refactor: send reporter key in auth header

botim · Mar 15, 2019 · cb6aa8d · cb6aa8d
1 parent fc232bf
commit cb6aa8d
Show file tree

Hide file tree

Showing 7 changed files with 36 additions and 38 deletions.
diff --git a/src/controllers/user-statuses-controller.ts b/src/controllers/user-statuses-controller.ts
@@ -1,7 +1,18 @@
-import { Body, Controller, Query, Get, Post, Response, Route, Security, Tags } from 'tsoa';
+import {
+  Body,
+  Controller,
+  Query,
+  Get,
+  Post,
+  Response,
+  Route,
+  Security,
+  Tags,
+  Header
+} from 'tsoa';
 
 import { getUserStatusMap, createNewReport } from '../data';
-import { Platform, UserStatusMap, Status, Cache } from '../core';
+import { Platform, UserStatusMap, Cache } from '../core';
 import { UserStatus } from '../models';
 
 const usersCache = new Cache(
@@ -53,7 +64,10 @@ export class UserStatusesController extends Controller {
   @Response(401, 'Authentication fail')
   @Security('reporterAuth')
   @Post('report')
-  public async report(@Body() report: UserStatus): Promise<void> {
-    await createNewReport(report);
+  public async report(
+    @Body() report: UserStatus,
+    @Header('Authorization') reporterKey: string
+  ): Promise<void> {
+    await createNewReport(report, reporterKey);
   }
 }
diff --git a/src/data/report.ts b/src/data/report.ts
@@ -9,8 +9,8 @@ import { UserStatus } from '../models';
  * mark report as 'DUPLICATE'.
  * @param report Report to create.
  */
-export const createNewReport = async (report: UserStatus) => {
-  let initialStatus: Status = Status.REPORTED;
+export const createNewReport = async (report: UserStatus, reporterKey: string) => {
+  let status: Status = Status.REPORTED;
   const { platform, userId, postId, commentId, replyCommentId } = report;
 
   const userStatusRepository = getConnection().getRepository(UserStatus);
@@ -42,10 +42,10 @@ export const createNewReport = async (report: UserStatus) => {
     }
 
     /** Mark the report as 'DUPLICATE' */
-    initialStatus = Status.DUPLICATE;
+    status = Status.DUPLICATE;
   }
 
-  const userStatus = new UserStatus({ ...report, status: initialStatus });
+  const userStatus = new UserStatus({ ...report, status, reporterKey });
 
   await userStatusRepository.save(userStatus);
 };
diff --git a/src/data/reporters.ts b/src/data/reporters.ts
@@ -2,6 +2,10 @@ import { getConnection } from '../core';
 import { Reporter } from '../models';
 
 export const checkReporterKey = async (reporterKey: string): Promise<boolean> => {
+  if (!reporterKey) {
+    return;
+  }
+
   /** Get the record that reporterKey match *reporterKey* parameter. */
   const reporterRepository = getConnection().getRepository(Reporter);
   const reporter = await reporterRepository.findOne({ reporterKey });

diff --git a/src/models/authenticated-request.model.ts b/src/models/authenticated-request.model.ts
diff --git a/src/models/index.ts b/src/models/index.ts
@@ -1,3 +1,2 @@
-export * from './authenticated-request.model';
 export * from './user-status.model';
 export * from './reporter.model';
diff --git a/src/models/user-status.model.ts b/src/models/user-status.model.ts
@@ -1,12 +1,10 @@
 import { Entity, PrimaryGeneratedColumn, Column, Unique } from 'typeorm';
 
-import { AuthenticatedRequest } from './authenticated-request.model';
-
 import { Platform, Status, Reason } from '../core';
 
 @Entity({ name: 'user_statuses' })
 @Unique(['platform', 'userId', 'postId', 'commentId', 'replyCommentId'])
-export class UserStatus extends AuthenticatedRequest {
+export class UserStatus {
   @PrimaryGeneratedColumn() private id: number;
 
   @Column({ type: 'enum', enum: Platform, nullable: false })
@@ -33,9 +31,11 @@ export class UserStatus extends AuthenticatedRequest {
   @Column({ type: 'varchar', length: 200, nullable: true })
   public description?: string;
 
-  constructor(private userStatus?: Partial<UserStatus>) {
-    super(userStatus);
+  @Column({ name: 'reporter_key', type: 'varchar', length: 30, nullable: false })
+  // optional for the report route validations
+  public reporterKey?: string;
 
+  constructor(private userStatus?: Partial<UserStatus>) {
     if (userStatus) {
       Object.assign(this, userStatus);
     }

diff --git a/src/security/authentication.ts b/src/security/authentication.ts
@@ -1,11 +1,10 @@
 import * as express from 'express';
 
-import { AuthenticatedRequest } from '../models';
 import { checkReporterKey } from '../data';
-import { Cache, logger } from '../core';
+import { logger } from '../core';
 
 /**
- * Cert Authentication middelwhere API.
+ * Cert Authentication middleware API.
  * the key should be the 'reporterKey' property in the body.
  */
 export const expressAuthentication = async (request: express.Request, scopes: string[]) => {
@@ -16,11 +15,9 @@ export const expressAuthentication = async (request: express.Request, scopes: st
   }
 
   /** Make sure that there is a body, and the body contains the API key. */
-  const authenticatedRequest: AuthenticatedRequest = request.body;
-  if (authenticatedRequest && authenticatedRequest.reporterKey) {
-    if (await checkReporterKey(authenticatedRequest.reporterKey)) {
-      return;
-    }
+  const reporterKey = request.header('Authorization');
+  if (await checkReporterKey(reporterKey)) {
+    return;
   }
 
   throw new Error('auth fail');