diff --git a/server/src/routes/auth.ts b/server/src/routes/auth.ts index c33409c2..f1403ef1 100644 --- a/server/src/routes/auth.ts +++ b/server/src/routes/auth.ts @@ -63,7 +63,7 @@ router.post('/login', async (req, res) => { } }) -router.get('/logout', async (req, res) => { +router.get('/logout', requireSignIn, async (req, res) => { try { res.clearCookie('token') return res.json({ message: 'Logout successful' }) diff --git a/server/src/routes/integration.ts b/server/src/routes/integration.ts index 3c9f8519..44dbd98f 100644 --- a/server/src/routes/integration.ts +++ b/server/src/routes/integration.ts @@ -1,10 +1,11 @@ import { Router } from 'express'; import logger from "../logger"; import { loadIntegrations, saveIntegrations } from '../workflow-management/integrations/gsheet'; +import { requireSignIn } from '../middlewares/auth'; export const router = Router(); -router.post('/upload-credentials', async (req, res) => { +router.post('/upload-credentials', requireSignIn, async (req, res) => { try { const { fileName, credentials, spreadsheetId, range } = req.body; if (!fileName || !credentials || !spreadsheetId || !range) { diff --git a/server/src/routes/record.ts b/server/src/routes/record.ts index adbd1afd..7d882e2e 100644 --- a/server/src/routes/record.ts +++ b/server/src/routes/record.ts @@ -15,6 +15,7 @@ import { chromium } from 'playwright-extra'; import stealthPlugin from 'puppeteer-extra-plugin-stealth'; import logger from "../logger"; import { getDecryptedProxyConfig } from './proxy'; +import { requireSignIn } from '../middlewares/auth'; export const router = Router(); chromium.use(stealthPlugin()); @@ -22,7 +23,7 @@ chromium.use(stealthPlugin()); /** * Logs information about remote browser recording session. */ -router.all('/', (req, res, next) => { +router.all('/', requireSignIn, (req, res, next) => { logger.log('debug', `The record API was invoked: ${req.url}`) next() // pass control to the next handler }) @@ -31,7 +32,7 @@ router.all('/', (req, res, next) => { * GET endpoint for starting the remote browser recording session. * returns session's id */ -router.get('/start', async (req, res) => { +router.get('/start', requireSignIn, async (req, res) => { const proxyConfig = await getDecryptedProxyConfig(req.user.id); // Prepare the proxy options dynamically based on the user's proxy configuration let proxyOptions: any = {}; // Default to no proxy @@ -61,7 +62,7 @@ router.get('/start', async (req, res) => { * POST endpoint for starting the remote browser recording session accepting browser launch options. * returns session's id */ -router.post('/start', (req, res) => { +router.post('/start', requireSignIn, (req, res) => { const id = initializeRemoteBrowserForRecording({ browser: chromium, launchOptions: req.body, @@ -73,7 +74,7 @@ router.post('/start', (req, res) => { * GET endpoint for terminating the remote browser recording session. * returns whether the termination was successful */ -router.get('/stop/:browserId', async (req, res) => { +router.get('/stop/:browserId', requireSignIn, async (req, res) => { const success = await destroyRemoteBrowser(req.params.browserId); return res.send(success); }); @@ -81,7 +82,7 @@ router.get('/stop/:browserId', async (req, res) => { /** * GET endpoint for getting the id of the active remote browser. */ -router.get('/active', (req, res) => { +router.get('/active', requireSignIn, (req, res) => { const id = getActiveBrowserId(); return res.send(id); }); @@ -89,7 +90,7 @@ router.get('/active', (req, res) => { /** * GET endpoint for getting the current url of the active remote browser. */ -router.get('/active/url', (req, res) => { +router.get('/active/url', requireSignIn, (req, res) => { const id = getActiveBrowserId(); if (id) { const url = getRemoteBrowserCurrentUrl(id); @@ -101,7 +102,7 @@ router.get('/active/url', (req, res) => { /** * GET endpoint for getting the current tabs of the active remote browser. */ -router.get('/active/tabs', (req, res) => { +router.get('/active/tabs', requireSignIn, (req, res) => { const id = getActiveBrowserId(); if (id) { const hosts = getRemoteBrowserCurrentTabs(id); @@ -113,7 +114,7 @@ router.get('/active/tabs', (req, res) => { /** * GET endpoint for starting an interpretation of the currently generated workflow. */ -router.get('/interpret', async (req, res) => { +router.get('/interpret', requireSignIn, async (req, res) => { try { await interpretWholeWorkflow(); return res.send('interpretation done'); @@ -125,7 +126,7 @@ router.get('/interpret', async (req, res) => { /** * GET endpoint for stopping an ongoing interpretation of the currently generated workflow. */ -router.get('/interpret/stop', async (req, res) => { +router.get('/interpret/stop', requireSignIn, async (req, res) => { await stopRunningInterpretation(); return res.send('interpretation stopped'); }); diff --git a/server/src/routes/storage.ts b/server/src/routes/storage.ts index 46ca5d85..3ce853b1 100644 --- a/server/src/routes/storage.ts +++ b/server/src/routes/storage.ts @@ -15,13 +15,14 @@ import moment from 'moment-timezone'; import cron from 'node-cron'; import { googleSheetUpdateTasks, processGoogleSheetUpdates } from '../workflow-management/integrations/gsheet'; import { getDecryptedProxyConfig } from './proxy'; +import { requireSignIn } from '../middlewares/auth'; export const router = Router(); /** * Logs information about recordings API. */ -router.all('/', (req, res, next) => { +router.all('/', requireSignIn, (req, res, next) => { logger.log('debug', `The recordings API was invoked: ${req.url}`) next() // pass control to the next handler }) @@ -29,7 +30,7 @@ router.all('/', (req, res, next) => { /** * GET endpoint for getting an array of all stored recordings. */ -router.get('/recordings', async (req, res) => { +router.get('/recordings', requireSignIn, async (req, res) => { try { const data = await readFiles('./../storage/recordings/'); return res.send(data); @@ -42,7 +43,7 @@ router.get('/recordings', async (req, res) => { /** * DELETE endpoint for deleting a recording from the storage. */ -router.delete('/recordings/:fileName', async (req, res) => { +router.delete('/recordings/:fileName', requireSignIn, async (req, res) => { try { await deleteFile(`./../storage/recordings/${req.params.fileName}.waw.json`); return res.send(true); @@ -56,7 +57,7 @@ router.delete('/recordings/:fileName', async (req, res) => { /** * GET endpoint for getting an array of runs from the storage. */ -router.get('/runs', async (req, res) => { +router.get('/runs', requireSignIn, async (req, res) => { try { const data = await readFiles('./../storage/runs/'); return res.send(data); @@ -69,7 +70,7 @@ router.get('/runs', async (req, res) => { /** * DELETE endpoint for deleting a run from the storage. */ -router.delete('/runs/:fileName', async (req, res) => { +router.delete('/runs/:fileName', requireSignIn, async (req, res) => { try { await deleteFile(`./../storage/runs/${req.params.fileName}.json`); return res.send(true); @@ -84,7 +85,7 @@ router.delete('/runs/:fileName', async (req, res) => { * PUT endpoint for starting a remote browser instance and saving run metadata to the storage. * Making it ready for interpretation and returning a runId. */ -router.put('/runs/:fileName', async (req, res) => { +router.put('/runs/:fileName', requireSignIn, async (req, res) => { try { const proxyConfig = await getDecryptedProxyConfig(req.user.id); let proxyOptions: any = {}; @@ -144,7 +145,7 @@ router.put('/runs/:fileName', async (req, res) => { /** * GET endpoint for getting a run from the storage. */ -router.get('/runs/run/:fileName/:runId', async (req, res) => { +router.get('/runs/run/:fileName/:runId', requireSignIn, async (req, res) => { try { // read the run from storage const run = await readFile(`./../storage/runs/${req.params.fileName}_${req.params.runId}.json`) @@ -160,7 +161,7 @@ router.get('/runs/run/:fileName/:runId', async (req, res) => { /** * PUT endpoint for finishing a run and saving it to the storage. */ -router.post('/runs/run/:fileName/:runId', async (req, res) => { +router.post('/runs/run/:fileName/:runId', requireSignIn, async (req, res) => { try { const recording = await readFile(`./../storage/recordings/${req.params.fileName}.waw.json`) const parsedRecording = JSON.parse(recording); @@ -218,7 +219,7 @@ router.post('/runs/run/:fileName/:runId', async (req, res) => { } }); -router.put('/schedule/:fileName/', async (req, res) => { +router.put('/schedule/:fileName/', requireSignIn, async (req, res) => { console.log(req.body); try { const { fileName } = req.params; @@ -313,7 +314,7 @@ router.put('/schedule/:fileName/', async (req, res) => { /** * POST endpoint for aborting a current interpretation of the run. */ -router.post('/runs/abort/:fileName/:runId', async (req, res) => { +router.post('/runs/abort/:fileName/:runId', requireSignIn, async (req, res) => { try { const run = await readFile(`./../storage/runs/${req.params.fileName}_${req.params.runId}.json`) const parsedRun = JSON.parse(run); diff --git a/server/src/routes/workflow.ts b/server/src/routes/workflow.ts index 73d8f490..e5c03a33 100644 --- a/server/src/routes/workflow.ts +++ b/server/src/routes/workflow.ts @@ -6,13 +6,14 @@ import { Router } from 'express'; import logger from "../logger"; import { browserPool } from "../server"; import { readFile } from "../workflow-management/storage"; +import { requireSignIn } from '../middlewares/auth'; export const router = Router(); /** * Logs information about workflow API. */ -router.all('/', (req, res, next) => { +router.all('/', requireSignIn, (req, res, next) => { logger.log('debug', `The workflow API was invoked: ${req.url}`) next() // pass control to the next handler }) @@ -21,7 +22,7 @@ router.all('/', (req, res, next) => { * GET endpoint for a recording linked to a remote browser instance. * returns session's id */ -router.get('/:browserId', (req, res) => { +router.get('/:browserId', requireSignIn, (req, res) => { const activeBrowser = browserPool.getRemoteBrowser(req.params.browserId); let workflowFile = null; if (activeBrowser && activeBrowser.generator) { @@ -33,7 +34,7 @@ router.get('/:browserId', (req, res) => { /** * Get endpoint returning the parameter array of the recording associated with the browserId browser instance. */ -router.get('/params/:browserId', (req, res) => { +router.get('/params/:browserId', requireSignIn, (req, res) => { const activeBrowser = browserPool.getRemoteBrowser(req.params.browserId); let params = null; if (activeBrowser && activeBrowser.generator) { @@ -45,7 +46,7 @@ router.get('/params/:browserId', (req, res) => { /** * DELETE endpoint for deleting a pair from the generated workflow. */ -router.delete('/pair/:index', (req, res) => { +router.delete('/pair/:index', requireSignIn, (req, res) => { const id = browserPool.getActiveBrowserId(); if (id) { const browser = browserPool.getRemoteBrowser(id); @@ -61,7 +62,7 @@ router.delete('/pair/:index', (req, res) => { /** * POST endpoint for adding a pair to the generated workflow. */ -router.post('/pair/:index', (req, res) => { +router.post('/pair/:index', requireSignIn, (req, res) => { const id = browserPool.getActiveBrowserId(); if (id) { const browser = browserPool.getRemoteBrowser(id); @@ -81,7 +82,7 @@ router.post('/pair/:index', (req, res) => { /** * PUT endpoint for updating a pair in the generated workflow. */ -router.put('/pair/:index', (req, res) => { +router.put('/pair/:index', requireSignIn, (req, res) => { const id = browserPool.getActiveBrowserId(); if (id) { const browser = browserPool.getRemoteBrowser(id); @@ -101,7 +102,7 @@ router.put('/pair/:index', (req, res) => { /** * PUT endpoint for updating the currently generated workflow file from the one in the storage. */ -router.put('/:browserId/:fileName', async (req, res) => { +router.put('/:browserId/:fileName', requireSignIn, async (req, res) => { try { const browser = browserPool.getRemoteBrowser(req.params.browserId); logger.log('debug', `Updating workflow file`);