MCPcopy
hub / github.com/parse-community/parse-server / resolveKeyAuth

Function resolveKeyAuth

src/middlewares.js:448–495  ·  view source on GitHub ↗
({ config, keyValue, maintenanceKeyValue, installationId, clientIp })

Source from the content-addressed store, hash-verified

446}
447
448async function resolveKeyAuth({ config, keyValue, maintenanceKeyValue, installationId, clientIp }) {
449 if (maintenanceKeyValue && maintenanceKeyValue === config.maintenanceKey) {
450 if (checkIp(clientIp, config.maintenanceKeyIps || [], config.maintenanceKeyIpsStore)) {
451 return new auth.Auth({ config, installationId, isMaintenance: true });
452 }
453 const log = config.loggerController || defaultLogger;
454 log.error(
455 `Request using maintenance key rejected as the request IP address '${clientIp}' is not set in Parse Server option 'maintenanceKeyIps'.`
456 );
457 const error = new Error();
458 error.status = 403;
459 error.message = 'unauthorized';
460 throw error;
461 }
462 const masterKey = await config.loadMasterKey();
463 if (keyValue === masterKey) {
464 if (checkIp(clientIp, config.masterKeyIps || [], config.masterKeyIpsStore)) {
465 return new auth.Auth({ config, installationId, isMaster: true });
466 }
467 const log = config.loggerController || defaultLogger;
468 log.error(
469 `Request using master key rejected as the request IP address '${clientIp}' is not set in Parse Server option 'masterKeyIps'.`
470 );
471 const error = new Error();
472 error.status = 403;
473 error.message = 'unauthorized';
474 throw error;
475 }
476 if (
477 keyValue &&
478 typeof config.readOnlyMasterKey !== 'undefined' &&
479 config.readOnlyMasterKey &&
480 keyValue === config.readOnlyMasterKey
481 ) {
482 if (checkIp(clientIp, config.readOnlyMasterKeyIps || [], config.readOnlyMasterKeyIpsStore)) {
483 return new auth.Auth({ config, installationId, isMaster: true, isReadOnly: true });
484 }
485 const log = config.loggerController || defaultLogger;
486 log.error(
487 `Request using read-only master key rejected as the request IP address '${clientIp}' is not set in Parse Server option 'readOnlyMasterKeyIps'.`
488 );
489 const error = new Error();
490 error.status = 403;
491 error.message = 'unauthorized';
492 throw error;
493 }
494 return null;
495}
496
497export function handleParseAuth(appId) {
498 return async (req, res, next) => {

Callers 2

handleParseHeadersFunction · 0.85
handleParseAuthFunction · 0.85

Calls 3

checkIpFunction · 0.85
errorMethod · 0.80
loadMasterKeyMethod · 0.80

Tested by

no test coverage detected