discord activities | start a bunch of discord services | discord express token endpoint | Search

The code imports dependencies from a 'discord gateway' module and defines allowed user IDs, authenticates routes using a session-based system, and handles unauthenticated requests. The authenticateRoute function checks for a valid session and user ID, and exports the authentication function, as well as the INSTANCES and SESSIONS variables, from the current module.

Run example

npm run import -- "discord authenticate instances"

discord authenticate instances

const {INSTANCES, SESSIONS} = importer.import("discord gateway")

const ALLOWED_USERS = [
  '1019970191603544164'
]

async function authenticateRoute(req, res, next) {
  var url_parts = url.parse(req.url, true);
  var query = url_parts.query;
  //console.log(query, SESSIONS, query.session && typeof SESSIONS[query.session] != 'undefined' 
  //  && ALLOWED_USERS.includes(SESSIONS[query.session]))
  if(query.session && typeof SESSIONS[query.session] != 'undefined' 
    && ALLOWED_USERS.includes(SESSIONS[query.session])) {
    req.authenticated = query.session
    return next()
  }

  // TODO: check if the user is in fact apart of the activity
  req.authenticated = false

  return next()
}


module.exports = {
  //registerInstance,
  authenticateRoute,
  INSTANCES,
  SESSIONS,
  
}

What the code could have been:

import { INSTANCES, SESSIONS } from './discord-gateway.js';

// Define allowed users
const ALLOWED_USERS = ['1019970191603544164'];

/**
 * Authenticate route middleware
 * @param {object} req - Express request object
 * @param {object} res - Express response object
 * @param {function} next - Express next middleware function
 */
async function authenticateRoute(req, res, next) {
  // Parse URL query parameters
  const query = new URL(req.url, `http://${req.headers.host}`).searchParams;

  // Check if session is provided and user is allowed
  const allowed = query.get('session') && SESSIONS[query.get('session')] && ALLOWED_USERS.includes(SESSIONS[query.get('session')]);

  if (allowed) {
    // Authenticate user and continue
    req.authenticated = query.get('session');
    return next();
  }

  // User is not authenticated, set auth status to false
  req.authenticated = false;

  // Continue to the next middleware
  return next();
}

// Export authenticateRoute and dependencies
module.exports = {
  authenticateRoute,
  INSTANCES,
  SESSIONS,
};

Code Breakdown

Importing Dependencies

const {INSTANCES, SESSIONS} = importer.import('discord gateway')

This line imports two variables, INSTANCES and SESSIONS, from a module named 'discord gateway' using the importer.import function.

Defining Allowed Users

const ALLOWED_USERS = [
  '1019970191603544164'
]

This line defines an array of allowed user IDs, where only users with the specified ID are granted access.

Authenticating Route

async function authenticateRoute(req, res, next) {
  //...
}

This is an asynchronous function, authenticateRoute, which takes three parameters: req (request), res (response), and next (the next middleware function in the chain).

Checking Authentication

if(query.session && typeof SESSIONS[query.session]!= 'undefined' 
  && ALLOWED_USERS.includes(SESSIONS[query.session])) {
  req.authenticated = query.session
  return next()
}

This block checks if:

  1. A session query parameter is present in the request URL.
  2. The corresponding session exists in the SESSIONS object.
  3. The session's user ID is in the ALLOWED_USERS array.

If all conditions are met, the function sets req.authenticated to the session ID and continues execution.

Handling Unauthenticated Requests

req.authenticated = false
return next()

If the request is not authenticated, the function sets req.authenticated to false and continues execution.

Exporting Functions and Variables

module.exports = {
  authenticateRoute,
  INSTANCES,
  SESSIONS,
}

This line exports the authenticateRoute function, as well as the INSTANCES and SESSIONS variables, from the current module.