Skip to content

Commit

Permalink
Allow thirdweb-preview.com for api-server auht (#251)
Browse files Browse the repository at this point in the history
  • Loading branch information
@adam-maj
adam-maj authored Oct 23, 2023
1 parent 350f189 commit 7616e88
Show file tree
Hide file tree
Showing 2 changed files with 51 additions and 36 deletions.
42 changes: 6 additions & 36 deletions server/helpers/server.ts
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,10 @@
import fastifyCors from "@fastify/cors";
import fastifyExpress from "@fastify/express";
import { TypeBoxTypeProvider } from "@fastify/type-provider-typebox";
import { authenticateJWT, parseJWT } from "@thirdweb-dev/auth";
import { parseJWT } from "@thirdweb-dev/auth";
import { ThirdwebAuth, getToken as getJWT } from "@thirdweb-dev/auth/fastify";
import { GenericAuthWallet, LocalWallet } from "@thirdweb-dev/wallets";
import { LocalWallet } from "@thirdweb-dev/wallets";
import { AsyncWallet } from "@thirdweb-dev/wallets/evm/wallets/async";
import { utils } from "ethers";
import fastify, { FastifyInstance } from "fastify";
import { apiRoutes } from "../../server/api";
import { getConfiguration } from "../../src/db/configuration/getConfiguration";
Expand All @@ -15,7 +14,7 @@ import { getToken } from "../../src/db/tokens/getToken";
import { revokeToken } from "../../src/db/tokens/revokeToken";
import { env } from "../../src/utils/env";
import { logger } from "../../src/utils/logger";
import { TAuthData, TAuthSession } from "../middleware/auth";
import { TAuthData, TAuthSession, authWithApiServer } from "../middleware/auth";
import { errorHandler } from "../middleware/error";
import { Permission } from "../schemas/auth";
import { openapi } from "./openapi";
Expand Down Expand Up @@ -222,38 +221,9 @@ const createServer = async (): Promise<FastifyInstance> => {
}

// 2. Otherwise, check if the token is a valid api-server JWT
const user = await authenticateJWT({
wallet: {
type: "evm",
getAddress: async () => "0x016757dDf2Ab6a998a4729A80a091308d9059E17",
verifySignature: async (
message: string,
signature: string,
address: string,
) => {
try {
const messageHash = utils.hashMessage(message);
const messageHashBytes = utils.arrayify(messageHash);
const recoveredAddress = utils.recoverAddress(
messageHashBytes,
signature,
);

if (recoveredAddress === address) {
return true;
}
} catch {
// no-op
}

return false;
},
} as GenericAuthWallet,
jwt,
options: {
domain: "thirdweb.com",
},
});
const user =
(await authWithApiServer(jwt, "thirdweb.com")) ||
(await authWithApiServer(jwt, "thirdweb-preview.com"));

// If we have an api-server user, return it with the proper permissions
if (user) {
Expand Down
45 changes: 45 additions & 0 deletions server/middleware/auth.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
import { Json, User, authenticateJWT } from "@thirdweb-dev/auth";
import { ThirdwebAuthUser } from "@thirdweb-dev/auth/fastify";
import { GenericAuthWallet } from "@thirdweb-dev/wallets";
import { utils } from "ethers";

export type TAuthData = never;
export type TAuthSession = { permissions: string };
Expand All @@ -8,3 +11,45 @@ declare module "fastify" {
user: ThirdwebAuthUser<TAuthData, TAuthSession>;
}
}

export const authWithApiServer = async (jwt: string, domain: string) => {
let user: User<Json> | null = null;
try {
user = await authenticateJWT({
wallet: {
type: "evm",
getAddress: async () => "0x016757dDf2Ab6a998a4729A80a091308d9059E17",
verifySignature: async (
message: string,
signature: string,
address: string,
) => {
try {
const messageHash = utils.hashMessage(message);
const messageHashBytes = utils.arrayify(messageHash);
const recoveredAddress = utils.recoverAddress(
messageHashBytes,
signature,
);

if (recoveredAddress === address) {
return true;
}
} catch {
// no-op
}

return false;
},
} as GenericAuthWallet,
jwt,
options: {
domain,
},
});
} catch {
// no-op
}

return user;
};

0 comments on commit 7616e88

Please sign in to comment.