-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathcontext.ts
More file actions
35 lines (30 loc) · 984 Bytes
/
context.ts
File metadata and controls
35 lines (30 loc) · 984 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
import { configPrivate } from '$config/private';
import type { RequestEvent } from '@sveltejs/kit';
import { GraphQLError } from 'graphql';
export const oidcRoles = ['admin', 'member', 'service_user'] as const;
export async function context(req: RequestEvent) {
const OIDCRoleNames: (typeof oidcRoles)[number][] = [];
if (configPrivate.OIDC_ROLE_CLAIM) {
const rolesRaw =
(req.locals.oidc?.accessToken ?? ({} as any))[configPrivate.OIDC_ROLE_CLAIM] ??
(req.locals.oidc?.idToken ?? ({} as any))[configPrivate.OIDC_ROLE_CLAIM] ??
{};
if (rolesRaw) {
const roleNames = Object.keys(rolesRaw);
OIDCRoleNames.push(...(roleNames as any));
}
}
return {
...req.locals,
mustBeLoggedIn: () => {
if (!req.locals.oidc?.user) {
throw new GraphQLError('Must be logged in');
}
return req.locals.oidc.user;
},
hasRole(role: string) {
return OIDCRoleNames.includes(role as any);
}
};
}
export type Context = Awaited<ReturnType<typeof context>>;