obsrv-web-console/src/main/controllers/user_read.ts at e6244f3b57d49cd817e7fa2593481a4287cdcdf6 · Sanketika-Obsrv/obsrv-web-console · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
import { NextFunction, Request, Response } from 'express';
import _ from 'lodash';
import userService from '../services/oauthUsers';
import { transform } from '../../shared/utils/transformResponse';
import appConfig from '../../shared/resources/appConfig';

const authenticationType = appConfig.AUTHENTICATION_TYPE;

const getUserDetails = function (request: Request) {
    if (authenticationType === 'basic') {
        const token = _.get(request, ['session', 'token']);
        const userName = _.get(request, ['session', 'userDetails', 'user_name']);
        const userDetails = {
            token: token,
            sessionUserName: userName,
        };
        return userDetails;
    } else if (authenticationType === 'keycloak') {
        const sessionToken = _.get(request, ['session','keycloak-token']);
        const keycloakToken = typeof sessionToken === 'string' ? JSON.parse(sessionToken) : sessionToken;
        const access_token = keycloakToken?.access_token;
        const preferred_username = request?.session?.preferred_username;
        const userDetails = {
            token: access_token,
            sessionUserName: preferred_username,
        };
        return userDetails;
    }
};

export default {
    name: 'user:read',
    handler: () => async (request: Request, response: Response, next: NextFunction) => {
        try {
            const { user_name } = _.get(request, ['params']);
            const sessionUserDetails = getUserDetails(request);
            const sessionUserName = sessionUserDetails?.sessionUserName;
            const user = await userService.find({ user_name: sessionUserName });
            const { password, ...userInfo } = user;

            const responseData = {
                id: 'api.user.read',
                result: userInfo,
            };
            const { fields } = _.get(request, ['query']);
            const includeToken = _.toLower(_.toString(fields)) === 'user_token';
            if (includeToken) {
                responseData.result.token = sessionUserDetails?.token;
            }
            response.setHeader('Strict-Transport-Security', 'max-age=31536000; includeSubDomains; preload');
            response.status(200).json(transform(responseData));
        } catch (error) {
            next(error);
        }
    },
};