dev: pre-auth

2026-01-05 12:40:26 -06:00 · 2025-05-23 17:33:24 -04:00
parent 6363f6307c
commit 340871295e
4 changed files with 19 additions and 1 deletions
--- a/src/backend/src/CoreModule.js
+++ b/src/backend/src/CoreModule.js
@@ -112,6 +112,7 @@ const install = async ({ services, app, useapi, modapi }) => {
    const { DevConsoleService } = require('./services/DevConsoleService');
    const { RateLimitService } = require('./services/sla/RateLimitService');
    const { AuthService } = require('./services/auth/AuthService');
+    const { PreAuthService } = require("./services/auth/PreAuthService");
    const { SLAService } = require('./services/sla/SLAService');
    const { PermissionService } = require('./services/auth/PermissionService');
    const { ACLService } = require('./services/auth/ACLService');
@@ -222,6 +223,7 @@ const install = async ({ services, app, useapi, modapi }) => {
    })
    services.registerService('rate-limit', RateLimitService);
    services.registerService('auth', AuthService);
+    services.registerService('preauth', PreAuthService);
    services.registerService('permission', PermissionService);
    services.registerService('sla', SLAService);
    services.registerService('acl', ACLService);
--- a/src/backend/src/middleware/configurable_auth.js
+++ b/src/backend/src/middleware/configurable_auth.js
@@ -42,6 +42,9 @@ const is_whoami = (req) => {
 const configurable_auth = options => async (req, res, next) => {
    const optional = options?.optional;

+    // Request might already have been authed (PreAuthService)
+    if ( req.actor ) next();
+
    // === Getting the Token ===
    // This step came from jwt_auth in src/helpers.js
    // However, since request-response handling is a concern of the
--- a/src/backend/src/modules/web/WebServerService.js
+++ b/src/backend/src/modules/web/WebServerService.js
@@ -64,6 +64,7 @@ class WebServerService extends BaseService {
    async ['__on_boot.consolidation'] () {
        const app = this.app;
        const services = this.services;
+        await services.emit('install.middlewares.early', { app });
        await services.emit('install.middlewares.context-aware', { app });
        this.install_post_middlewares_({ app });
        await services.emit('install.routes', {
@@ -81,7 +82,7 @@ class WebServerService extends BaseService {

            const event = {
                req, res,
-                end: false,
+                end_: false,
                end () {
                    this.end_ = true;
                }
--- a/src/backend/src/services/auth/PreAuthService.js
+++ b/src/backend/src/services/auth/PreAuthService.js
@@ -0,0 +1,12 @@
+const configurable_auth = require("../../middleware/configurable_auth");
+const BaseService = require("../BaseService");
+
+class PreAuthService extends BaseService {
+    async ['__on_install.middlewares.early'] (_, { app }) {
+        app.use(configurable_auth({ optional: true }));
+    }
+}
+
+module.exports = {
+    PreAuthService,
+};