Infrastructure/logto
0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-01-13 21:30:30 -05:00
Code Issues Activity

feat(core): add customJwt paywall guard to core API

Browse source 
add customJwt paywall guard to core API
This commit is contained in:
simeng-li 2024-04-15 11:03:27 +08:00
parent 559331d51e
commit 6e2904c596
No known key found for this signature in database
GPG key ID: 14EA7BB1541E8075
4 changed files with 15 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/core/package.json
View file

@ -92,7 +92,7 @@
"zod": "^3.22.4" "zod": "^3.22.4"
}, },
"devDependencies": { "devDependencies": {
"@logto/cloud": "0.2.5-749cae5", "@logto/cloud": "0.2.5-94f7bcc",
"@silverhand/eslint-config": "5.0.0", "@silverhand/eslint-config": "5.0.0",
"@silverhand/ts-config": "5.0.0", "@silverhand/ts-config": "5.0.0",
"@types/debug": "^4.1.7", "@types/debug": "^4.1.7",

3
packages/core/src/libraries/quota.ts
View file

@ -1,5 +1,5 @@
import { ConnectorType, DemoConnector } from '@logto/connector-kit'; import { ConnectorType, DemoConnector } from '@logto/connector-kit';
import { RoleType, ReservedPlanId } from '@logto/schemas'; import { ReservedPlanId, RoleType } from '@logto/schemas';
import { EnvSet } from '#src/env-set/index.js'; import { EnvSet } from '#src/env-set/index.js';
import RequestError from '#src/errors/RequestError/index.js'; import RequestError from '#src/errors/RequestError/index.js';
@ -72,6 +72,7 @@ export const createQuotaLibrary = (
ssoEnabled: notNumber, ssoEnabled: notNumber,
omniSignInEnabled: notNumber, // No limit for now omniSignInEnabled: notNumber, // No limit for now
builtInEmailConnectorEnabled: notNumber, // No limit for now builtInEmailConnectorEnabled: notNumber, // No limit for now
customJwtEnabled: notNumber, // No limit for now
}; };
const getTenantUsage = async (key: keyof FeatureQuota, queryKey?: string): Promise<number> => { const getTenantUsage = async (key: keyof FeatureQuota, queryKey?: string): Promise<number> => {

9
packages/core/src/routes/logto-config/jwt-customizer.ts
View file

@ -14,6 +14,7 @@ import { ZodError, z } from 'zod';
import { EnvSet } from '#src/env-set/index.js'; import { EnvSet } from '#src/env-set/index.js';
import RequestError, { formatZodError } from '#src/errors/RequestError/index.js'; import RequestError, { formatZodError } from '#src/errors/RequestError/index.js';
import koaGuard, { parse } from '#src/middleware/koa-guard.js'; import koaGuard, { parse } from '#src/middleware/koa-guard.js';
import koaQuotaGuard from '#src/middleware/koa-quota-guard.js';
import type { AuthedRouter, RouterInitArgs } from '../types.js'; import type { AuthedRouter, RouterInitArgs } from '../types.js';
@ -31,7 +32,10 @@ const getJwtTokenKeyAndBody = (tokenPath: LogtoJwtTokenKeyType, body: unknown) =
}; };
export default function logtoConfigJwtCustomizerRoutes<T extends AuthedRouter>( export default function logtoConfigJwtCustomizerRoutes<T extends AuthedRouter>(
...[router, { id: tenantId, queries, logtoConfigs, cloudConnection }]: RouterInitArgs<T> ...[
router,
{ id: tenantId, queries, logtoConfigs, cloudConnection, libraries },
]: RouterInitArgs<T>
) { ) {
const { getRowsByKeys, deleteJwtCustomizer } = queries.logtoConfigs; const { getRowsByKeys, deleteJwtCustomizer } = queries.logtoConfigs;
const { const {
@ -60,6 +64,7 @@ export default function logtoConfigJwtCustomizerRoutes<T extends AuthedRouter>(
response: accessTokenJwtCustomizerGuard.or(clientCredentialsJwtCustomizerGuard), response: accessTokenJwtCustomizerGuard.or(clientCredentialsJwtCustomizerGuard),
status: [200, 201, 400, 403], status: [200, 201, 400, 403],
}), }),
koaQuotaGuard({ key: 'customJwtEnabled', quota: libraries.quota }),
async (ctx, next) => { async (ctx, next) => {
const { isCloud, isIntegrationTest } = EnvSet.values; const { isCloud, isIntegrationTest } = EnvSet.values;
if (tenantId === adminTenantId && isCloud && !isIntegrationTest) { if (tenantId === adminTenantId && isCloud && !isIntegrationTest) {
@ -109,6 +114,7 @@ export default function logtoConfigJwtCustomizerRoutes<T extends AuthedRouter>(
response: accessTokenJwtCustomizerGuard.or(clientCredentialsJwtCustomizerGuard), response: accessTokenJwtCustomizerGuard.or(clientCredentialsJwtCustomizerGuard),
status: [200, 400, 404], status: [200, 400, 404],
}), }),
koaQuotaGuard({ key: 'customJwtEnabled', quota: libraries.quota }),
async (ctx, next) => { async (ctx, next) => {
const { isIntegrationTest } = EnvSet.values; const { isIntegrationTest } = EnvSet.values;
@ -211,6 +217,7 @@ export default function logtoConfigJwtCustomizerRoutes<T extends AuthedRouter>(
response: jsonObjectGuard, response: jsonObjectGuard,
status: [200, 400, 403, 422], status: [200, 400, 403, 422],
}), }),
koaQuotaGuard({ key: 'customJwtEnabled', quota: libraries.quota }),
async (ctx, next) => { async (ctx, next) => {
const { body } = ctx.guard; const { body } = ctx.guard;

8
pnpm-lock.yaml generated
View file

@ -3205,8 +3205,8 @@ importers:
version: 3.22.4 version: 3.22.4
devDependencies: devDependencies:
'@logto/cloud': '@logto/cloud':
specifier: 0.2.5-749cae5 specifier: 0.2.5-94f7bcc
version: 0.2.5-749cae5(zod@3.22.4) version: 0.2.5-94f7bcc(zod@3.22.4)
'@silverhand/eslint-config': '@silverhand/eslint-config':
specifier: 5.0.0 specifier: 5.0.0
version: 5.0.0(eslint@8.44.0)(prettier@3.0.0)(typescript@5.3.3) version: 5.0.0(eslint@8.44.0)(prettier@3.0.0)(typescript@5.3.3)
@ -7647,8 +7647,8 @@ packages:
jose: 5.2.2 jose: 5.2.2
dev: true dev: true
/@logto/cloud@0.2.5-749cae5(zod@3.22.4): /@logto/cloud@0.2.5-94f7bcc(zod@3.22.4):
resolution: {integrity: sha512-QzebHRSBShQwOsKAvYlVd7QF43RlrHOt/nmwrlRNW4F9U0DUEFaeLZujYS56oxjQ49GRdsOPKSQCE97wRB7NNQ==} resolution: {integrity: sha512-1nY3o1/gXgEIqgvjel2no0X3rR+BGnfozB7Vev+FY2qTkDyQIWRtHAnx+kkv4iEIIFcZW86LRNlvfjDUqR2yIg==}
engines: {node: ^20.9.0} engines: {node: ^20.9.0}
dependencies: dependencies:
'@silverhand/essentials': 2.9.0 '@silverhand/essentials': 2.9.0