Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
let tokenUser1: string;
let tokenUser2: string;
@Entity()
class User extends UserWithPermissions {}
@TokenRequired({ user: fetchUserWithPermissions(User), store: TypeORMStore })
class AppController {
@Get('/bar')
@PermissionRequired('access-bar')
bar() {
return new HttpResponseNoContent();
}
@Get('/foo')
@PermissionRequired('access-foo')
foo() {
return new HttpResponseNoContent();
}
}
before(async () => {
process.env.SETTINGS_SESSION_SECRET = 'session-secret';
await createConnection({
database: 'e2e_db.sqlite',
dropSchema: true,
entities: [ User, Permission, Group ],
synchronize: true,
type: 'sqlite',
});
const user1 = new User();
@Column({ unique: true })
email: string;
@Column()
password: string;
}
@LoginRequired({ user: fetchUserWithPermissions(User) })
class MyController {
@Get('/foo')
foo() {
return new HttpResponseOK();
}
@Get('/bar')
@PermissionRequired('admin')
bar() {
return new HttpResponseOK();
}
}
class AuthController {
@Get('/logout')
logout(ctx: Context) {
logOut(ctx);
return new HttpResponseNoContent();
}
@Post('/login')
@ValidateBody({
additionalProperties: false,
properties: {
describe('[Authorization|permissions] Users', () => {
let app;
let tokenUser1: string;
let tokenUser2: string;
@Entity()
class User extends UserWithPermissions {}
@TokenRequired({ user: fetchUserWithPermissions(User), store: TypeORMStore })
class AppController {
@Get('/bar')
@PermissionRequired('access-bar')
bar() {
return new HttpResponseNoContent();
}
@Get('/foo')
@PermissionRequired('access-foo')
foo() {
return new HttpResponseNoContent();
}
}
before(async () => {
process.env.SETTINGS_SESSION_SECRET = 'session-secret';
await createConnection({
database: 'e2e_db.sqlite',
dropSchema: true,
@Column({ unique: true })
email: string;
@Column()
password: string;
}
@TokenRequired({ user: fetchUserWithPermissions(User), store: TypeORMStore, cookie: true })
class MyController {
@Get('/foo')
foo() {
return new HttpResponseOK();
}
@Get('/bar')
@PermissionRequired('admin')
bar() {
return new HttpResponseOK();
}
}
class AuthController {
@dependency
store: TypeORMStore;
@Get('/logout')
async logout(ctx: Context) {
const response = new HttpResponseNoContent();
await this.store.destroy(ctx.session.sessionID);
removeSessionCookie(response);
return new HttpResponseNoContent();
}
import { fetchUserWithPermissions, PermissionRequired } from '@foal/typeorm';
import { User } from '../entities';
@LoginRequired({ user: fetchUserWithPermissions(User), redirect: '/login' })
export class ViewController {
@Get('/')
home(ctx: Context) {
return render('./templates/home.html', {
csrfToken: ctx.request.csrfToken()
}, __dirname);
}
@Get('/admin')
@PermissionRequired('admin', { redirect: '/login' })
admin(ctx: Context) {
return render('./templates/admin.html', {
csrfToken: ctx.request.csrfToken()
}, __dirname);
}
}