neoris/openvidu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

backend: Refactor authentication middleware usage across routes to enhance security and role validation

Browse Source
This commit is contained in:
juancarmore 2025-03-21 01:33:01 +01:00
parent a3e325c262
commit e383d10fd6
4 changed files with 58 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
backend/src/routes/global-preferences.routes.ts
View File

@ -4,12 +4,21 @@ import {
getAppearancePreferences,
updateAppearancePreferences
} from '../controllers/global-preferences/appearance-preferences.controller.js';
import { withAdminValidToken } from '../middlewares/auth.middleware.js';
import { withAuth, tokenAndRoleValidator, apiKeyValidator } from '../middlewares/auth.middleware.js';
import { Role } from '@typings-ce';
export const preferencesRouter = Router();
preferencesRouter.use(bodyParser.urlencoded({ extended: true }));
preferencesRouter.use(bodyParser.json());
preferencesRouter.put('/appearance', withAdminValidToken, updateAppearancePreferences);
preferencesRouter.get('/appearance', withAdminValidToken, getAppearancePreferences);
preferencesRouter.put(
'/appearance',
withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)),
updateAppearancePreferences
);
preferencesRouter.get(
'/appearance',
withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)),
getAppearancePreferences
);

6
backend/src/routes/participants.routes.ts
View File

@ -11,7 +11,11 @@ participantsInternalRouter.use(bodyParser.urlencoded({ extended: true }));
participantsInternalRouter.use(bodyParser.json());
participantsInternalRouter.post('/token', validateParticipantTokenRequest, participantCtrl.generateParticipantToken);
participantsInternalRouter.post('/token/refresh', validateParticipantTokenRequest, participantCtrl.refreshParticipantToken);
participantsInternalRouter.post(
'/token/refresh',
validateParticipantTokenRequest,
participantCtrl.refreshParticipantToken
);
export const participantsRouter = Router();
participantsRouter.use(bodyParser.urlencoded({ extended: true }));

21
backend/src/routes/recording.routes.ts
View File

@ -1,8 +1,9 @@
import { Router } from 'express';
import bodyParser from 'body-parser';
import * as recordingCtrl from '../controllers/recording.controller.js';
import { withParticipantValidToken, withUserBasicAuth } from '../middlewares/auth.middleware.js';
import { withAuth, participantTokenValidator, tokenAndRoleValidator } from '../middlewares/auth.middleware.js';
import { withRecordingEnabledAndCorrectPermissions } from '../middlewares/recording.middleware.js';
import { Role } from '@typings-ce';
export const recordingRouter = Router();
@ -12,15 +13,23 @@ recordingRouter.use(bodyParser.json());
// Recording Routes
recordingRouter.post(
'/',
withParticipantValidToken,
withAuth(participantTokenValidator),
withRecordingEnabledAndCorrectPermissions,
recordingCtrl.startRecording
);
recordingRouter.put('/:recordingId', withUserBasicAuth, /* withRecordingEnabled,*/ recordingCtrl.stopRecording);
recordingRouter.get('/:recordingId/stream', /*withRecordingEnabled,*/ recordingCtrl.streamRecording);
recordingRouter.put(
'/:recordingId',
withAuth(participantTokenValidator),
/* withRecordingEnabledAndCorrectPermissions,*/ recordingCtrl.stopRecording
);
recordingRouter.get(
'/:recordingId/stream',
withAuth(participantTokenValidator),
/*withRecordingEnabledAndCorrectPermissions,*/ recordingCtrl.streamRecording
);
recordingRouter.delete(
'/:recordingId',
withUserBasicAuth,
/*withRecordingEnabled,*/
withAuth(tokenAndRoleValidator(Role.ADMIN), participantTokenValidator),
/*withRecordingEnabledAndCorrectPermissions,*/
recordingCtrl.deleteRecording
);

33
backend/src/routes/room.routes.ts
View File

@ -1,8 +1,12 @@
import { Router } from 'express';
import bodyParser from 'body-parser';
import * as roomCtrl from '../controllers/room.controller.js';
import { withUserBasicAuth, withValidApiKey } from '../middlewares/auth.middleware.js';
import { validateGetRoomQueryParams, validateRoomRequest } from '../middlewares/request-validators/room-validator.middleware.js';
import { withAuth, tokenAndRoleValidator, apiKeyValidator } from '../middlewares/auth.middleware.js';
import {
validateGetRoomQueryParams,
validateRoomRequest
} from '../middlewares/request-validators/room-validator.middleware.js';
import { Role } from '@typings-ce';
export const roomRouter = Router();
@ -10,10 +14,25 @@ roomRouter.use(bodyParser.urlencoded({ extended: true }));
roomRouter.use(bodyParser.json());
// Room Routes
roomRouter.post('/', /*withValidApiKey,*/ validateRoomRequest, roomCtrl.createRoom);
roomRouter.get('/', withUserBasicAuth, validateGetRoomQueryParams, roomCtrl.getRooms);
roomRouter.get('/:roomName', withUserBasicAuth, validateGetRoomQueryParams, roomCtrl.getRoom);
roomRouter.delete('/:roomName', withUserBasicAuth, roomCtrl.deleteRooms);
roomRouter.post(
'/',
withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN), tokenAndRoleValidator(Role.USER)),
validateRoomRequest,
roomCtrl.createRoom
);
roomRouter.get(
'/',
withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)),
validateGetRoomQueryParams,
roomCtrl.getRooms
);
roomRouter.get(
'/:roomName',
withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN), tokenAndRoleValidator(Role.USER)),
validateGetRoomQueryParams,
roomCtrl.getRoom
);
roomRouter.delete('/:roomName', withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)), roomCtrl.deleteRooms);
// Room preferences
roomRouter.put('/', /*withAdminBasicAuth,*/ roomCtrl.updateRoomPreferences);
roomRouter.put('/', withAuth(apiKeyValidator, tokenAndRoleValidator(Role.ADMIN)), roomCtrl.updateRoomPreferences);