diff --git a/src/routes/aggregate/aggregate.ts b/src/routes/aggregate/aggregate.ts index 9c88a6b..3e706e3 100644 --- a/src/routes/aggregate/aggregate.ts +++ b/src/routes/aggregate/aggregate.ts @@ -35,24 +35,31 @@ export function registerAggregateRoutes( f => f.supportedAggregation && f.supportedAggregation.length > 0, ); - // API unique idenfier - const aggregateAPIIdentifier = `aggregate->${model.name}->get_aggregation`; - const webhookConfig = - config.apis?.[aggregateAPIIdentifier]?.webhooks ?? null; - const sspConfig = config.apis?.[aggregateAPIIdentifier]?.ssp ?? []; + // construct the api identifier + const apiIdentifier = `aggregate->${model.name}->get_aggregation`; + + // extract the api configs based on the api identifier + const webhookConfig = config.apis?.[apiIdentifier]?.webhooks ?? null; + const sspConfig = config.apis?.[apiIdentifier]?.ssp ?? []; + // calculating the authroization based on auth flag, it can be true + // if the api level auth is enabled, or if the app level auth is enabled const authorization = - config.apis?.[aggregateAPIIdentifier]?.authorization ?? false; + config.apis?.[apiIdentifier]?.authorization ?? + config.auth?.enableAuth ?? + false; // for each aggregatable field, we create a GET route // //aggregation/ for (const field of aggregatableFields) { const operations = field.supportedAggregation!; + // generating the schema for the route const schema: Record = generateSchema( config, field, model, operations, + authorization, ); app.get( @@ -189,14 +196,23 @@ function generateSchema( field: ModelFieldConfig, model: ModelConfig, operations: SupportedAggregationOperation[], + authorization: boolean, ) { const security: Array<{[key: string]: string[]}> = []; - if (config.auth?.enableAuth && config.auth?.authEngine === 'up-auth') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'up-auth' && + authorization + ) { security.push({bearerAuth: []}); } - if (config.auth?.enableAuth && config.auth?.authEngine === 'api-key') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'api-key' && + authorization + ) { security.push({apiKeyAuth: []}); } diff --git a/src/routes/custom-queries/custom-queries.ts b/src/routes/custom-queries/custom-queries.ts index 7ab3834..e942130 100644 --- a/src/routes/custom-queries/custom-queries.ts +++ b/src/routes/custom-queries/custom-queries.ts @@ -86,11 +86,18 @@ export function registerCustomQueryRoutes( const queryProperties: Record = {}; const bodyProperties: Record = {}; - // uniqie api identifier + // constructing the api identifier const apiIdentifier = `customAPIs->customQueries->${cq.name}`; + + // extracting the api configs based on the api identifier const webhookConfig = config.apis?.[apiIdentifier]?.webhooks ?? null; const sspConfig = config.apis?.[apiIdentifier]?.ssp ?? []; - const authorization = config.apis?.[apiIdentifier]?.authorization ?? false; + // calculating the authroization based on auth flag, it can be true + // if the api level auth is enabled, or if the app level auth is enabled + const authorization = + config.apis?.[apiIdentifier]?.authorization ?? + config.auth?.enableAuth ?? + false; // body parameters are always in between @@ // path parameters are always in between $$ @@ -195,18 +202,31 @@ export function registerCustomQueryRoutes( const security: Array<{[key: string]: string[]}> = []; - if (config.auth?.enableAuth && config.auth?.authEngine === 'up-auth') { + // adding the security based on the auth flag and auth engine + // if the auth flag is enabled and the auth engine is up-auth, then add the bearerAuth + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'up-auth' && + authorization + ) { security.push({bearerAuth: []}); } - if (config.auth?.enableAuth && config.auth?.authEngine === 'api-key') { + // if the auth flag is enabled and the auth engine is api-key, then add the apiKeyAuth + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'api-key' && + authorization + ) { security.push({apiKeyAuth: []}); } + // if there is any security configutaion required then add it to the swagger schema if (security.length > 0) { schema.security = security; } + // registering the route app.route({ method: cq.method, url: routePath, diff --git a/src/routes/operations/delete.ts b/src/routes/operations/delete.ts index 6f57e9f..ea77ef9 100644 --- a/src/routes/operations/delete.ts +++ b/src/routes/operations/delete.ts @@ -35,11 +35,19 @@ export function registerDeleteRoutes( f.supportedOperations?.includes('deletable'), ); - // Unique api identifier + // constructing the api identifier const apiIdentifier = `modelAPIs->delete->${model.name}`; + + // extracting the api configs based on the api identifier const webhookConfig = config.apis?.[apiIdentifier]?.webhooks ?? null; const sspConfig = config.apis?.[apiIdentifier]?.ssp ?? []; - const authorization = config.apis?.[apiIdentifier]?.authorization ?? false; + + // calculating the authroization based on auth flag, it can be true + // if the api level auth is enabled, or if the app level auth is enabled + const authorization = + config.apis?.[apiIdentifier]?.authorization ?? + config.auth?.enableAuth ?? + false; // If we have deletable fields, we register a DELETE route for each. for (const field of deletableFields) { @@ -48,6 +56,7 @@ export function registerDeleteRoutes( field, model, config, + authorization, ); app.delete( @@ -56,6 +65,7 @@ export function registerDeleteRoutes( schema, preValidation: async request => enforceSSP(sspConfig, request), preHandler: async (request, reply) => { + // checking the authorization if (config.auth?.enableAuth && authorization) { try { await request.jwtVerify(); @@ -115,6 +125,7 @@ function generateSchema( field: ModelFieldConfig, model: ModelConfig, config: AppConfig, + authorization: boolean, ) { const paramSchema = mapDataTypeToJsonSchema(field.type); @@ -143,11 +154,19 @@ function generateSchema( const security: Array<{[key: string]: string[]}> = []; - if (config.auth?.enableAuth && config.auth?.authEngine === 'up-auth') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'up-auth' && + authorization + ) { security.push({bearerAuth: []}); } - if (config.auth?.enableAuth && config.auth?.authEngine === 'api-key') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'api-key' && + authorization + ) { security.push({apiKeyAuth: []}); } diff --git a/src/routes/operations/edit.ts b/src/routes/operations/edit.ts index 8905a1b..a5d01ba 100644 --- a/src/routes/operations/edit.ts +++ b/src/routes/operations/edit.ts @@ -38,11 +38,19 @@ export function registerEditRoutes( f.supportedOperations?.includes('editable'), ); - // unique api identifier + // constructing the api identifier const apiIdentifier = `modelAPIs->edit->${model.name}`; + + // extracting the api configs based on the api identifier const webhookConfig = config.apis?.[apiIdentifier]?.webhooks ?? null; const sspConfig = config.apis?.[apiIdentifier]?.ssp ?? []; - const authorization = config.apis?.[apiIdentifier]?.authorization ?? false; + + // calculating the authroization based on auth flag, it can be true + // if the api level auth is enabled, or if the app level auth is enabled + const authorization = + config.apis?.[apiIdentifier]?.authorization ?? + config.auth?.enableAuth ?? + false; for (const field of editableFields) { const isUnique = field.primaryKey || field.unique; @@ -122,11 +130,19 @@ export function registerEditRoutes( const security: Array<{[key: string]: string[]}> = []; - if (config.auth?.enableAuth && config.auth?.authEngine === 'up-auth') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'up-auth' && + authorization + ) { security.push({bearerAuth: []}); } - if (config.auth?.enableAuth && config.auth?.authEngine === 'api-key') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'api-key' && + authorization + ) { security.push({apiKeyAuth: []}); } diff --git a/src/routes/operations/get-all.ts b/src/routes/operations/get-all.ts index 93f1956..8f221d3 100644 --- a/src/routes/operations/get-all.ts +++ b/src/routes/operations/get-all.ts @@ -35,13 +35,25 @@ export function registerGetAllRoutes( const {models} = config; for (const model of models) { - // unique api identifier + // constructing the api identifier const apiIdentifier = `modelAPIs->getAll->${model.name}`; + + // extracting the api configs based on the api identifier const webhookConfig = config.apis?.[apiIdentifier]?.webhooks ?? null; const sspConfig = config.apis?.[apiIdentifier]?.ssp ?? []; - const authorization = config.apis?.[apiIdentifier]?.authorization ?? false; - const schema: Record = generateSchema(model, config); + // calculating the authroization based on auth flag, it can be true + // if the api level auth is enabled, or if the app level auth is enabled + const authorization = + config.apis?.[apiIdentifier]?.authorization ?? + config.auth?.enableAuth ?? + false; + + const schema: Record = generateSchema( + model, + config, + authorization, + ); app.get( `/${model.name}/`, @@ -49,8 +61,10 @@ export function registerGetAllRoutes( schema, preValidation: async request => enforceSSP(sspConfig, request), preHandler: async (request, reply) => { + console.log('I am here'); if (config.auth?.enableAuth && authorization) { try { + console.log('I am running to verify JWT?'); await request.jwtVerify(); } catch { return reply @@ -77,6 +91,7 @@ export function registerGetAllRoutes( }, }, async (request: FastifyRequest, reply: FastifyReply) => { + console.log(request.user); const queryParams = request.query as Record; const tableName = model.name; @@ -146,7 +161,11 @@ export function registerGetAllRoutes( ); } } -function generateSchema(model: ModelConfig, config: AppConfig) { +function generateSchema( + model: ModelConfig, + config: AppConfig, + authorization: boolean, +) { const queryProperties: Record = {}; // Add filter params for each field based on its supportedOperations @@ -205,11 +224,19 @@ function generateSchema(model: ModelConfig, config: AppConfig) { const security: Array<{[key: string]: string[]}> = []; - if (config.auth?.enableAuth && config.auth?.authEngine === 'up-auth') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'up-auth' && + authorization + ) { security.push({bearerAuth: []}); } - if (config.auth?.enableAuth && config.auth?.authEngine === 'api-key') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'api-key' && + authorization + ) { security.push({apiKeyAuth: []}); } diff --git a/src/routes/operations/index-route.ts b/src/routes/operations/index-route.ts index 0f0502b..b4c8a5f 100644 --- a/src/routes/operations/index-route.ts +++ b/src/routes/operations/index-route.ts @@ -43,11 +43,19 @@ export function registerIndexRoutes( ); }); - // unique api identifier + // constructing the api identifier const apiIdentifier = `modelAPIs->index->${model.name}`; + + // extracting the api configs based on the api identifier const webhookConfig = config.apis?.[apiIdentifier]?.webhooks ?? null; const sspConfig = config.apis?.[apiIdentifier]?.ssp ?? []; - const authorization = config.apis?.[apiIdentifier]?.authorization ?? false; + + // calculating the authroization based on auth flag, it can be true + // if the api level auth is enabled, or if the app level auth is enabled + const authorization = + config.apis?.[apiIdentifier]?.authorization ?? + config.auth?.enableAuth ?? + false; // index apis means for these APIs, we can fetch data using the indexable fields // for example, if we have a field user_id in the users table, and it is indexed, @@ -57,7 +65,7 @@ export function registerIndexRoutes( schema, isUnique, }: {schema: Record; isUnique: boolean | undefined} = - generateSchema(field, model, config); + generateSchema(field, model, config, authorization); app.get( `/${model.name}/${field.name}/:${field.name}`, @@ -198,6 +206,7 @@ function generateSchema( field: ModelFieldConfig, model: ModelConfig, config: AppConfig, + authorization: boolean, ) { const isUnique = field.primaryKey || field.unique; // converting the data type of the indexable field to json schema supported type @@ -302,11 +311,19 @@ function generateSchema( const security: Array<{[key: string]: string[]}> = []; - if (config.auth?.enableAuth && config.auth?.authEngine === 'up-auth') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'up-auth' && + authorization + ) { security.push({bearerAuth: []}); } - if (config.auth?.enableAuth && config.auth?.authEngine === 'api-key') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'api-key' && + authorization + ) { security.push({apiKeyAuth: []}); } diff --git a/src/routes/operations/post.ts b/src/routes/operations/post.ts index 9af4c4d..ac60066 100644 --- a/src/routes/operations/post.ts +++ b/src/routes/operations/post.ts @@ -27,16 +27,28 @@ export function registerPostRoutes( const {models} = config; for (const model of models) { - // unique api identifier + // constructing the api identifier const apiIdentifier = `modelAPIs->insert->${model.name}`; + + // extracting the api configs based on the api identifier const webhookConfig = config.apis?.[apiIdentifier]?.webhooks ?? null; const sspConfig = config.apis?.[apiIdentifier]?.ssp ?? []; - const authorization = config.apis?.[apiIdentifier]?.authorization ?? false; + + // calculating the authroization based on auth flag, it can be true + // if the api level auth is enabled, or if the app level auth is enabled + const authorization = + config.apis?.[apiIdentifier]?.authorization ?? + config.auth?.enableAuth ?? + false; // generating the JSON schema for the request body // we ignore the primary key since it's typically auto-generated (like serial or uuid) // and we set additionalProperties to false for strict validation - const schema: Record = generateSchema(model, config); + const schema: Record = generateSchema( + model, + config, + authorization, + ); app.post( `/${model.name}/`, @@ -112,7 +124,11 @@ export function registerPostRoutes( ); } } -function generateSchema(model: ModelConfig, config: AppConfig) { +function generateSchema( + model: ModelConfig, + config: AppConfig, + authorization: boolean, +) { const bodySchema = generateJSONValidationSchema(model, { ignorePrimaryKey: true, additionalProperties: false, @@ -130,11 +146,19 @@ function generateSchema(model: ModelConfig, config: AppConfig) { const security: Array<{[key: string]: string[]}> = []; - if (config.auth?.enableAuth && config.auth?.authEngine === 'up-auth') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'up-auth' && + authorization + ) { security.push({bearerAuth: []}); } - if (config.auth?.enableAuth && config.auth?.authEngine === 'api-key') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'api-key' && + authorization + ) { security.push({apiKeyAuth: []}); } diff --git a/src/routes/operations/search.ts b/src/routes/operations/search.ts index b27a090..5d14130 100644 --- a/src/routes/operations/search.ts +++ b/src/routes/operations/search.ts @@ -38,11 +38,19 @@ export function registerSearchRoutes( f.supportedOperations?.includes('searchable'), ); - // unique api identifier + // constructing the api identifier const apiIdentifier = `modelAPIs->search->${model.name}`; + + // extracting the api configs based on the api identifier const webhookConfig = config.apis?.[apiIdentifier]?.webhooks ?? null; const sspConfig = config.apis?.[apiIdentifier]?.ssp ?? []; - const authorization = config.apis?.[apiIdentifier]?.authorization ?? false; + + // calculating the authroization based on auth flag, it can be true + // if the api level auth is enabled, or if the app level auth is enabled + const authorization = + config.apis?.[apiIdentifier]?.authorization ?? + config.auth?.enableAuth ?? + false; for (const field of searchableFields) { // defining the primary search query parameter @@ -51,6 +59,7 @@ export function registerSearchRoutes( field, model, config, + authorization, ); app.get( @@ -169,6 +178,7 @@ function generateSchema( field: ModelFieldConfig, model: ModelConfig, config: AppConfig, + authorization: boolean, ) { const queryProperties: Record = { [`${field.name}_search`]: { @@ -228,11 +238,19 @@ function generateSchema( const security: Array<{[key: string]: string[]}> = []; - if (config.auth?.enableAuth && config.auth?.authEngine === 'up-auth') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'up-auth' && + authorization + ) { security.push({bearerAuth: []}); } - if (config.auth?.enableAuth && config.auth?.authEngine === 'api-key') { + if ( + config.auth?.enableAuth && + config.auth?.authEngine === 'api-key' && + authorization + ) { security.push({apiKeyAuth: []}); } diff --git a/src/validators/config/schema.ts b/src/validators/config/schema.ts index 27778cc..be7a4a8 100644 --- a/src/validators/config/schema.ts +++ b/src/validators/config/schema.ts @@ -388,7 +388,6 @@ const apisSchema = { }, authorization: { type: 'boolean', - default: false, }, }, additionalProperties: false,