MCPcopy Index your code
hub / github.com/coder/mux / isHttpRequestAuthenticated

Function isHttpRequestAuthenticated

src/node/orpc/server.ts:924–952  ·  view source on GitHub ↗
(req: express.Request)

Source from the content-addressed store, hash-verified

922 }
923
924 async function isHttpRequestAuthenticated(req: express.Request): Promise<boolean> {
925 if (!authToken?.trim()) {
926 return true;
927 }
928
929 const expectedToken = authToken.trim();
930 const presentedToken = extractBearerToken(req.header("authorization"));
931 if (presentedToken && safeEq(presentedToken, expectedToken)) {
932 return true;
933 }
934
935 const sessionTokens = extractCookieValues(req.headers.cookie, SERVER_AUTH_SESSION_COOKIE_NAME);
936 if (sessionTokens.length === 0) {
937 return false;
938 }
939
940 for (const sessionToken of sessionTokens) {
941 const validation = await context.serverAuthService.validateSessionToken(sessionToken, {
942 userAgent: req.header("user-agent") ?? undefined,
943 ipAddress: getRequestIpAddress(req),
944 });
945
946 if (validation != null) {
947 return true;
948 }
949 }
950
951 return false;
952 }
953
954 function getStringParamFromQueryOrBody(req: express.Request, key: string): string | null {
955 const queryValue = req.query[key];

Callers 1

createOrpcServerFunction · 0.85

Calls 5

safeEqFunction · 0.90
extractCookieValuesFunction · 0.90
getRequestIpAddressFunction · 0.85
validateSessionTokenMethod · 0.80
extractBearerTokenFunction · 0.70

Tested by

no test coverage detected