26 lines
968 B
TypeScript
26 lines
968 B
TypeScript
export type Method = "POST" | "GET" | "PUT" | "DELETE" | "PATCH" | "*";
|
|
|
|
export interface RouteAuthRule {
|
|
action: "allow" | "deny";
|
|
methods: Method[];
|
|
endpoint: string;
|
|
tokenKind?: "None" | "Bearer" | "Basic"; // defaults to "Bearer"
|
|
}
|
|
|
|
export const routeAuth: { [k: string]: RouteAuthRule[] } = {
|
|
// default is an unknown user. They are allowed to create a new user for themselves
|
|
// without any token, and they are allowed to access the token endpoint to login with
|
|
// a Basic token. Other than that, they cannot do anything!
|
|
default: [
|
|
{ action: "allow", methods: ["POST"], endpoint: "/api/users", tokenKind: "None" },
|
|
{ action: "allow", methods: ["POST"], endpoint: "/api/token", tokenKind: "Basic" }
|
|
],
|
|
|
|
// player is anyone else. They are authorized to hit any endpoint, using any method,
|
|
// with a Bearer token.
|
|
player: [
|
|
{ action: "allow", methods: ["*"], endpoint: "*" },
|
|
{ action: "deny", methods: ["POST"], endpoint: "/api/token" }
|
|
]
|
|
};
|