initial v0.8 pre-release

2025-07-14 09:44:16 +02:00 · 2022-10-30 10:28:14 +02:00
parent 9cbb2e750e
commit 90dba45d7c
388 changed files with 21580 additions and 13603 deletions
--- a/apis/middlewares.go
+++ b/apis/middlewares.go
@ -11,30 +11,32 @@ import (
 	"github.com/labstack/echo/v5"
 	"github.com/pocketbase/pocketbase/core"
 	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tools/rest"
+	"github.com/pocketbase/pocketbase/tokens"
+	"github.com/pocketbase/pocketbase/tools/list"
 	"github.com/pocketbase/pocketbase/tools/routine"
+	"github.com/pocketbase/pocketbase/tools/security"
 	"github.com/pocketbase/pocketbase/tools/types"
 	"github.com/spf13/cast"
 )

 // Common request context keys used by the middlewares and api handlers.
 const (
-	ContextUserKey       string = "user"
 	ContextAdminKey      string = "admin"
+	ContextAuthRecordKey string = "authRecord"
 	ContextCollectionKey string = "collection"
 )

 // RequireGuestOnly middleware requires a request to NOT have a valid
-// Authorization header set.
+// Authorization header.
 //
-// This middleware is the opposite of [apis.RequireAdminOrUserAuth()].
+// This middleware is the opposite of [apis.RequireAdminOrRecordAuth()].
 func RequireGuestOnly() echo.MiddlewareFunc {
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(c echo.Context) error {
-			err := rest.NewBadRequestError("The request can be accessed only by guests.", nil)
+			err := NewBadRequestError("The request can be accessed only by guests.", nil)

-			user, _ := c.Get(ContextUserKey).(*models.User)
-			if user != nil {
+			record, _ := c.Get(ContextAuthRecordKey).(*models.Record)
+			if record != nil {
 				return err
 			}

@ -48,14 +50,55 @@ func RequireGuestOnly() echo.MiddlewareFunc {
 	}
 }

-// RequireUserAuth middleware requires a request to have
-// a valid user Authorization header set (aka. `Authorization: User ...`).
-func RequireUserAuth() echo.MiddlewareFunc {
+// RequireRecordAuth middleware requires a request to have
+// a valid record auth Authorization header.
+//
+// The auth record could be from any collection.
+//
+// You can further filter the allowed record auth collections by
+// specifying their names.
+//
+// Example:
+//   apis.RequireRecordAuth()
+// Or:
+//   apis.RequireRecordAuth("users", "supervisors")
+//
+// To restrict the auth record only to the loaded context collection,
+// use [apis.RequireSameContextRecordAuth()] instead.
+func RequireRecordAuth(optCollectionNames ...string) echo.MiddlewareFunc {
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(c echo.Context) error {
-			user, _ := c.Get(ContextUserKey).(*models.User)
-			if user == nil {
-				return rest.NewUnauthorizedError("The request requires valid user authorization token to be set.", nil)
+			record, _ := c.Get(ContextAuthRecordKey).(*models.Record)
+			if record == nil {
+				return NewUnauthorizedError("The request requires valid record authorization token to be set.", nil)
+			}
+
+			// check record collection name
+			if len(optCollectionNames) > 0 && !list.ExistInSlice(record.Collection().Name, optCollectionNames) {
+				return NewForbiddenError("The authorized record model is not allowed to perform this action.", nil)
+			}
+
+			return next(c)
+		}
+	}
+}
+
+//
+// RequireSameContextRecordAuth middleware requires a request to have
+// a valid record Authorization header.
+//
+// The auth record must be from the same collection already loaded in the context.
+func RequireSameContextRecordAuth() echo.MiddlewareFunc {
+	return func(next echo.HandlerFunc) echo.HandlerFunc {
+		return func(c echo.Context) error {
+			record, _ := c.Get(ContextAuthRecordKey).(*models.Record)
+			if record == nil {
+				return NewUnauthorizedError("The request requires valid record authorization token to be set.", nil)
+			}
+
+			collection, _ := c.Get(ContextCollectionKey).(*models.Collection)
+			if collection == nil || record.Collection().Id != collection.Id {
+				return NewForbiddenError(fmt.Sprintf("The request requires auth record from %s collection.", record.Collection().Name), nil)
 			}

 			return next(c)
@ -64,13 +107,13 @@ func RequireUserAuth() echo.MiddlewareFunc {
 }

 // RequireAdminAuth middleware requires a request to have
-// a valid admin Authorization header set (aka. `Authorization: Admin ...`).
+// a valid admin Authorization header.
 func RequireAdminAuth() echo.MiddlewareFunc {
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(c echo.Context) error {
 			admin, _ := c.Get(ContextAdminKey).(*models.Admin)
 			if admin == nil {
-				return rest.NewUnauthorizedError("The request requires admin authorization token to be set.", nil)
+				return NewUnauthorizedError("The request requires valid admin authorization token to be set.", nil)
 			}

 			return next(c)
@ -79,14 +122,14 @@ func RequireAdminAuth() echo.MiddlewareFunc {
 }

 // RequireAdminAuthOnlyIfAny middleware requires a request to have
-// a valid admin Authorization header set (aka. `Authorization: Admin ...`)
-// ONLY if the application has at least 1 existing Admin model.
+// a valid admin Authorization header ONLY if the application has
+// at least 1 existing Admin model.
 func RequireAdminAuthOnlyIfAny(app core.App) echo.MiddlewareFunc {
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(c echo.Context) error {
 			totalAdmins, err := app.Dao().TotalAdmins()
 			if err != nil {
-				return rest.NewBadRequestError("Failed to fetch admins info.", err)
+				return NewBadRequestError("Failed to fetch admins info.", err)
 			}

 			admin, _ := c.Get(ContextAdminKey).(*models.Admin)
@ -95,24 +138,29 @@ func RequireAdminAuthOnlyIfAny(app core.App) echo.MiddlewareFunc {
 				return next(c)
 			}

-			return rest.NewUnauthorizedError("The request requires admin authorization token to be set.", nil)
+			return NewUnauthorizedError("The request requires valid admin authorization token to be set.", nil)
 		}
 	}
 }

-// RequireAdminOrUserAuth middleware requires a request to have
-// a valid admin or user Authorization header set
-// (aka. `Authorization: Admin ...` or `Authorization: User ...`).
+// RequireAdminOrRecordAuth middleware requires a request to have
+// a valid admin or record Authorization header set.
+//
+// You can further filter the allowed auth record collections by providing their names.
 //
 // This middleware is the opposite of [apis.RequireGuestOnly()].
-func RequireAdminOrUserAuth() echo.MiddlewareFunc {
+func RequireAdminOrRecordAuth(optCollectionNames ...string) echo.MiddlewareFunc {
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(c echo.Context) error {
 			admin, _ := c.Get(ContextAdminKey).(*models.Admin)
-			user, _ := c.Get(ContextUserKey).(*models.User)
+			record, _ := c.Get(ContextAuthRecordKey).(*models.Record)

-			if admin == nil && user == nil {
-				return rest.NewUnauthorizedError("The request requires admin or user authorization token to be set.", nil)
+			if admin == nil && record == nil {
+				return NewUnauthorizedError("The request requires admin or record authorization token to be set.", nil)
+			}
+
+			if record != nil && len(optCollectionNames) > 0 && !list.ExistInSlice(record.Collection().Name, optCollectionNames) {
+				return NewForbiddenError("The authorized record model is not allowed to perform this action.", nil)
 			}

 			return next(c)
@ -121,29 +169,33 @@ func RequireAdminOrUserAuth() echo.MiddlewareFunc {
 }

 // RequireAdminOrOwnerAuth middleware requires a request to have
-// a valid admin or user owner Authorization header set
-// (aka. `Authorization: Admin ...` or `Authorization: User ...`).
+// a valid admin or auth record owner Authorization header set.
 //
-// This middleware is similar to [apis.RequireAdminOrUserAuth()] but
-// for the user token expects to have the same id as the path parameter
-// `ownerIdParam` (default to "id").
+// This middleware is similar to [apis.RequireAdminOrRecordAuth()] but
+// for the auth record token expects to have the same id as the path
+// parameter ownerIdParam (default to "id" if empty).
 func RequireAdminOrOwnerAuth(ownerIdParam string) echo.MiddlewareFunc {
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(c echo.Context) error {
+			admin, _ := c.Get(ContextAdminKey).(*models.Admin)
+			if admin != nil {
+				return next(c)
+			}
+
+			record, _ := c.Get(ContextAuthRecordKey).(*models.Record)
+			if record == nil {
+				return NewUnauthorizedError("The request requires admin or record authorization token to be set.", nil)
+			}
+
 			if ownerIdParam == "" {
 				ownerIdParam = "id"
 			}
-
 			ownerId := c.PathParam(ownerIdParam)
-			admin, _ := c.Get(ContextAdminKey).(*models.Admin)
-			loggedUser, _ := c.Get(ContextUserKey).(*models.User)

-			if admin == nil && loggedUser == nil {
-				return rest.NewUnauthorizedError("The request requires admin or user authorization token to be set.", nil)
-			}
-
-			if admin == nil && loggedUser.Id != ownerId {
-				return rest.NewForbiddenError("You are not allowed to perform this request.", nil)
+			// note: it is "safe" to compare only the record id since the auth
+			// record ids are treated as unique across all auth collections
+			if record.Id != ownerId {
+				return NewForbiddenError("You are not allowed to perform this request.", nil)
 			}

 			return next(c)
@ -152,32 +204,41 @@ func RequireAdminOrOwnerAuth(ownerIdParam string) echo.MiddlewareFunc {
 }

 // LoadAuthContext middleware reads the Authorization request header
-// and loads the token related user or admin instance into the
+// and loads the token related record or admin instance into the
 // request's context.
 //
-// This middleware is expected to be registered by default for all routes.
+// This middleware is expected to be already registered by default for all routes.
 func LoadAuthContext(app core.App) echo.MiddlewareFunc {
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(c echo.Context) error {
 			token := c.Request().Header.Get("Authorization")
+			if token == "" {
+				return next(c)
+			}

-			if token != "" {
-				if strings.HasPrefix(token, "User ") {
-					user, err := app.Dao().FindUserByToken(
-						token[5:],
-						app.Settings().UserAuthToken.Secret,
-					)
-					if err == nil && user != nil {
-						c.Set(ContextUserKey, user)
-					}
-				} else if strings.HasPrefix(token, "Admin ") {
-					admin, err := app.Dao().FindAdminByToken(
-						token[6:],
-						app.Settings().AdminAuthToken.Secret,
-					)
-					if err == nil && admin != nil {
-						c.Set(ContextAdminKey, admin)
-					}
+			// the schema is not required and it is only for
+			// compatibility with the defaults of some HTTP clients
+			token = strings.TrimPrefix(token, "Bearer ")
+
+			claims, _ := security.ParseUnverifiedJWT(token)
+			tokenType := cast.ToString(claims["type"])
+
+			switch tokenType {
+			case tokens.TypeAdmin:
+				admin, err := app.Dao().FindAdminByToken(
+					token,
+					app.Settings().AdminAuthToken.Secret,
+				)
+				if err == nil && admin != nil {
+					c.Set(ContextAdminKey, admin)
+				}
+			case tokens.TypeAuthRecord:
+				record, err := app.Dao().FindAuthRecordByToken(
+					token,
+					app.Settings().RecordAuthToken.Secret,
+				)
+				if err == nil && record != nil {
+					c.Set(ContextAuthRecordKey, record)
 				}
 			}

@ -188,13 +249,19 @@ func LoadAuthContext(app core.App) echo.MiddlewareFunc {

 // LoadCollectionContext middleware finds the collection with related
 // path identifier and loads it into the request context.
-func LoadCollectionContext(app core.App) echo.MiddlewareFunc {
+//
+// Set optCollectionTypes to further filter the found collection by its type.
+func LoadCollectionContext(app core.App, optCollectionTypes ...string) echo.MiddlewareFunc {
 	return func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(c echo.Context) error {
 			if param := c.PathParam("collection"); param != "" {
 				collection, err := app.Dao().FindCollectionByNameOrId(param)
 				if err != nil || collection == nil {
-					return rest.NewNotFoundError("", err)
+					return NewNotFoundError("", err)
+				}
+
+				if len(optCollectionTypes) > 0 && !list.ExistInSlice(collection.Type, optCollectionTypes) {
+					return NewBadRequestError("Invalid collection type.", nil)
 				}

 				c.Set(ContextCollectionKey, collection)
@ -231,7 +298,7 @@ func ActivityLogger(app core.App) echo.MiddlewareFunc {
 					status = v.Code
 					meta["errorMessage"] = v.Message
 					meta["errorDetails"] = fmt.Sprint(v.Internal)
-				case *rest.ApiError:
+				case *ApiError:
 					status = v.Code
 					meta["errorMessage"] = v.Message
 					meta["errorDetails"] = fmt.Sprint(v.RawData())
@ -242,8 +309,8 @@ func ActivityLogger(app core.App) echo.MiddlewareFunc {
 			}

 			requestAuth := models.RequestAuthGuest
-			if c.Get(ContextUserKey) != nil {
-				requestAuth = models.RequestAuthUser
+			if c.Get(ContextAuthRecordKey) != nil {
+				requestAuth = models.RequestAuthRecord
 			} else if c.Get(ContextAdminKey) != nil {
 				requestAuth = models.RequestAuthAdmin
 			}