mirror of
https://github.com/n8n-io/n8n.git
synced 2024-12-30 06:59:41 -08:00
af49e95cc7
Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> Co-authored-by: Jan Oberhauser <jan.oberhauser@gmail.com> Co-authored-by: Jesper Bylund <mail@jesperbylund.com> Co-authored-by: OlegIvaniv <me@olegivaniv.com> Co-authored-by: Deborah <deborah@starfallprojects.co.uk> Co-authored-by: Jan Oberhauser <janober@users.noreply.github.com> Co-authored-by: Jon <jonathan.bennetts@gmail.com> Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> Co-authored-by: Michael Kret <88898367+michael-radency@users.noreply.github.com> Co-authored-by: Giulio Andreini <andreini@netseven.it> Co-authored-by: Mason Geloso <Mason.geloso@gmail.com> Co-authored-by: Mason Geloso <hone@Masons-Mac-mini.local> Co-authored-by: Mutasem Aldmour <mutasem@n8n.io>
55 lines
1.9 KiB
TypeScript
55 lines
1.9 KiB
TypeScript
import type { ICredentialDataDecryptedObject, IWebhookFunctions } from 'n8n-workflow';
|
|
import basicAuth from 'basic-auth';
|
|
import { ChatTriggerAuthorizationError } from './error';
|
|
import type { AuthenticationChatOption } from './types';
|
|
|
|
export async function validateAuth(context: IWebhookFunctions) {
|
|
const authentication = context.getNodeParameter('authentication') as AuthenticationChatOption;
|
|
const req = context.getRequestObject();
|
|
const headers = context.getHeaderData();
|
|
|
|
if (authentication === 'none') {
|
|
return;
|
|
} else if (authentication === 'basicAuth') {
|
|
// Basic authorization is needed to call webhook
|
|
let expectedAuth: ICredentialDataDecryptedObject | undefined;
|
|
try {
|
|
expectedAuth = await context.getCredentials('httpBasicAuth');
|
|
} catch {}
|
|
|
|
if (expectedAuth === undefined || !expectedAuth.user || !expectedAuth.password) {
|
|
// Data is not defined on node so can not authenticate
|
|
throw new ChatTriggerAuthorizationError(500, 'No authentication data defined on node!');
|
|
}
|
|
|
|
const providedAuth = basicAuth(req);
|
|
// Authorization data is missing
|
|
if (!providedAuth) throw new ChatTriggerAuthorizationError(401);
|
|
|
|
if (providedAuth.name !== expectedAuth.user || providedAuth.pass !== expectedAuth.password) {
|
|
// Provided authentication data is wrong
|
|
throw new ChatTriggerAuthorizationError(403);
|
|
}
|
|
} else if (authentication === 'n8nUserAuth') {
|
|
const webhookName = context.getWebhookName();
|
|
|
|
function getCookie(name: string) {
|
|
const value = `; ${headers.cookie}`;
|
|
const parts = value.split(`; ${name}=`);
|
|
|
|
if (parts.length === 2) {
|
|
return parts.pop()?.split(';').shift();
|
|
}
|
|
return '';
|
|
}
|
|
|
|
const authCookie = getCookie('n8n-auth');
|
|
if (!authCookie && webhookName !== 'setup') {
|
|
// Data is not defined on node so can not authenticate
|
|
throw new ChatTriggerAuthorizationError(500, 'User not authenticated!');
|
|
}
|
|
}
|
|
|
|
return;
|
|
}
|