From 4f0c163a8811e55e2df23c7d7b95fb8d7938abd2 Mon Sep 17 00:00:00 2001 From: "ITHQ1947\\saritha.pillai" Date: Mon, 26 Aug 2024 13:32:09 +0530 Subject: [PATCH] Reset --- package-lock.json | 108 +++++++++++++++++++++++++--- package.json | 3 +- src/service/ActivityEventService.ts | 6 +- src/service/ActivityService.ts | 14 ++-- src/service/ActivitySpecService.ts | 12 ++-- src/service/CredentialService.ts | 8 +-- src/service/ParticipantService.ts | 16 ++--- src/service/ResearcherService.ts | 16 ++--- src/service/Security.ts | 21 +++--- src/service/SensorEventService.ts | 6 +- src/service/SensorService.ts | 14 ++-- src/service/SensorSpecService.ts | 12 ++-- src/service/StudyService.ts | 14 ++-- src/service/TypeService.ts | 8 +-- src/service/jwtToken.ts | 32 ++++----- 15 files changed, 187 insertions(+), 103 deletions(-) diff --git a/package-lock.json b/package-lock.json index ed12113..77060fa 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,7 +15,7 @@ "cors": "^2.8.5", "express": "^4.17.1", "ioredis": "^4.22.0", - "jose": "^5.6.3", + "jsonwebtoken": "^9.0.2", "mongodb": "^6.8.0", "morgan": "^1.9.1", "nano": "^10.1.3", @@ -35,6 +35,7 @@ "@types/fs-extra": "^5.1.0", "@types/ioredis": "^4.22.0", "@types/jest": "^27.5.1", + "@types/jsonwebtoken": "^9.0.6", "@types/morgan": "^1.9.2", "@types/nano": "^7.0.0", "@types/node": "^13.1.2", @@ -1432,6 +1433,15 @@ "integrity": "sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==", "dev": true }, + "node_modules/@types/jsonwebtoken": { + "version": "9.0.6", + "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-9.0.6.tgz", + "integrity": "sha512-/5hndP5dCjloafCXns6SZyESp3Ldq7YjH3zwzwczYnjxIT0Fqzk5ROSYVGfFyczIue7IUEj8hkvLbPoLQ18vQw==", + "dev": true, + "dependencies": { + "@types/node": "*" + } + }, "node_modules/@types/mime": { "version": "1.3.5", "resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz", @@ -2267,6 +2277,11 @@ "node": ">=16.20.1" } }, + "node_modules/buffer-equal-constant-time": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", + "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==" + }, "node_modules/buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", @@ -2909,6 +2924,14 @@ "integrity": "sha512-YXQl1DSa4/PQyRfgrv6aoNjhasp/p4qs9FjJ4q4cQk+8m4r6k4ZSiEyytKG8f8W9gi8WsQtIObNmKd+tMzNTmA==", "dev": true }, + "node_modules/ecdsa-sig-formatter": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", + "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", + "dependencies": { + "safe-buffer": "^5.0.1" + } + }, "node_modules/ee-first": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", @@ -5574,14 +5597,6 @@ "url": "https://github.com/chalk/supports-color?sponsor=1" } }, - "node_modules/jose": { - "version": "5.6.3", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.6.3.tgz", - "integrity": "sha512-1Jh//hEEwMhNYPDDLwXHa2ePWgWiFNNUadVmguAAw2IJ6sj9mNxV5tGXJNqlMkJAybF6Lgw1mISDxTePP/187g==", - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, "node_modules/js-tokens": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", @@ -5647,6 +5662,46 @@ "node": ">=6" } }, + "node_modules/jsonwebtoken": { + "version": "9.0.2", + "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz", + "integrity": "sha512-PRp66vJ865SSqOlgqS8hujT5U4AOgMfhrwYIuIhfKaoSCZcirrmASQr8CX7cUg+RMih+hgznrjp99o+W4pJLHQ==", + "dependencies": { + "jws": "^3.2.2", + "lodash.includes": "^4.3.0", + "lodash.isboolean": "^3.0.3", + "lodash.isinteger": "^4.0.4", + "lodash.isnumber": "^3.0.3", + "lodash.isplainobject": "^4.0.6", + "lodash.isstring": "^4.0.1", + "lodash.once": "^4.0.0", + "ms": "^2.1.1", + "semver": "^7.5.4" + }, + "engines": { + "node": ">=12", + "npm": ">=6" + } + }, + "node_modules/jwa": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", + "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", + "dependencies": { + "buffer-equal-constant-time": "1.0.1", + "ecdsa-sig-formatter": "1.0.11", + "safe-buffer": "^5.0.1" + } + }, + "node_modules/jws": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", + "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", + "dependencies": { + "jwa": "^1.4.1", + "safe-buffer": "^5.0.1" + } + }, "node_modules/keyv": { "version": "4.5.4", "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz", @@ -5925,11 +5980,41 @@ "resolved": "https://registry.npmjs.org/lodash.flatten/-/lodash.flatten-4.4.0.tgz", "integrity": "sha512-C5N2Z3DgnnKr0LOpv/hKCgKdb7ZZwafIrsesve6lmzvZIRZRGaZ/l6Q8+2W7NaT+ZwO3fFlSCzCzrDCFdJfZ4g==" }, + "node_modules/lodash.includes": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz", + "integrity": "sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w==" + }, "node_modules/lodash.isarguments": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/lodash.isarguments/-/lodash.isarguments-3.1.0.tgz", "integrity": "sha512-chi4NHZlZqZD18a0imDHnZPrDeBbTtVN7GXMwuGdRH9qotxAjYs3aVLKc7zNOG9eddR5Ksd8rvFEBc9SsggPpg==" }, + "node_modules/lodash.isboolean": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz", + "integrity": "sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg==" + }, + "node_modules/lodash.isinteger": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz", + "integrity": "sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA==" + }, + "node_modules/lodash.isnumber": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz", + "integrity": "sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw==" + }, + "node_modules/lodash.isplainobject": { + "version": "4.0.6", + "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz", + "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA==" + }, + "node_modules/lodash.isstring": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz", + "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw==" + }, "node_modules/lodash.memoize": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", @@ -5942,6 +6027,11 @@ "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", "dev": true }, + "node_modules/lodash.once": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", + "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg==" + }, "node_modules/log-update": { "version": "6.1.0", "resolved": "https://registry.npmjs.org/log-update/-/log-update-6.1.0.tgz", diff --git a/package.json b/package.json index b84459d..a0f422b 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ "cors": "^2.8.5", "express": "^4.17.1", "ioredis": "^4.22.0", - "jose": "^5.6.3", + "jsonwebtoken": "^9.0.2", "mongodb": "^6.8.0", "morgan": "^1.9.1", "nano": "^10.1.3", @@ -26,6 +26,7 @@ "@types/fs-extra": "^5.1.0", "@types/ioredis": "^4.22.0", "@types/jest": "^27.5.1", + "@types/jsonwebtoken": "^9.0.6", "@types/morgan": "^1.9.2", "@types/nano": "^7.0.0", "@types/node": "^13.1.2", diff --git a/src/service/ActivityEventService.ts b/src/service/ActivityEventService.ts index 413277d..ccc0f80 100644 --- a/src/service/ActivityEventService.ts +++ b/src/service/ActivityEventService.ts @@ -105,7 +105,7 @@ ActivityEventService.Router.post("/participant/:participant_id/activity_event", ), }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -126,8 +126,8 @@ ActivityEventService.Router.get("/participant/:participant_id/activity_event", a output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) -// TODO: activity/* and sensor/* entry \ No newline at end of file +// TODO: activity/* and sensor/* entry diff --git a/src/service/ActivityService.ts b/src/service/ActivityService.ts index 6c0392d..9e31c1d 100644 --- a/src/service/ActivityService.ts +++ b/src/service/ActivityService.ts @@ -120,7 +120,7 @@ ActivityService.Router.post("/study/:study_id/activity", authenticateToken, asyn try { res.json({ data: await ActivityService.create(req.get("Authorization"), req.params.study_id, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -129,7 +129,7 @@ ActivityService.Router.put("/activity/:activity_id", authenticateToken, async (r try { res.json({ data: await ActivityService.set(req.get("Authorization"), req.params.activity_id, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -138,7 +138,7 @@ ActivityService.Router.delete("/activity/:activity_id", authenticateToken, async try { res.json({ data: await ActivityService.set(req.get("Authorization"), req.params.activity_id, null) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -149,7 +149,7 @@ ActivityService.Router.get("/activity/:activity_id", authenticateToken, async (r output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -167,7 +167,7 @@ ActivityService.Router.get("/participant/:participant_id/activity", authenticate output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -184,7 +184,7 @@ ActivityService.Router.get("/study/:study_id/activity", authenticateToken, async output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } -}) \ No newline at end of file +}) diff --git a/src/service/ActivitySpecService.ts b/src/service/ActivitySpecService.ts index bf80db7..cfe4e49 100644 --- a/src/service/ActivitySpecService.ts +++ b/src/service/ActivitySpecService.ts @@ -42,7 +42,7 @@ ActivitySpecService.Router.post("/activity_spec", authenticateToken, async (req: try { res.json({ data: await ActivitySpecService.create(req.get("Authorization"), null, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -51,7 +51,7 @@ ActivitySpecService.Router.put("/activity_spec/:activity_spec_name", authenticat try { res.json({ data: await ActivitySpecService.set(req.get("Authorization"), req.params.activity_spec_name, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -60,7 +60,7 @@ ActivitySpecService.Router.delete("/activity_spec/:activity_spec_name", authenti try { res.json({ data: await ActivitySpecService.set(req.get("Authorization"), req.params.activity_spec_name, null) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -71,7 +71,7 @@ ActivitySpecService.Router.get("/activity_spec/:activity_spec_name", authenticat output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -82,7 +82,7 @@ ActivitySpecService.Router.get("/activity_spec", authenticateToken, async (req: output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } -}) \ No newline at end of file +}) diff --git a/src/service/CredentialService.ts b/src/service/CredentialService.ts index 99ef68c..d1ccf3c 100644 --- a/src/service/CredentialService.ts +++ b/src/service/CredentialService.ts @@ -58,7 +58,7 @@ CredentialService.Router.get( output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } } @@ -76,7 +76,7 @@ CredentialService.Router.post( ), }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } } @@ -97,7 +97,7 @@ CredentialService.Router.put( ), }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } } @@ -118,7 +118,7 @@ CredentialService.Router.delete( ), }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } } diff --git a/src/service/ParticipantService.ts b/src/service/ParticipantService.ts index e4482fc..f6486ad 100644 --- a/src/service/ParticipantService.ts +++ b/src/service/ParticipantService.ts @@ -124,7 +124,7 @@ ParticipantService.Router.post("/study/:study_id/participant", authenticateToken try { res.json({ data: await ParticipantService.create(req.get("Authorization"), req.params.study_id, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -133,7 +133,7 @@ ParticipantService.Router.put("/participant/:participant_id", authenticateToken, try { res.json({ data: await ParticipantService.set(req.get("Authorization"), req.params.participant_id, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -142,7 +142,7 @@ ParticipantService.Router.delete("/participant/:participant_id", authenticateTok try { res.json({ data: await ParticipantService.set(req.get("Authorization"), req.params.participant_id, null) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -153,7 +153,7 @@ ParticipantService.Router.get("/participant/:participant_id", authenticateToken, output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -164,7 +164,7 @@ ParticipantService.Router.get("/activity/:activity_id/participant", authenticate output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -175,7 +175,7 @@ ParticipantService.Router.get("/sensor/:sensor_id/participant", authenticateToke output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -186,7 +186,7 @@ ParticipantService.Router.get("/study/:study_id/participant", authenticateToken, output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } -}) \ No newline at end of file +}) diff --git a/src/service/ResearcherService.ts b/src/service/ResearcherService.ts index c895e48..d33c8e6 100644 --- a/src/service/ResearcherService.ts +++ b/src/service/ResearcherService.ts @@ -94,7 +94,7 @@ ResearcherService.Router.post("/researcher", authenticateToken, async (req: Requ try { res.json({ data: await ResearcherService.create(req.get("Authorization"), null, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -104,7 +104,7 @@ ResearcherService.Router.put("/researcher/:researcher_id", authenticateToken, as try { res.json({ data: await ResearcherService.set(req.get("Authorization"), req.params.researcher_id, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -113,7 +113,7 @@ ResearcherService.Router.delete("/researcher/:researcher_id", authenticateToken, try { res.json({ data: await ResearcherService.set(req.get("Authorization"), req.params.researcher_id, null) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -124,7 +124,7 @@ ResearcherService.Router.get("/researcher/:researcher_id", authenticateToken, as output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -135,7 +135,7 @@ ResearcherService.Router.get("/researcher", authenticateToken, async (req: Reque output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -212,7 +212,7 @@ ResearcherService.Router.get("/researcher/:researcher_id/_lookup/:lookup", authe res.json({ studies: study_details, sensors: sensors }) } } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -330,7 +330,7 @@ ResearcherService.Router.get("/study/:study_id/_lookup/:lookup/mode/:mode", auth res.json({ participants: ParticipantIDs }) } } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } -}) \ No newline at end of file +}) diff --git a/src/service/Security.ts b/src/service/Security.ts index 433f0a8..0e73d26 100644 --- a/src/service/Security.ts +++ b/src/service/Security.ts @@ -1,5 +1,5 @@ import { Repository } from "../repository/Bootstrap" -import { SignJWT } from "jose"; +import jwt from "jsonwebtoken" // The AuthSubject type represents an already-validated authorization that can be reused. type AuthSubject = { origin: string; access_key: string; secret_key: string; } @@ -9,7 +9,7 @@ const JWT_SECRET = process.env.secret_key as string; // If components are missing, throw a missing credentials error (HTTP 401). // Otherwise, locate the Credential or throw an error if not found/invalid. export async function _createAuthSubject(authHeader: string | undefined): Promise { - const CredentialRepository = new Repository().getCredentialRepository() + const CredentialRepository = new Repository().getCredentialRepository() if (authHeader === undefined) throw new Error("401.missing-credentials") const authStr = authHeader.replace("Basic", "").trim() const auth = (authStr.indexOf(":") >= 0 ? authStr : Buffer.from(authStr, "base64").toString()).split(":", 2) @@ -42,20 +42,15 @@ export async function _verify( authSubject = await _createAuthSubject(authSubject) const isRoot = authSubject.origin === null - const secret_key = new TextEncoder().encode(JWT_SECRET); // Generating jwt access token - const access_token = await new SignJWT({ access_key: authSubject.access_key, secret_key: authSubject.secret_key }) - .setProtectedHeader({ alg: 'HS256' }) - .setIssuedAt() - .setExpirationTime('2h') - .sign(secret_key); + const access_token = jwt.sign({ access_key: authSubject.access_key, secret_key: authSubject.secret_key }, JWT_SECRET, { + expiresIn: '1h', + }); // Refresh token - const refresh_token = await new SignJWT({ access_key: authSubject.access_key }) - .setProtectedHeader({ alg: 'HS256' }) - .setIssuedAt() - .setExpirationTime('12h') - .sign(secret_key); + const refresh_token = jwt.sign({ access_key: authSubject.access_key }, JWT_SECRET, { + expiresIn: '12h', + }); response.access_token = access_token; response.access_key = authSubject.access_key diff --git a/src/service/SensorEventService.ts b/src/service/SensorEventService.ts index c76b894..aad98ac 100644 --- a/src/service/SensorEventService.ts +++ b/src/service/SensorEventService.ts @@ -63,7 +63,7 @@ SensorEventService.Router.post("/participant/:participant_id/sensor_event", auth }) } catch (e:any) { console.log("Failure Msg On sensor events post", e.message) - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -84,9 +84,9 @@ SensorEventService.Router.get("/participant/:participant_id/sensor_event", authe output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) -// TODO: activity/* and sensor/* entry \ No newline at end of file +// TODO: activity/* and sensor/* entry diff --git a/src/service/SensorService.ts b/src/service/SensorService.ts index 7ce1d5c..61aaaba 100644 --- a/src/service/SensorService.ts +++ b/src/service/SensorService.ts @@ -148,7 +148,7 @@ SensorService.Router.post("/study/:study_id/sensor", authenticateToken, async (r try { res.json({ data: await SensorService.create(req.get("Authorization"), req.params.study_id, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -156,7 +156,7 @@ SensorService.Router.put("/sensor/:sensor_id", authenticateToken, async (req: Re try { res.json({ data: await SensorService.set(req.get("Authorization"), req.params.sensor_id, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -165,7 +165,7 @@ SensorService.Router.delete("/sensor/:sensor_id", authenticateToken, async (req: try { res.json({ data: await SensorService.set(req.get("Authorization"), req.params.sensor_id, null) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -176,7 +176,7 @@ SensorService.Router.get("/sensor/:sensor_id", authenticateToken, async (req: Re output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -194,7 +194,7 @@ SensorService.Router.get("/participant/:participant_id/sensor", authenticateToke output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -207,7 +207,7 @@ SensorService.Router.get("/study/:study_id/sensor", authenticateToken, async (re output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } -}) \ No newline at end of file +}) diff --git a/src/service/SensorSpecService.ts b/src/service/SensorSpecService.ts index 0b3963e..cafe304 100644 --- a/src/service/SensorSpecService.ts +++ b/src/service/SensorSpecService.ts @@ -42,7 +42,7 @@ SensorSpecService.Router.post("/sensor_spec", authenticateToken, async (req: Req try { res.json({ data: await SensorSpecService.create(req.get("Authorization"), null, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -51,7 +51,7 @@ SensorSpecService.Router.put("/sensor_spec/:sensor_spec_name", authenticateToken try { res.json({ data: await SensorSpecService.set(req.get("Authorization"), req.params.sensor_spec_name, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -60,7 +60,7 @@ SensorSpecService.Router.delete("/sensor_spec/:sensor_spec_name", authenticateTo try { res.json({ data: await SensorSpecService.set(req.get("Authorization"), req.params.sensor_spec_name, null) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -71,7 +71,7 @@ SensorSpecService.Router.get("/sensor_spec/:sensor_spec_name", authenticateToken output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -82,7 +82,7 @@ SensorSpecService.Router.get("/sensor_spec", authenticateToken, async (req: Requ output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } -}) \ No newline at end of file +}) diff --git a/src/service/StudyService.ts b/src/service/StudyService.ts index 3916458..957d8d1 100644 --- a/src/service/StudyService.ts +++ b/src/service/StudyService.ts @@ -138,7 +138,7 @@ StudyService.Router.post("/researcher/:researcher_id/study", authenticateToken, try { res.json({ data: await StudyService.create(req.get("Authorization"), req.params.researcher_id, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -147,7 +147,7 @@ StudyService.Router.put("/study/:study_id", authenticateToken, async (req: Reque try { res.json({ data: await StudyService.set(req.get("Authorization"), req.params.study_id, req.body) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -156,7 +156,7 @@ StudyService.Router.delete("/study/:study_id", authenticateToken, async (req: Re try { res.json({ data: await StudyService.set(req.get("Authorization"), req.params.study_id, null) }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -167,7 +167,7 @@ StudyService.Router.get("/study/:study_id", authenticateToken, async (req: Reque output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -178,7 +178,7 @@ StudyService.Router.get("/researcher/:researcher_id/study", authenticateToken, a output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -322,7 +322,7 @@ StudyService.Router.post("/researcher/:researcher_id/study/clone", authenticateT ) res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } -}) \ No newline at end of file +}) diff --git a/src/service/TypeService.ts b/src/service/TypeService.ts index 6cc3aa4..e10d5a0 100644 --- a/src/service/TypeService.ts +++ b/src/service/TypeService.ts @@ -111,7 +111,7 @@ TypeService.Router.get(_parent_routes, authenticateToken, async (req: Request, r output = typeof req.query.transform === "string" ? jsonata(req.query.transform).evaluate(output) : output res.json(output) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -136,7 +136,7 @@ TypeService.Router.get(_get_routes, authenticateToken, async (req: Request, res: }) } } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } }) @@ -155,7 +155,7 @@ TypeService.Router.put(_put_routes, authenticateToken, async (req: Request, res: : null /* error */, }) } catch (e:any) { - if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Bearer realm="LAMP" charset="UTF-8"`) + if (e.message === "401.missing-credentials") res.set("WWW-Authenticate", `Basic realm="LAMP" charset="UTF-8"`) res.status(parseInt(e.message.split(".")[0]) || 500).json({ error: e.message }) } -}) \ No newline at end of file +}) diff --git a/src/service/jwtToken.ts b/src/service/jwtToken.ts index 4ece836..8bcc39c 100644 --- a/src/service/jwtToken.ts +++ b/src/service/jwtToken.ts @@ -1,36 +1,34 @@ import { Request, Response, NextFunction } from 'express'; -import { jwtVerify } from 'jose'; +import jwt from 'jsonwebtoken'; const JWT_SECRET = process.env.secret_key as string; -export async function authenticateToken(req: Request, res: Response, next: NextFunction) { +export function authenticateToken(req: Request, res: Response, next: NextFunction) { const authHeader = req.headers['authorization']; if (!authHeader) { - return res.status(401).json({ error: '401.missing-token' }); + return res.status(401).json({ error: '401.missing-credentials' }); } const token = authHeader.split(' ')[1]; if (!token) { - return res.status(401).json({ error: '401.missing-token' }); + return res.status(401).json({ error: '401.missing-credentials' }); } - try { - const secretKey = new TextEncoder().encode(JWT_SECRET); - console.log(secretKey) - const {payload}: any = await jwtVerify(token, secretKey) - console.log(payload) - - if (typeof payload !== 'object' || !payload) { + jwt.verify(token, JWT_SECRET, (err, user) => { + if (err) { return res.status(403).json({ error: '403.invalid-token' }); } - // const pld = jwtDecrypt(payload) - const { access_key, secret_key } = payload as { access_key: string, secret_key: string }; + + if (typeof user !== 'object' || !user) { + return res.status(403).json({ error: '403.invalid-token' }); + } + + const { access_key, secret_key } = user as { access_key: string, secret_key: string }; // Set the Authorization header in the format expected by _createAuthSubject req.headers['authorization'] = `Basic ${Buffer.from(`${access_key}:${secret_key}`).toString('base64')}`; + next(); - } catch(err){ - return res.status(403).json({ error: '403.invalid-token' }); - } -} \ No newline at end of file + }); +}