mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-17 17:00:15 +01:00
37 lines
1.1 KiB
JavaScript
37 lines
1.1 KiB
JavaScript
const cookies = require('cookie');
|
|
const jwt = require('jsonwebtoken');
|
|
const { logger } = require('~/config');
|
|
|
|
/**
|
|
* Middleware to validate image request
|
|
*/
|
|
function validateImageRequest(req, res, next) {
|
|
const refreshToken = req.headers.cookie ? cookies.parse(req.headers.cookie).refreshToken : null;
|
|
if (!refreshToken) {
|
|
logger.warn('[validateImageRequest] Refresh token not provided');
|
|
return res.status(401).send('Unauthorized');
|
|
}
|
|
|
|
let payload;
|
|
try {
|
|
payload = jwt.verify(refreshToken, process.env.JWT_REFRESH_SECRET);
|
|
} catch (err) {
|
|
logger.warn('[validateImageRequest]', err);
|
|
return res.status(403).send('Access Denied');
|
|
}
|
|
|
|
const currentTimeInSeconds = Math.floor(Date.now() / 1000);
|
|
if (payload.exp < currentTimeInSeconds) {
|
|
logger.warn('[validateImageRequest] Refresh token expired');
|
|
return res.status(403).send('Access Denied');
|
|
}
|
|
|
|
if (req.path.includes(payload.id)) {
|
|
logger.debug('[validateImageRequest] Image request validated');
|
|
next();
|
|
} else {
|
|
res.status(403).send('Access Denied');
|
|
}
|
|
}
|
|
|
|
module.exports = validateImageRequest;
|