New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
@tus/server: introduce middleware for access control #460
Comments
One way we can implement this is to have an option on the TUS server instance ex: new Server({
...,
onTusRequest: (request, upload) => {
// custom logic
throw {
status_code: 403,
body: "Unauthorized"
}
}
}) another approach could be to use a sort of pipeline pattern and chain custom handlers async function authorizer(request, upload) {
// custom logic
throw {
status_code: 403,
body: "Unauthorized"
}
}
function uploadPrefix(request, upload) {
upload.addPrefix('some-prefix')
}
const server = new Server({...})
server.use(authorizer)
server.use(uploadPrefix)
server.handle(request, response) The handler should be invoked after the |
I think a simple callback is sufficient here. Providing it with the current upload and HTTP request should be sufficient to give users enough information to determine the authorization. I was also wondering if it would make sense to differentiate between read (HEAD, GET requests and upload concatenation) versus write (DELETE, PATCH) access. Are there situations where you want to allow a user to have read but no write access to an upload? |
@Acconut Yes! Absolutely - some user might have permission on GET but not on POST or DELETE Since we have the request object passed in, I thought we could use that to determine the TUS action / method, happy to explore alternatives in case we don't want the request object to be passed in directly |
I don't think this is a sufficient approach because edge cases will likely not be covered by the users on their own. For example, if a POST request uses Upload-Concat, you also need to ensure that the end-user has read access to the uploads that get concatenated. That is something that users will easily miss and we should implement in tus-node-server. Does that make sense? |
I'm not sure what more we can do internally regarding differentiating read/write access together with Upload-Concat? |
Let me explain this with a few examples:
|
Access control can be done in many ways. We don't want to be opinionated on that so implementing a generic middleware function which is used before all requests seems to be the best approach.
The text was updated successfully, but these errors were encountered: