98 lines
2.3 KiB
TypeScript
98 lines
2.3 KiB
TypeScript
// types.ts
|
|
|
|
// FIXME: split this up into types used by app developers and types internal
|
|
// to the framework.
|
|
import type { Request as ExpressRequest } from "express";
|
|
import type { MatchFunction } from "path-to-regexp";
|
|
import { z } from "zod";
|
|
import type { Session } from "./auth/types";
|
|
import type { ContentType } from "./content-types";
|
|
import type { HttpCode } from "./http-codes";
|
|
import {
|
|
AnonymousUser,
|
|
type MaybeUser,
|
|
type Permission,
|
|
type User,
|
|
} from "./user";
|
|
|
|
const methodParser = z.union([
|
|
z.literal("GET"),
|
|
z.literal("POST"),
|
|
z.literal("PUT"),
|
|
z.literal("PATCH"),
|
|
z.literal("DELETE"),
|
|
]);
|
|
|
|
export type Method = z.infer<typeof methodParser>;
|
|
const massageMethod = (input: string): Method => {
|
|
const r = methodParser.parse(input.toUpperCase());
|
|
|
|
return r;
|
|
};
|
|
|
|
export type Call = {
|
|
pattern: string;
|
|
path: string;
|
|
method: Method;
|
|
parameters: object;
|
|
request: ExpressRequest;
|
|
user: MaybeUser;
|
|
session: Session;
|
|
};
|
|
|
|
export type InternalHandler = (req: ExpressRequest) => Promise<Result>;
|
|
|
|
export type Handler = (call: Call) => Promise<Result>;
|
|
export type ProcessedRoute = {
|
|
matcher: MatchFunction<Record<string, string>>;
|
|
method: Method;
|
|
handler: InternalHandler;
|
|
};
|
|
|
|
export type Result = {
|
|
code: HttpCode;
|
|
contentType: ContentType;
|
|
result: string;
|
|
};
|
|
|
|
export type Route = {
|
|
path: string;
|
|
methods: Method[];
|
|
handler: Handler;
|
|
interruptable?: boolean;
|
|
};
|
|
|
|
// Authentication error classes
|
|
export class AuthenticationRequired extends Error {
|
|
constructor() {
|
|
super("Authentication required");
|
|
this.name = "AuthenticationRequired";
|
|
}
|
|
}
|
|
|
|
export class AuthorizationDenied extends Error {
|
|
constructor() {
|
|
super("Authorization denied");
|
|
this.name = "AuthorizationDenied";
|
|
}
|
|
}
|
|
|
|
// Helper for handlers to require authentication
|
|
export function requireAuth(call: Call): User {
|
|
if (call.user === AnonymousUser) {
|
|
throw new AuthenticationRequired();
|
|
}
|
|
return call.user;
|
|
}
|
|
|
|
// Helper for handlers to require specific permission
|
|
export function requirePermission(call: Call, permission: Permission): User {
|
|
const user = requireAuth(call);
|
|
if (!user.hasPermission(permission)) {
|
|
throw new AuthorizationDenied();
|
|
}
|
|
return user;
|
|
}
|
|
|
|
export { methodParser, massageMethod };
|