logout bug

prostgles · Nov 25, 2024 · 7d4279b · 7d4279b
1 parent fcf9631
commit 7d4279b
Show file tree

Hide file tree

Showing 5 changed files with 65 additions and 77 deletions.
diff --git a/lib/Auth/AuthHandler.ts b/lib/Auth/AuthHandler.ts
@@ -213,7 +213,7 @@ export class AuthHandler {
         throw err
       }
       if(result && result.expires < Date.now()){
-        throw { msg: "auth.login() is returning an expired session. Can only login with a session.expires greater than Date.now()"}
+        throw { msg: "auth.login() is returning an expired session. Can only login with a session.expires greater than Date.now()" }
       }
 
       return result;

diff --git a/lib/Auth/setupAuthRoutes.ts b/lib/Auth/setupAuthRoutes.ts
@@ -13,7 +13,7 @@ export async function setupAuthRoutes(this: AuthHandler) {
     throw "Invalid auth: Provide { sidKeyName: string } ";
   }
 
-  if ((AUTH_ROUTES_AND_PARAMS.sidKeyName as any) === "sid") {
+  if (this.sidKeyName === "sid") {
     throw "sidKeyName cannot be 'sid' due to collision with socket.io";
   }
 
@@ -74,104 +74,92 @@ export async function setupAuthRoutes(this: AuthHandler) {
 
   app.post(AUTH_ROUTES_AND_PARAMS.login, async (req: ExpressReq, res: ExpressRes) => {
     try {
-      // const start = Date.now();
       const loginParams: LoginParams = {
         type: "username",
         ...req.body,
       };
 
       await this.loginThrottledAndSetCookie(req, res, loginParams);
-      // const { sid, expires } = await this.loginThrottled(loginParams, getLoginClientInfo({ httpReq: req })) || {};
-      // await this.prostgles.opts.onLog?.({
-      //   type: "auth",
-      //   command: "login",
-      //   duration: Date.now() - start,
-      //   sid,
-      //   socketId: undefined,
-      // })
-      // if (sid) {
-
-      //   this.setCookieAndGoToReturnURLIFSet({ sid, expires }, { req, res });
-
-      // } else {
-      //   throw ("Internal error: no user or session")
-      // }
     } catch (err) {
       console.log(err)
       res.status(HTTPCODES.AUTH_ERROR).json({ err });
     }
 
   });
 
-  if (AUTH_ROUTES_AND_PARAMS.logoutGetPath && this.opts.logout) {
-    app.get(AUTH_ROUTES_AND_PARAMS.logoutGetPath, async (req: ExpressReq, res: ExpressRes) => {
-      const sid = this.validateSid(req?.cookies?.[AUTH_ROUTES_AND_PARAMS.sidKeyName]);
-      if (sid) {
-        try {
-          await this.throttledFunc(() => {
-            return this.opts!.logout!(req?.cookies?.[AUTH_ROUTES_AND_PARAMS.sidKeyName], this.dbo as any, this.db);
-          })
-        } catch (err) {
-          console.error(err);
-        }
+  const onLogout = async (req: ExpressReq, res: ExpressRes) => {
+    const sid = this.validateSid(req?.cookies?.[this.sidKeyName]);
+    if (sid) {
+      try {
+        await this.throttledFunc(() => {
+          return this.opts?.logout?.(req?.cookies?.[this.sidKeyName], this.dbo as any, this.db);
+        })
+      } catch (err) {
+        console.error(err);
       }
-      res.redirect("/")
-    });
+    }
+    res.redirect("/")
   }
+
+  // app.get(AUTH_ROUTES_AND_PARAMS.logoutGetPath, onLogout);
 
-  if (Array.isArray(publicRoutes)) {
 
-    /* Redirect if not logged in and requesting non public content */
-    app.get(AUTH_ROUTES_AND_PARAMS.catchAll, async (req: ExpressReq, res: ExpressRes, next) => {
+  /* Redirect if not logged in and requesting non public content */
+  app.get(AUTH_ROUTES_AND_PARAMS.catchAll, async (req: ExpressReq, res: ExpressRes, next) => {
 
-      const clientReq: AuthClientRequest = { httpReq: req };
-      const getUser = this.getUser;
-      if(this.prostgles.restApi){
-        if(Object.values(this.prostgles.restApi.routes).some(restRoute => this.matchesRoute(restRoute.split("/:")[0], req.path))){
-          next();
-          return;
-        }
+    const clientReq: AuthClientRequest = { httpReq: req };
+    const getUser = this.getUser;
+    if(this.prostgles.restApi){
+      if(Object.values(this.prostgles.restApi.routes).some(restRoute => this.matchesRoute(restRoute.split("/:")[0], req.path))){
+        next();
+        return;
+      }
+    }
+    try {
+      const returnURL = this.getReturnUrl(req);
+
+      if(this.matchesRoute(AUTH_ROUTES_AND_PARAMS.logoutGetPath, req.path)){
+        onLogout(req, res);
+        next();
+        return;
       }
-      try {
-        const returnURL = this.getReturnUrl(req);
 
-        if(this.matchesRoute(AUTH_ROUTES_AND_PARAMS.loginWithProvider, req.path)){
-          next();
+      if(this.matchesRoute(AUTH_ROUTES_AND_PARAMS.loginWithProvider, req.path)){
+        next();
+        return;
+      }
+      /**
+       * Requesting a User route
+       */
+      if (this.isUserRoute(req.path)) {
+
+        /* Check auth. Redirect to login if unauthorized */
+        const u = await getUser(clientReq);
+        if (!u) {
+          res.redirect(`${AUTH_ROUTES_AND_PARAMS.login}?returnURL=${encodeURIComponent(req.originalUrl)}`);
           return;
         }
-        /**
-         * Requesting a User route
-         */
-        if (this.isUserRoute(req.path)) {
-
-          /* Check auth. Redirect to login if unauthorized */
-          const u = await getUser(clientReq);
-          if (!u) {
-            res.redirect(`${AUTH_ROUTES_AND_PARAMS.login}?returnURL=${encodeURIComponent(req.originalUrl)}`);
-            return;
-          }
 
-          /* If authorized and going to returnUrl then redirect. Otherwise serve file */
-        } else if (returnURL && (await getUser(clientReq))) {
+        /* If authorized and going to returnUrl then redirect. Otherwise serve file */
+      } else if (returnURL && (await getUser(clientReq))) {
 
-          res.redirect(returnURL);
-          return;
+        res.redirect(returnURL);
+        return;
 
-          /** If Logged in and requesting login then redirect to main page */
-        } else if (this.matchesRoute(AUTH_ROUTES_AND_PARAMS.login, req.path) && (await getUser(clientReq))) {
+        /** If Logged in and requesting login then redirect to main page */
+      } else if (this.matchesRoute(AUTH_ROUTES_AND_PARAMS.login, req.path) && (await getUser(clientReq))) {
 
-          res.redirect("/");
-          return;
-        }
+        res.redirect("/");
+        return;
+      }
 
-        onGetRequestOK?.(req, res, { getUser: () => getUser(clientReq), dbo: this.dbo as DBOFullyTyped, db: this.db })
+      onGetRequestOK?.(req, res, { getUser: () => getUser(clientReq), dbo: this.dbo as DBOFullyTyped, db: this.db })
 
-      } catch (error) {
-        console.error(error);
-        const errorMessage = typeof error === "string" ? error : error instanceof Error ? error.message : "";
-        res.status(HTTPCODES.AUTH_ERROR).json({ msg: "Something went wrong when processing your request" + (errorMessage? (": " + errorMessage) : "") });
-      }
+    } catch (error) {
+      console.error(error);
+      const errorMessage = typeof error === "string" ? error : error instanceof Error ? error.message : "";
+      res.status(HTTPCODES.AUTH_ERROR).json({ msg: "Something went wrong when processing your request" + (errorMessage? (": " + errorMessage) : "") });
+    }
 
-    });
-  }
+  });
 }
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "prostgles-server",
-  "version": "4.2.150",
+  "version": "4.2.151",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

diff --git a/tests/server/package-lock.json b/tests/server/package-lock.json