nolan/jamoke
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added auth to server hook.

Browse Source
This commit is contained in:
Nolan Hellyer
2025-01-23 20:58:46 -08:00
parent 8700c431cf
commit 5487a23c86
24 changed files with 1305 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/lib/server/routeAuth.ts Normal file
View File

@ -0,0 +1,25 @@
export type Method = "POST" | "GET" | "PUT" | "DELETE" | "PATCH" | "*";
export interface RouteAuthRule {
action: "allow" | "deny";
methods: Method[];
endpoint: string;
tokenKind?: "None" | "Bearer" | "Basic"; // defaults to "Bearer"
}
export const routeAuth: { [k: string]: RouteAuthRule[] } = {
// default is an unknown user. They are allowed to create a new user for themselves
// without any token, and they are allowed to access the token endpoint to login with
// a Basic token. Other than that, they cannot do anything!
default: [
{ action: "allow", methods: ["POST"], endpoint: "/api/users", tokenKind: "None" },
{ action: "allow", methods: ["POST"], endpoint: "/api/token", tokenKind: "Basic" }
],
// player is anyone else. They are authorized to hit any endpoint, using any method,
// with a Bearer token.
player: [
{ action: "allow", methods: ["*"], endpoint: "*" },
{ action: "deny", methods: ["POST"], endpoint: "/api/token" }
]
};