From 875eddf98487960fc4388f23f3fd9a3bd2a6b375 Mon Sep 17 00:00:00 2001 From: Gabriel Machin Date: Tue, 16 Jan 2024 15:02:27 -0300 Subject: [PATCH] Rebase main --- .env.example | 2 -- .github/workflows/node.js.yml | 2 -- .woodpecker/.backend-ci.yml | 2 -- package-lock.json | 4 +++- package.json | 2 +- src/config/config.ts | 4 ---- src/controllers/auth.ts | 17 ++++++----------- src/controllers/users.ts | 3 +-- src/middlewares/auth.ts | 4 ++-- src/utils/auth.ts | 14 +++++++++----- 10 files changed, 22 insertions(+), 32 deletions(-) diff --git a/.env.example b/.env.example index 73b6868..1532e67 100644 --- a/.env.example +++ b/.env.example @@ -26,5 +26,3 @@ OTP_EXPIRATION_MINUTES=15 ENABLE_RATE_LIMIT='true' COOKIE_SECRET="secret" COOKIE_EXPIRATION_SECONDS=86400 # 24 hours -ENABLE_COOKIE="true" -ENABLE_JWT="true" diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index 97b24b6..8d0e5a8 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -33,8 +33,6 @@ env: ENABLE_RATE_LIMIT: 'true' COOKIE_SECRET: 'secret' COOKIE_EXPIRATION_SECONDS: '3600' - ENABLE_COOKIE: 'true' - ENABLE_JWT: 'true' jobs: build: diff --git a/.woodpecker/.backend-ci.yml b/.woodpecker/.backend-ci.yml index fd2ac9b..c059ead 100644 --- a/.woodpecker/.backend-ci.yml +++ b/.woodpecker/.backend-ci.yml @@ -25,8 +25,6 @@ x-common: &common - ENABLE_RATE_LIMIT=true - COOKIE_SECRET=secret - COOKIE_EXPIRATION_SECONDS=3600 - - ENABLE_COOKIE=true - - ENABLE_JWT=true pipeline: setup: diff --git a/package-lock.json b/package-lock.json index 0a497b7..de4d601 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,7 +10,6 @@ "license": "ISC", "dependencies": { "@prisma/client": "^5.5.2", - "@types/cookie-parser": "^1.4.6", "bcryptjs": "^2.4.3", "body-parser": "^1.19.2", "bullmq": "^4.13.2", @@ -49,6 +48,7 @@ "@types/bcryptjs": "^2.4.2", "@types/body-parser": "^1.19.2", "@types/compression": "^1.7.2", + "@types/cookie-parser": "^1.4.6", "@types/cors": "^2.8.12", "@types/cross-spawn": "^6.0.6", "@types/express": "^4.17.13", @@ -1589,6 +1589,7 @@ "version": "1.4.6", "resolved": "https://registry.npmjs.org/@types/cookie-parser/-/cookie-parser-1.4.6.tgz", "integrity": "sha512-KoooCrD56qlLskXPLGUiJxOMnv5l/8m7cQD2OxJ73NPMhuSz9PmvwRD6EpjDyKBVrdJDdQ4bQK7JFNHnNmax0w==", + "dev": true, "dependencies": { "@types/express": "*" } @@ -9809,6 +9810,7 @@ "version": "1.4.6", "resolved": "https://registry.npmjs.org/@types/cookie-parser/-/cookie-parser-1.4.6.tgz", "integrity": "sha512-KoooCrD56qlLskXPLGUiJxOMnv5l/8m7cQD2OxJ73NPMhuSz9PmvwRD6EpjDyKBVrdJDdQ4bQK7JFNHnNmax0w==", + "dev": true, "requires": { "@types/express": "*" } diff --git a/package.json b/package.json index 323db79..d13acb3 100644 --- a/package.json +++ b/package.json @@ -36,6 +36,7 @@ "@types/bcryptjs": "^2.4.2", "@types/body-parser": "^1.19.2", "@types/compression": "^1.7.2", + "@types/cookie-parser": "^1.4.6", "@types/cors": "^2.8.12", "@types/cross-spawn": "^6.0.6", "@types/express": "^4.17.13", @@ -63,7 +64,6 @@ }, "dependencies": { "@prisma/client": "^5.5.2", - "@types/cookie-parser": "^1.4.6", "bcryptjs": "^2.4.3", "body-parser": "^1.19.2", "bullmq": "^4.13.2", diff --git a/src/config/config.ts b/src/config/config.ts index d956ef0..e9d62e4 100644 --- a/src/config/config.ts +++ b/src/config/config.ts @@ -63,8 +63,6 @@ const envVarsSchema = z (val) => !Number.isNaN(val), 'COOKIE EXPIRATION SECONDS must be a number', ), - ENABLE_COOKIE: z.string(), - ENABLE_JWT: z.string(), }) .passthrough(); @@ -75,8 +73,6 @@ export const isTest = envVars.NODE_ENV === 'test'; export const isProduction = envVars.NODE_ENV === 'production'; export const hasToApplyRateLimit = envVars.ENABLE_RATE_LIMIT.toLocaleLowerCase() === 'true'; -export const cookieEnabled = envVars.ENABLE_COOKIE === 'true'; -export const JWTEnabled = envVars.ENABLE_JWT === 'true'; export const config: Config = { env: envVars.NODE_ENV, diff --git a/src/controllers/auth.ts b/src/controllers/auth.ts index eb29a80..ebaa093 100644 --- a/src/controllers/auth.ts +++ b/src/controllers/auth.ts @@ -9,7 +9,6 @@ import { AuthenticatedRequest, LoginParams, } from 'types'; -import { cookieEnabled, JWTEnabled } from 'config/config'; import { COOKIE_NAME, cookieConfig } from 'utils/auth'; @Route('v1/auth') @@ -20,13 +19,12 @@ export class AuthControllerV1 extends Controller { @Request() req: AuthenticatedRequest, ): Promise { const { sessionId, ...authReturn } = await AuthService.register(user); + const { res } = req; - if (cookieEnabled) { - res?.cookie(COOKIE_NAME, sessionId, cookieConfig); - } + res?.cookie(COOKIE_NAME, sessionId, cookieConfig); + this.setStatus(httpStatus.CREATED); - if (JWTEnabled) return authReturn; - return null; + return authReturn; } @Post('/login') @@ -36,12 +34,9 @@ export class AuthControllerV1 extends Controller { ): Promise { const { sessionId, ...authReturn } = await AuthService.login(loginParams); const { res } = req; - if (cookieEnabled) { - res?.cookie(COOKIE_NAME, sessionId, cookieConfig); - } + res?.cookie(COOKIE_NAME, sessionId, cookieConfig); this.setStatus(httpStatus.OK); - if (JWTEnabled) return authReturn; - return null; + return authReturn; } @Post('/logout') diff --git a/src/controllers/users.ts b/src/controllers/users.ts index c13f4d4..6bb4e80 100644 --- a/src/controllers/users.ts +++ b/src/controllers/users.ts @@ -19,7 +19,6 @@ import { PasswordResetCodeRequest, ResetPassword, } from 'types'; -import { cookieEnabled } from 'config/config'; import { COOKIE_NAME } from 'utils/auth'; @Route('v1/users') @@ -74,7 +73,7 @@ export class UsersControllerV1 extends Controller { ): Promise { const { user, res } = req; await UserService.destroy(id); - if (cookieEnabled && user.id === id) res?.clearCookie(COOKIE_NAME); + if (user.id === id) res?.clearCookie(COOKIE_NAME); this.setStatus(httpStatus.NO_CONTENT); } diff --git a/src/middlewares/auth.ts b/src/middlewares/auth.ts index 098c9b1..ae26b8a 100644 --- a/src/middlewares/auth.ts +++ b/src/middlewares/auth.ts @@ -1,6 +1,6 @@ import { Request } from 'express'; import jwt from 'jsonwebtoken'; -import { config, JWTEnabled } from 'config/config'; +import { config } from 'config/config'; import { ApiError } from 'utils/apiError'; import { errors } from 'config/errors'; import { verifyCookie } from 'utils/auth'; @@ -15,7 +15,7 @@ export function expressAuthentication( const token = request.headers.authorization!; return new Promise((resolve, reject) => { - if (!token || !JWTEnabled) { + if (!token) { reject(new ApiError(errors.UNAUTHENTICATED)); } jwt.verify(token, config.accessTokenSecret, (err: any, decoded: any) => { diff --git a/src/utils/auth.ts b/src/utils/auth.ts index a25c314..bb24ab6 100644 --- a/src/utils/auth.ts +++ b/src/utils/auth.ts @@ -2,22 +2,26 @@ import { CookieOptions } from 'express'; import { errors } from 'config/errors'; import prisma from 'root/prisma/client'; -import { cookieEnabled, config, isProduction } from 'config/config'; +import { config, isProduction } from 'config/config'; import { ApiError } from './apiError'; export const COOKIE_NAME = 'token'; const SECONDS_TO_MILLISECONDS = 1000; -export const cookieConfig = { +type SignedCookie = { + token: string; +}; + +export const cookieConfig: CookieOptions = { signed: true, httpOnly: true, maxAge: config.cookieExpirationSeconds * SECONDS_TO_MILLISECONDS, secure: isProduction, -} as CookieOptions; +}; -export const verifyCookie = async (signedCookies: any) => { - if (!cookieEnabled || !signedCookies || !signedCookies.token) { +export const verifyCookie = async (signedCookies: SignedCookie | null) => { + if (!signedCookies || !signedCookies.token) { throw new ApiError(errors.UNAUTHENTICATED); }