GitFOSS

GitFOSS

RegisterLogin

ethicdevs / gitfoss

Files

Fork2
William Nemenchamake sure lastUpdated is updated on SSH push too
2ce0d88 (parent 6f52d1e)12/18/2023, 11:21:16 AM
~app/controllers/ssh-auth.ts
.ts
TypeScript
(application/typescript)
// 3rd-party
import type { ReqHandler } from "@ethicdevs/react-monolith";

import { GitServer } from "@ethicdevs/fastify-git-server";
import { AppRoute, AppRouteParams } from "../routes.defs";
import { makeGitServerService } from "../services/gitServer";

const onSSHAuth: ReqHandler<AppRouteParams, AppRoute.SSH_AUTH> = async (
  request,
  reply
) => {
  const gitService = makeGitServerService({
    request,
    cryptoService: request.cryptoService,
  });

  request.body =
    typeof request.body === "string" ? JSON.parse(request.body) : request.body;

  const { command, repoSlug, username, publicKey } = request.body;

  const result = await gitService.repositoryResolver(
    repoSlug.replace(/\.git$/, "")
  );

  let { authMode, gitRepositoryDir } = result;
  gitRepositoryDir = gitRepositoryDir.toString().endsWith(".git")
    ? gitRepositoryDir
    : `${gitRepositoryDir}.git`;

  if (
    authMode === GitServer.AuthMode.NEVER ||
    (authMode === GitServer.AuthMode.PUSH_ONLY &&
      command !== "git-receive-pack") // push
  ) {
    reply.status(200).send({
      success: true,
      authMode,
      command,
      gitRepositoryDir,
    });
    return;
  }

  const isAuthorizationValid = await gitService.authorizationResolver(
    repoSlug.replace(/\.git$/, "") + ".pub", // indicates publicKey auth
    {
      username,
      password: publicKey,
    }
  );

  if (isAuthorizationValid) {
    const [orgSlug, repoName] = repoSlug.replace(/\.git$/, "").split("/");
    request.prisma.repository
      .findFirst({
        where: {
          slug: repoName,
          organization: {
            slug: orgSlug,
          },
        },
      })
      .then(async (repo) => {
        if (repo == null) return Promise.resolve(null);
        const updatedRepo = await request.prisma.repository.update({
          where: {
            id: repo.id,
          },
          data: {
            lastPushedAt: new Date(Date.now()),
          },
        });
        return updatedRepo;
      });
  }

  reply.status(isAuthorizationValid ? 200 : 403).send({
    success: isAuthorizationValid,
    authMode,
    command,
    gitRepositoryDir,
  });
};

export const SSHAuthController = {
  onSSHAuth,
};

GitFOSS • v0.2.0 (#421408f) • MIT License