How to use the @foal/core.TokenRequired function in @foal/core

To help you get started, we’ve selected a few @foal/core examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github FoalTS / foal / packages / acceptance-tests / src / mongoose-db.redis-store.spec.ts View on Github external
password: string;
    isAdmin: boolean;
  }

  // We need to call the model 'User2' here not to conflict with another test in this package.
  const UserModel: Model = model('User2', UserSchema);

  function AdminRequired() {
    return Hook((ctx: Context) => {
      if (!ctx.user.isAdmin) {
        return new HttpResponseForbidden();
      }
    });
  }

  @TokenRequired({ user: fetchUser(UserModel), store: RedisStore })
  class MyController {
    @Get('/foo')
    foo() {
      return new HttpResponseOK();
    }

    @Get('/bar')
    @AdminRequired()
    bar() {
      return new HttpResponseOK();
    }
  }

  class AuthController {
    @dependency
    store: RedisStore;
github FoalTS / foal / packages / acceptance-tests / src / csrf / regular-web-app.stateful.spec.ts View on Github external
}
  }

  @TokenRequired({
    cookie: true,
    store: TypeORMStore,
  })
  @CsrfTokenRequired()
  class ApiController {
    @Post('/products')
    createProduct() {
      return new HttpResponseCreated();
    }
  }

  @TokenRequired({
    cookie: true,
    redirectTo: '/login',
    store: TypeORMStore,
  })
  class PageController {
    @Get('/home')
    async home(ctx: Context) {
      // Normally in an HTML template
      return new HttpResponseOK({ csrfToken: await getCsrfToken(ctx.session) });
    }
  }

  class AppController {
    subControllers = [
      AuthController,
      PageController,
github FoalTS / foal / packages / acceptance-tests / src / mongoose-db.redis-store.spec.ts View on Github external
return new HttpResponseOK();
    }

    @Get('/bar')
    @AdminRequired()
    bar() {
      return new HttpResponseOK();
    }
  }

  class AuthController {
    @dependency
    store: RedisStore;

    @Post('/logout')
    @TokenRequired({ store: RedisStore, extendLifeTimeOrUpdate: false })
    async logout(ctx: Context) {
      await this.store.destroy(ctx.session.sessionID);
      return new HttpResponseNoContent();
    }

    @Post('/login')
    @ValidateBody({
      additionalProperties: false,
      properties: {
        email: { type: 'string', format: 'email' },
        password: { type: 'string' }
      },
      required: ['email', 'password'],
      type: 'object',
    })
    async login(ctx: Context) {
github FoalTS / foal / packages / acceptance-tests / src / authentication / session-token.cookie.redirection.spec.ts View on Github external
@Post('/logout')
    @TokenRequired({
      cookie: true,
      extendLifeTimeOrUpdate: false,
      redirectTo: '/login',
      store: TypeORMStore,
    })
    async logout(ctx: Context) {
      await this.store.destroy(ctx.session.sessionID);
      const response = new HttpResponseRedirect('/login');
      removeSessionCookie(response);
      return response;
    }

    @Get('/home')
    @TokenRequired({ store: TypeORMStore, cookie: true, redirectTo: '/login' })
    home() {
      return new HttpResponseOK('Home page');
    }
  }

  class AppController {
    subControllers = [
      AuthController,
      controller('/api', ApiController),
    ];
  }

  before(async () => {
    process.env.SETTINGS_SESSION_SECRET = 'session-secret';
    await createConnection({
      database: 'e2e_db.sqlite',
github FoalTS / foal / packages / acceptance-tests / src / authentication / session-token.cookie.spec.ts View on Github external
let app: any;
  let token: string;

  @Entity()
  class User {
    @PrimaryGeneratedColumn()
    id: number;

    @Column({ unique: true })
    email: string;

    @Column()
    password: string;
  }

  @TokenRequired({ store: TypeORMStore, cookie: true })
  class ApiController {
    @Get('/products')
    readProducts() {
      return new HttpResponseOK([]);
    }
  }

  const credentialsSchema = {
    additionalProperties: false,
    properties: {
      email: { type: 'string', format: 'email' },
      password: { type: 'string' }
    },
    required: [ 'email', 'password' ],
    type: 'object',
  };
github FoalTS / foal / packages / acceptance-tests / src / authentication / session-token.token.spec.ts View on Github external
let app: any;
  let token: string;

  @Entity()
  class User {
    @PrimaryGeneratedColumn()
    id: number;

    @Column({ unique: true })
    email: string;

    @Column()
    password: string;
  }

  @TokenRequired({ store: TypeORMStore })
  class ApiController {
    @Get('/products')
    readProducts() {
      return new HttpResponseOK([]);
    }
  }

  const credentialsSchema = {
    additionalProperties: false,
    properties: {
      email: { type: 'string', format: 'email' },
      password: { type: 'string' }
    },
    required: [ 'email', 'password' ],
    type: 'object',
  };
github FoalTS / foal / packages / acceptance-tests / src / authentication / session-token.cookie.redirection.spec.ts View on Github external
let app: any;
  let token: string;

  @Entity()
  class User {
    @PrimaryGeneratedColumn()
    id: number;

    @Column({ unique: true })
    email: string;

    @Column()
    password: string;
  }

  @TokenRequired({ store: TypeORMStore, cookie: true })
  class ApiController {
    @Get('/products')
    readProducts() {
      return new HttpResponseOK([]);
    }
  }

  const credentialsSchema = {
    additionalProperties: false,
    properties: {
      email: { type: 'string', format: 'email' },
      password: { type: 'string' }
    },
    required: [ 'email', 'password' ],
    type: 'object',
  };
github FoalTS / foal / packages / acceptance-tests / src / mongoose-db.redis-store.spec.ts View on Github external
email: string;
    password: string;
    isAdmin: boolean;
  }

  const UserModel: Model = model('User', UserSchema);

  function AdminRequired() {
    return Hook((ctx: Context) => {
      if (!ctx.user.isAdmin) {
        return new HttpResponseForbidden();
      }
    });
  }

  @TokenRequired({ user: fetchUser(UserModel), store: RedisStore })
  class MyController {
    @Get('/foo')
    foo() {
      return new HttpResponseOK();
    }

    @Get('/bar')
    @AdminRequired()
    bar() {
      return new HttpResponseOK();
    }
  }

  class AuthController {
    @dependency
    store: RedisStore;
github FoalTS / foal / packages / acceptance-tests / src / authorization / groups-and-permissions.spec.ts View on Github external
describe('[Authorization|permissions] Users', () => {

  let app;
  let tokenUser1: string;
  let tokenUser2: string;

  @Entity()
  class User extends UserWithPermissions {}

  @TokenRequired({ user: fetchUserWithPermissions(User), store: TypeORMStore })
  class AppController {
    @Get('/bar')
    @PermissionRequired('access-bar')
    bar() {
      return new HttpResponseNoContent();
    }

    @Get('/foo')
    @PermissionRequired('access-foo')
    foo() {
      return new HttpResponseNoContent();
    }
  }

  before(async () => {
    process.env.SETTINGS_SESSION_SECRET = 'session-secret';
github FoalTS / foal / packages / acceptance-tests / src / csrf / regular-web-app.stateful.spec.ts View on Github external
class AuthController {
    @dependency
    store: TypeORMStore;

    @Post('/login')
    async login() {
      const session = await this.store.createAndSaveSessionFromUser({ id: 1 }, { csrfToken: true });

      const response = new HttpResponseOK();
      setSessionCookie(response, session.getToken());
      return response;
    }
  }

  @TokenRequired({
    cookie: true,
    store: TypeORMStore,
  })
  @CsrfTokenRequired()
  class ApiController {
    @Post('/products')
    createProduct() {
      return new HttpResponseCreated();
    }
  }

  @TokenRequired({
    cookie: true,
    redirectTo: '/login',
    store: TypeORMStore,
  })