@@ -4,8 +4,10 @@ import http, {OutgoingHttpHeader} from "node:http";
4
4
import stream from "node:stream" ;
5
5
import { Authenticator } from "./auth/Authenticator.js" ;
6
6
import { Authorisation } from "./auth/Authorisation.js" ;
7
- import { AuthenticatedRequest } from "./auth/AuthenticatedRequest.js" ;
7
+ import { Permission } from "./auth/index.js" ;
8
+ import { ThrowableResponse } from "./response/index.js" ;
8
9
import { Server } from "./Server.js" ;
10
+ import { ServerErrorRegistry } from "./ServerErrorRegistry.js" ;
9
11
10
12
/**
11
13
* An incoming HTTP request from a connected client.
@@ -158,24 +160,6 @@ export class Request<A> {
158
160
return await authenticator . authenticate ( this ) ;
159
161
}
160
162
161
- /**
162
- * Attempt to authenticate this request with one of the {@link Server}’s {@link Authenticator}s.
163
- * @returns `null` if the request lacks authorisation information.
164
- */
165
- public async authenticate ( ) : Promise < AuthenticatedRequest < A > | null > {
166
- const authorisation = await this . getAuthorisation ( ) ;
167
- if ( authorisation === null ) return null ;
168
- return new AuthenticatedRequest < A > (
169
- authorisation ,
170
- this . method ,
171
- this . url ,
172
- this . headers ,
173
- this . bodyStream ,
174
- this . ip ,
175
- this . server ,
176
- ) ;
177
- }
178
-
179
163
/**
180
164
* Returns a boolean value that declares whether the body has been read yet.
181
165
*/
@@ -249,6 +233,33 @@ export class Request<A> {
249
233
return ( await this . blob ( ) ) . text ( ) ;
250
234
}
251
235
236
+ /**
237
+ * Require that authorisation can be obtained from this request.
238
+ * @throws {@link ThrowableResponse } of {@link ServerErrorRegistry.ErrorCodes.UNAUTHORISED} if authorisation cannot
239
+ * be obtained.
240
+ */
241
+ public async auth ( ) : Promise < Authorisation < A > > ;
242
+
243
+ /**
244
+ * Require that authorisation can be obtained from this request and that the given (requested) permission(s) are
245
+ * ALL within the scope of the authorisation.
246
+ * @param permissions The requested permissions.
247
+ * @throws {@link ThrowableResponse } of {@link ServerErrorRegistry.ErrorCodes.UNAUTHORISED} if authorisation cannot
248
+ * be obtained.
249
+ * @throws {@link ThrowableResponse } of {@link ServerErrorRegistry.ErrorCodes.NO_PERMISSION} if the authorisation
250
+ * lacks any of the requested permissions.
251
+ */
252
+ public async auth ( ...permissions : [ Permission , ...Permission [ ] ] ) : Promise < Authorisation < A > > ;
253
+
254
+ public async auth ( ...permissions : Permission [ ] ) : Promise < Authorisation < A > > {
255
+ const authorisation = await this . getAuthorisation ( ) ;
256
+ if ( authorisation === null )
257
+ throw new ThrowableResponse ( this . server . errors . _get ( ServerErrorRegistry . ErrorCodes . UNAUTHORISED , null ) ) ;
258
+ if ( permissions . length > 0 && ! authorisation . hasAll ( permissions ) )
259
+ throw new ThrowableResponse ( this . server . errors . _get ( ServerErrorRegistry . ErrorCodes . NO_PERMISSION , null ) ) ;
260
+ return authorisation ;
261
+ }
262
+
252
263
/**
253
264
* Response headers that the Response to this request should include.
254
265
* @internal
0 commit comments