassigned-import
2			import "reflect-metadata";
3			import { Action, createExpressServer, UnauthorizedError, useContainer } from "routing-controllers";
4			import { getCustomRepository } from "typeorm";
5			import { AuthController } from "./controllers/AuthController";
6			import { isProduction, loadEnv } from "./utils/global";
7			import { CompressionMiddleware } from "./middlewares/CompressionMiddleware";
8			import { DatabaseMiddleware } from "./middlewares/DatabaseMiddleware";
9			import { SecurityHstsMiddleware } from "./middlewares/SecurityHstsMiddleware";
10			import { SecurityMiddleware } from "./middlewares/SecurityMiddleware";
11			import { SecurityNoCacheMiddleware } from "./middlewares/SecurityNoCacheMiddleware";
12			import { UserRepository } from "./repositories/UserRepository";
13			import { checkJwt, createJwt } from "./utils/jwt";
14			import { User } from "./entities/User";
15
16			async function findUser(action: Action): Promise<User \| false> {
17			const request = action.request;
18			const response = action.response;
19
20			const authorization = request.headers["authorization"];
21			const apiKey = request.query.key \|\| request.headers["x-api-key"];
22
23			const repository = getCustomRepository(UserRepository);
24
25			if (authorization) {
26			try {
27			const payload = checkJwt(authorization);
28			const token = createJwt(payload);
29			response.setHeader("token", `Bearer ${token}`);
30			return await repository.findOne({ username: payload.username });
31			} catch {
32			return false;
33			}
34			}
35
36			if (apiKey) {
37			return await repository.findOneByApiKey(apiKey);
38			}
39
40			return false;
41			}
42
43			export function createApp() {
44			loadEnv();
45
46			return createExpressServer({
47			development: !isProduction(),
48			validation: false,
49			cors: {
50			origin: true,
51			allowedHeaders: [
52			"accept",
53			"content-type",
54			"x-requested-with",
55			"x-api-key",
56			],
57			},
58			controllers: [
59			AuthController,
60			],
61			middlewares: [
62			CompressionMiddleware,
63			DatabaseMiddleware,
64			SecurityHstsMiddleware,
65			SecurityMiddleware,
66			SecurityNoCacheMiddleware,
67			],
68			currentUserChecker: async (action: Action) => {
69			return await findUser(action);
70			},
71			authorizationChecker: async (action: Action, roles: string[]) => {
72			const user = await findUser(action);
73			return user && !roles.length;
74			},
75			});
76			}
77

solutosoft / typescript-api-starter

Push — master ( e6aee2...1ab6c1 )

app.ts ➔ createApp A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like