14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# File 'lib/better_auth/api_key/session.rb', line 14
def hook(ctx, config)
config = (ctx, config) || config
key = BetterAuth::APIKey::Keys.(ctx, config)
unless key.is_a?(String)
raise BetterAuth::APIError.new("BAD_REQUEST", message: BetterAuth::Plugins::API_KEY_ERROR_CODES["INVALID_API_KEY_GETTER_RETURN_TYPE"])
end
raise BetterAuth::APIError.new("FORBIDDEN", message: BetterAuth::Plugins::API_KEY_ERROR_CODES["INVALID_API_KEY"]) if key.length < config[:default_key_length].to_i
if config[:custom_api_key_validator].respond_to?(:call) && !config[:custom_api_key_validator].call({ctx: ctx, key: key})
raise BetterAuth::APIError.new("FORBIDDEN", message: BetterAuth::Plugins::API_KEY_ERROR_CODES["INVALID_API_KEY"])
end
record = BetterAuth::Plugins.api_key_validate!(ctx, key, config)
BetterAuth::APIKey::Routes.schedule_cleanup(ctx, config)
if config[:references].to_s != "user"
raise BetterAuth::APIError.new(
"UNAUTHORIZED",
message: BetterAuth::Plugins::API_KEY_ERROR_CODES["INVALID_REFERENCE_ID_FROM_API_KEY"],
code: "INVALID_REFERENCE_ID_FROM_API_KEY"
)
end
reference_id = BetterAuth::APIKey::Types.record_reference_id(record)
user = ctx.context.internal_adapter.find_user_by_id(reference_id)
unless user
raise BetterAuth::APIError.new(
"UNAUTHORIZED",
message: BetterAuth::Plugins::API_KEY_ERROR_CODES["INVALID_REFERENCE_ID_FROM_API_KEY"],
code: "INVALID_REFERENCE_ID_FROM_API_KEY"
)
end
session = {
user: user,
session: {
"id" => record["id"],
"token" => key,
"userId" => reference_id,
"userAgent" => ctx.["user-agent"],
"ipAddress" => BetterAuth::RequestIP.client_ip(ctx.request || ctx., ctx.context.options),
"createdAt" => Time.now,
"updatedAt" => Time.now,
"expiresAt" => record["expiresAt"] || (Time.now + ctx.context.options.session[:expires_in].to_i)
}
}
ctx.context.set_current_session(session)
nil
end
|