split/monofile
1
0
Fork 0
mirror of https://github.com/mollersuite/monofile.git synced 2024-11-21 21:36:26 -08:00
Code Issues Actions Packages Projects Releases 1 Wiki Activity

api-v1: start work on sanitize middleware func

Browse source
This commit is contained in:
May 2023-10-04 10:41:21 -07:00 committed by GitHub
parent 6e6afd274b
commit 503f5f315f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 30 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
src/server/lib/middleware.ts
View file

@ -74,7 +74,7 @@ export const noAPIAccess: RequestHandler = function(req, res, next) {
/**
* @description Blocks requests based on whether or not the token being used to access the route is of type `User` unless a condition is met.
* @param tokenPermissions Permissions which your route requires.
* @param condition Permissions which your route requires.
* @returns Express middleware
*/
@ -84,4 +84,33 @@ export const noAPIAccessIf = function(condition: (acc:Account, token:string) =>
if (auth.getType(reqToken) == "App" && !condition(res.locals.acc, reqToken)) ServeError(res, 403, "apps are not allowed to access this endpoint")
else next()
}
}
type SchemeType = "array" | "object" | "string" | "number" | "boolean"
interface SchemeObject {
type: "object"
children: {
[key: string]: SchemeParameter
}
}
interface SchemeArray {
type: "array",
children: SchemeParameter /* All children of the array must be this type */
| SchemeParameter[] /* Array must match this pattern */
}
type SchemeParameter = SchemeType | SchemeObject | SchemeArray
/**
* @description Blocks requests based on whether or not the token being used to access the route is of type `User` unless a condition is met.
* @param tokenPermissions Permissions which your route requires.
* @returns Express middleware
*/
export const sanitize = function(scheme: SchemeObject):RequestHandler {
return function(req, res, next) {
}
}