HBE-164 refactor: subscriptions auth cookie fix (#26)

* chore: added error handling to cookie extraction logic for subscriptions

* chore: removed migration file from prisma directory

packages/hoppscotch-backend/src/app.module.ts

@@ -1,4 +1,4 @@
-import { Module } from '@nestjs/common';
+import { ForbiddenException, HttpException, Module } from '@nestjs/common';
 import { GraphQLModule } from '@nestjs/graphql';
 import { ApolloDriver, ApolloDriverConfig } from '@nestjs/apollo';
 import { UserModule } from './user/user.module';
@@ -14,6 +14,7 @@ import { TeamCollectionModule } from './team-collection/team-collection.module';
 import { TeamRequestModule } from './team-request/team-request.module';
 import { TeamInvitationModule } from './team-invitation/team-invitation.module';
 import { ShortcodeModule } from './shortcode/shortcode.module';
+import { COOKIES_NOT_FOUND } from './errors';
 
 @Module({
   imports: [
@@ -30,12 +31,19 @@ import { ShortcodeModule } from './shortcode/shortcode.module';
         'subscriptions-transport-ws': {
           path: '/graphql',
           onConnect: (_, websocket) => {
-            const cookies = subscriptionContextCookieParser(
-              websocket.upgradeReq.headers.cookie,
-            );
-            return {
-              headers: { ...websocket?.upgradeReq?.headers, cookies },
-            };
+            try {
+              const cookies = subscriptionContextCookieParser(
+                websocket.upgradeReq.headers.cookie,
+              );
+
+              return {
+                headers: { ...websocket?.upgradeReq?.headers, cookies },
+              };
+            } catch (error) {
+              throw new HttpException(COOKIES_NOT_FOUND, 400, {
+                cause: new Error(COOKIES_NOT_FOUND),
+              });
+            }
           },
         },
       },

packages/hoppscotch-backend/src/auth/helper.ts

@@ -1,8 +1,10 @@
-import { HttpException, HttpStatus } from '@nestjs/common';
+import { ForbiddenException, HttpException, HttpStatus } from '@nestjs/common';
 import { DateTime } from 'luxon';
 import { AuthError } from 'src/types/AuthError';
 import { AuthTokens } from 'src/types/AuthTokens';
 import { Response } from 'express';
+import * as cookie from 'cookie';
+import { COOKIES_NOT_FOUND } from 'src/errors';
 
 enum AuthTokenType {
   ACCESS_TOKEN = 'access_token',
@@ -64,14 +66,19 @@ export const authCookieHandler = (
  * @returns AuthTokens for JWT strategy to use
  */
 export const subscriptionContextCookieParser = (rawCookies: string) => {
-  const cookieMap = new Map<string, string>();
-  rawCookies.split(';').forEach((cookie) => {
-    const [key, value] = cookie.split('=');
-    cookieMap.set(key, value);
-  });
+  const cookies = cookie.parse(rawCookies);
+
+  if (
+    !cookies[AuthTokenType.ACCESS_TOKEN] &&
+    !cookies[AuthTokenType.REFRESH_TOKEN]
+  ) {
+    throw new HttpException(COOKIES_NOT_FOUND, 400, {
+      cause: new Error(COOKIES_NOT_FOUND),
+    });
+  }
 
   return <AuthTokens>{
-    access_token: cookieMap.get(AuthTokenType.ACCESS_TOKEN),
-    refresh_token: cookieMap.get(AuthTokenType.REFRESH_TOKEN),
+    access_token: cookies[AuthTokenType.ACCESS_TOKEN],
+    refresh_token: cookies[AuthTokenType.REFRESH_TOKEN],
   };
 };

packages/hoppscotch-backend/src/types/AuthTokens.ts

@@ -19,3 +19,8 @@ export type AuthTokens = {
   access_token: string;
   refresh_token: string;
 };
+
+export enum AuthTokenType {
+  ACCESS_TOKEN = 'access_token',
+  REFRESH_TOKEN = 'refresh_token',
+}