mirror of
https://github.com/jambonz/jambonz-api-server.git
synced 2026-07-04 19:21:53 +00:00
feature/user-api-calls (#80)
* initial changes for jwt auth * return permissions as an array of string * basic GET, POST, DELETE user api calls * add permission checks * hide hashed_password * cleanup * add check if admin user is active * return account and serviceProvider sid un user object * add more values to user PUT * logout user after self delete, fix scope assignment * add admin scope user tests * fix test case and align jwt and api key data model in req.user * fixes for ibm speech * add limits license_count and voice_call_minutes * update limits enum again * rebase to main * allow predefined carriers and speech credentials for Account user * reverse the hasAccountPermissions changes * SpeechCredentials permissions * fix /Users/me api non-saas jambonz Co-authored-by: Dave Horton <daveh@beachdognet.com> Co-authored-by: eglehelms <e.helms@cognigy.com>
This commit is contained in:
+12
-8
@@ -76,24 +76,28 @@ const checkApiTokens = (logger, token, done) => {
|
||||
}
|
||||
|
||||
// found api key
|
||||
const scope = [];
|
||||
let scope;
|
||||
//const scope = [];
|
||||
if (results[0].account_sid === null && results[0].service_provider_sid === null) {
|
||||
scope.push.apply(scope, ['admin', 'service_provider', 'account']);
|
||||
//scope.push.apply(scope, ['admin', 'service_provider', 'account']);
|
||||
scope = 'admin';
|
||||
}
|
||||
else if (results[0].service_provider_sid) {
|
||||
scope.push.apply(scope, ['service_provider', 'account']);
|
||||
//scope.push.apply(scope, ['service_provider', 'account']);
|
||||
scope = 'service_provider';
|
||||
}
|
||||
else {
|
||||
scope.push('account');
|
||||
//scope.push('account');
|
||||
scope = 'account';
|
||||
}
|
||||
|
||||
const user = {
|
||||
account_sid: results[0].account_sid,
|
||||
service_provider_sid: results[0].service_provider_sid,
|
||||
hasScope: (s) => scope.includes(s),
|
||||
hasAdminAuth: scope.length === 3,
|
||||
hasServiceProviderAuth: scope.includes('service_provider'),
|
||||
hasAccountAuth: scope.includes('account') && !scope.includes('service_provider')
|
||||
hasScope: (s) => s === scope,
|
||||
hasAdminAuth: scope === 'admin',
|
||||
hasServiceProviderAuth: scope === 'service_provider',
|
||||
hasAccountAuth: scope === 'account'
|
||||
};
|
||||
logger.info(user, `successfully validated with scope ${scope}`);
|
||||
return done(null, user, {scope});
|
||||
|
||||
Reference in New Issue
Block a user