From 68515f95a65d422e29c0ed6028f3ea0ae8d9b1bf Mon Sep 17 00:00:00 2001
From: Sabir Hassan <sabirbk06@gmail.com>
Date: Tue, 2 Aug 2022 18:06:33 +0500
Subject: [PATCH] feat: bypass authentication when route is enabled for public
 group

---
 api/src/middlewares/authenticateToken.ts |  9 ++++++-
 api/src/utils/index.ts                   |  1 +
 api/src/utils/isPublicRoute.ts           | 31 ++++++++++++++++++++++++
 3 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 api/src/utils/isPublicRoute.ts

diff --git a/api/src/middlewares/authenticateToken.ts b/api/src/middlewares/authenticateToken.ts
index 24ed1e8..0c02127 100644
--- a/api/src/middlewares/authenticateToken.ts
+++ b/api/src/middlewares/authenticateToken.ts
@@ -5,7 +5,9 @@ import {
   fetchLatestAutoExec,
   ModeType,
   verifyTokenInDB,
-  isAuthorizingRoute
+  isAuthorizingRoute,
+  isPublicRoute,
+  publicUser
 } from '../utils'
 import { desktopUser } from './desktop'
 import { authorize } from './authorize'
@@ -21,6 +23,11 @@ export const authenticateAccessToken: RequestHandler = async (
     return next()
   }
 
+  if (await isPublicRoute(req)) {
+    req.user = publicUser
+    return next()
+  }
+
   const nextFunction = isAuthorizingRoute(req)
     ? () => authorize(req, res, next)
     : next
diff --git a/api/src/utils/index.ts b/api/src/utils/index.ts
index 13bc904..32b5b79 100644
--- a/api/src/utils/index.ts
+++ b/api/src/utils/index.ts
@@ -16,6 +16,7 @@ export * from './getRunTimeAndFilePath'
 export * from './getServerUrl'
 export * from './instantiateLogger'
 export * from './isDebugOn'
+export * from './isPublicRoute'
 export * from './zipped'
 export * from './parseLogToArray'
 export * from './removeTokensInDB'
diff --git a/api/src/utils/isPublicRoute.ts b/api/src/utils/isPublicRoute.ts
new file mode 100644
index 0000000..d971d93
--- /dev/null
+++ b/api/src/utils/isPublicRoute.ts
@@ -0,0 +1,31 @@
+import { Request } from 'express'
+import { getPath } from './getAuthorizedRoutes'
+import Group, { PUBLIC_GROUP_NAME } from '../model/Group'
+import Permission from '../model/Permission'
+import { PermissionSettingForRoute } from '../controllers'
+import { RequestUser } from '../types'
+
+export const isPublicRoute = async (req: Request): Promise<boolean> => {
+  const group = await Group.findOne({ name: PUBLIC_GROUP_NAME })
+  if (group) {
+    const path = getPath(req)
+
+    const groupPermission = await Permission.findOne({
+      path,
+      group: group?._id
+    })
+    if (groupPermission?.setting === PermissionSettingForRoute.grant)
+      return true
+  }
+
+  return false
+}
+
+export const publicUser: RequestUser = {
+  userId: 12345,
+  clientId: 'public_app',
+  username: 'publicUser',
+  displayName: 'Public User',
+  isAdmin: false,
+  isActive: true
+}