search

outmoded / discuss

The "mailing list"
99 stars 9 forks source link

Adding an json element to the response body #797

Closed fabio-medeiros2504 closed 5 years ago

fabio-medeiros2504 commented 5 years ago

Hi everyone.

I have an application that must connect to the AWS Cognito and check if the access token is valid or not. If it's still a valid one then the request will be done successfully, otherwise the access token will be refreshed and the new access token will be returned with the request response.

I decided to create two interceptors: one for the request and the other one for the response.

I can intercept the request by doing this:

await Server.instanceLocal.ext('onPreHandler', async (request, reply) => {

      if (request.path === '/api/login') {

        return reply.continue;
      } else {

        if (!request.headers.authorization) {

          return reply.response({message: Constants.REQUEST_TOKEN_IS_REQUIRED}).code(constants.HTTP_STATUS_BAD_REQUEST).takeover();

        } else {

          const data = await requestUtils.getDataFromToken(request.headers.authorization);
          let accessToken = await accessControl.getKey('${data.username}_access_token');

          if (accessToken != null) {

            if (accessToken === request.headers.authorization.replace('Bearer ', '')) {
              return reply.continue;
            } else {

              return reply.response({message: Constants.REQUEST_ACCESS_FORBIDDEN}).code(constants.HTTP_STATUS_FORBIDDEN).takeover();
            }
          } else {
            const refreshToken = await accessControl.getKey('${data.username}_refresh_token');

            if (refreshToken != null) {
              accessToken = await cognito.refreshToken(data.username, refreshToken);
              reply.request.headers.token = '${accessToken}';
              return reply.continue;
            } else {
              return reply.response({message: Constants.REQUEST_ACCESS_DENIED}).code(constants.HTTP_STATUS_UNAUTHORIZED).takeover();
            }
          }
        }
      }
    });

Everything is doing fine at this point and i can get my new token and use it to resolve the request with no problem.

The problem is when i need to intercept the response and add the new token to the response and send it back to be refreshed in the frontend application.

I did it this way:

await Server.instanceLocal.ext('onPostHandler', async (request, reply) => {

      if (request.headers.token != undefined && request.headers.token != null) {

        //CODE HERE

      } else {

        return reply.continue;

      }

    });

I already tried everything (onPostHandler, onPreResponse) and i can't add a single element to the response. I can modify all the response, but not add an element and keep the previous status code and the body.

I thought send a new response, but i need to find a way to get the previous status code and source, but i simply can't get them.

So, it would be awesome if you could help me with this problem.

Thanks in advance,

Fábio Medeiros