protect endpoint

2024-05-27 15:20:24 +02:00 · 2024-05-27 15:20:24 +02:00 · c749adff34
parent 68f77317a3
commit c749adff34
2 changed files with 35 additions and 41 deletions
--- a/logger.mjs
+++ b/logger.mjs
@ -1,6 +1,6 @@
-import pino from 'pino'
+import pino from "pino";
-import path from 'path'
+import path from "path";
-import { fileURLToPath } from 'url';
+import { fileURLToPath } from "url";
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
@ -15,14 +15,15 @@ const __dirname = path.dirname(__filename);
 //     }]
 // })
 export default pino(
-    {
+  {
-      level: 'fatal',
+    level: "info",
-      formatters: {
+    formatters: {
-        level: (label) => {
+      level: (label) => {
-          return { level: label.toUpperCase() };
+        return { level: label.toUpperCase() };
        },
      },
      timestamp: pino.stdTimeFunctions.isoTime,
    },
-    //pino.destination(`${__dirname}/app.log`)
+    timestamp: pino.stdTimeFunctions.isoTime,
-  );
+  },
  //pino.destination(`${__dirname}/app.log`)
 );
--- a/objects/Endpoints.mjs
+++ b/objects/Endpoints.mjs
@ -54,35 +54,28 @@ export const postEndpoints = (db, data) => {
 };
 const protectedEndpoint = (router, Entity, path, method, db, data) => {
-  router.post(`/${Entity.name.toLowerCase()}/${path}`, async (req, res) => {
+  router.post(
-    passport.authenticate(
+    `/${Entity.name.toLowerCase()}/${path}`,
-      "jwt",
+    passport.authenticate("jwt", { session: false }, (_, res) => {
-      { session: false },
+      res.json({ message: "protected endpoint" });
-      async (err, user, info) => {
+    }),
-        if (err) {
+    async (req, res) => {
-          logger.error(err);
+      try {
-        }
+        logger.trace({ data: req.body }, "POST request received");
-        if (info !== undefined) {
+        const entity = new Entity(req.body);
-          logger.info(info.message);
+        await entity[method](db, data);
-          res.status(401).send(info.message);
+        res.sendStatus(200);
-        }
+        data.init();
-        try {
+        return;
-          logger.trace({ data: req.body }, "POST request received");
+      } catch (error) {
-          const entity = new Entity(req.body);
+        logger.error(error);
-          await entity[method](db, data);
+        if (error instanceof TypeError) {
-          res.sendStatus(200);
+          res.sendStatus(400);
          data.init();
          return;
        } catch (error) {
          logger.error(error);
          if (error instanceof TypeError) {
            res.sendStatus(400);
            return;
          }
          res.sendStatus(500);
          return;
        }
-      },
+        res.sendStatus(500);
-    );
+        return;
-  });
+      }
    },
  );
 };