refactor: logout route now just returning 200 status code not redirecting to app_domain

packages/hoppscotch-backend/.vscode/settings.json

@@ -1 +0,0 @@
-{}

packages/hoppscotch-backend/prisma/migrations/20230119072446_auth/migration.sql

@@ -0,0 +1,158 @@
+-- CreateEnum
+CREATE TYPE "TeamMemberRole" AS ENUM ('OWNER', 'VIEWER', 'EDITOR');
+
+-- CreateTable
+CREATE TABLE "Team" (
+    "id" TEXT NOT NULL,
+    "name" TEXT NOT NULL,
+
+    CONSTRAINT "Team_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "TeamMember" (
+    "id" TEXT NOT NULL,
+    "role" "TeamMemberRole" NOT NULL,
+    "userUid" TEXT NOT NULL,
+    "teamID" TEXT NOT NULL,
+
+    CONSTRAINT "TeamMember_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "TeamInvitation" (
+    "id" TEXT NOT NULL,
+    "teamID" TEXT NOT NULL,
+    "creatorUid" TEXT NOT NULL,
+    "inviteeEmail" TEXT NOT NULL,
+    "inviteeRole" "TeamMemberRole" NOT NULL,
+
+    CONSTRAINT "TeamInvitation_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "TeamCollection" (
+    "id" TEXT NOT NULL,
+    "parentID" TEXT,
+    "teamID" TEXT NOT NULL,
+    "title" TEXT NOT NULL,
+
+    CONSTRAINT "TeamCollection_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "TeamRequest" (
+    "id" TEXT NOT NULL,
+    "collectionID" TEXT NOT NULL,
+    "teamID" TEXT NOT NULL,
+    "title" TEXT NOT NULL,
+    "request" JSONB NOT NULL,
+
+    CONSTRAINT "TeamRequest_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "Shortcode" (
+    "id" TEXT NOT NULL,
+    "request" JSONB NOT NULL,
+    "creatorUid" TEXT,
+    "createdOn" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "Shortcode_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "TeamEnvironment" (
+    "id" TEXT NOT NULL,
+    "teamID" TEXT NOT NULL,
+    "name" TEXT NOT NULL,
+    "variables" JSONB NOT NULL,
+
+    CONSTRAINT "TeamEnvironment_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "User" (
+    "uid" TEXT NOT NULL,
+    "displayName" TEXT,
+    "email" TEXT,
+    "photoURL" TEXT,
+    "isAdmin" BOOLEAN NOT NULL DEFAULT false,
+    "refreshToken" TEXT,
+    "createdOn" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "User_pkey" PRIMARY KEY ("uid")
+);
+
+-- CreateTable
+CREATE TABLE "Account" (
+    "id" TEXT NOT NULL,
+    "userId" TEXT NOT NULL,
+    "provider" TEXT NOT NULL,
+    "providerAccountId" TEXT NOT NULL,
+    "providerRefreshToken" TEXT,
+    "providerAccessToken" TEXT,
+    "providerScope" TEXT,
+    "loggedIn" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "Account_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "PasswordlessVerification" (
+    "deviceIdentifier" TEXT NOT NULL,
+    "token" TEXT NOT NULL,
+    "userUid" TEXT NOT NULL,
+    "expiresOn" TIMESTAMP(3) NOT NULL
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "TeamMember_teamID_userUid_key" ON "TeamMember"("teamID", "userUid");
+
+-- CreateIndex
+CREATE INDEX "TeamInvitation_teamID_idx" ON "TeamInvitation"("teamID");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "TeamInvitation_teamID_inviteeEmail_key" ON "TeamInvitation"("teamID", "inviteeEmail");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Shortcode_id_creatorUid_key" ON "Shortcode"("id", "creatorUid");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Account_provider_providerAccountId_key" ON "Account"("provider", "providerAccountId");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "PasswordlessVerification_token_key" ON "PasswordlessVerification"("token");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "PasswordlessVerification_deviceIdentifier_token_key" ON "PasswordlessVerification"("deviceIdentifier", "token");
+
+-- AddForeignKey
+ALTER TABLE "TeamMember" ADD CONSTRAINT "TeamMember_teamID_fkey" FOREIGN KEY ("teamID") REFERENCES "Team"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "TeamInvitation" ADD CONSTRAINT "TeamInvitation_teamID_fkey" FOREIGN KEY ("teamID") REFERENCES "Team"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "TeamCollection" ADD CONSTRAINT "TeamCollection_parentID_fkey" FOREIGN KEY ("parentID") REFERENCES "TeamCollection"("id") ON DELETE SET NULL ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "TeamCollection" ADD CONSTRAINT "TeamCollection_teamID_fkey" FOREIGN KEY ("teamID") REFERENCES "Team"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "TeamRequest" ADD CONSTRAINT "TeamRequest_collectionID_fkey" FOREIGN KEY ("collectionID") REFERENCES "TeamCollection"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "TeamRequest" ADD CONSTRAINT "TeamRequest_teamID_fkey" FOREIGN KEY ("teamID") REFERENCES "Team"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "TeamEnvironment" ADD CONSTRAINT "TeamEnvironment_teamID_fkey" FOREIGN KEY ("teamID") REFERENCES "Team"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "Account" ADD CONSTRAINT "Account_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User"("uid") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "PasswordlessVerification" ADD CONSTRAINT "PasswordlessVerification_userUid_fkey" FOREIGN KEY ("userUid") REFERENCES "User"("uid") ON DELETE CASCADE ON UPDATE CASCADE;

packages/hoppscotch-backend/prisma/migrations/migration_lock.toml

@@ -0,0 +1,3 @@
+# Please do not edit this file manually
+# It should be added in your version-control system (i.e. Git)
+provider = "postgresql"

packages/hoppscotch-backend/prisma/schema.prisma

@@ -79,10 +79,10 @@ model TeamEnvironment {
 }
 
 model User {
-  uid                       String                     @id @default(cuid()) @map("id")
+  uid                      String                     @id @default(cuid())
-  displayName                     String?
+  displayName              String?
   email                    String?                    @unique
-  photoURL                    String?
+  photoURL                 String?
   isAdmin                  Boolean                    @default(false)
   refreshToken             String?
   accounts                 Account[]
@@ -107,10 +107,10 @@ model Account {
 
 model PasswordlessVerification {
   deviceIdentifier String
-  token      String   @unique @default(cuid())
+  token            String   @unique @default(cuid())
-  userUid    String
+  userUid          String
-  user       User     @relation(fields: [userUid], references: [uid], onDelete: Cascade)
+  user             User     @relation(fields: [userUid], references: [uid], onDelete: Cascade)
-  expiresOn  DateTime @db.Timestamp(3)
+  expiresOn        DateTime @db.Timestamp(3)
 
   @@unique(fields: [deviceIdentifier, token], name: "passwordless_deviceIdentifier_tokens")
 }

packages/hoppscotch-backend/src/auth/auth.controller.ts

@@ -61,7 +61,7 @@ export class AuthController {
   @Get('google/callback')
   @UseGuards(AuthGuard('google'))
   async googleAuthRedirect(@Request() req, @Res() res) {
-    const authTokens = await this.authService.generateAuthTokens(req.user.id);
+    const authTokens = await this.authService.generateAuthTokens(req.user.uid);
     if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
     authCookieHandler(res, authTokens.right, true);
   }
@@ -73,7 +73,7 @@ export class AuthController {
   @Get('github/callback')
   @UseGuards(AuthGuard('github'))
   async githubAuthRedirect(@Request() req, @Res() res) {
-    const authTokens = await this.authService.generateAuthTokens(req.user.id);
+    const authTokens = await this.authService.generateAuthTokens(req.user.uid);
     if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
     authCookieHandler(res, authTokens.right, true);
   }
@@ -85,7 +85,7 @@ export class AuthController {
   @Get('microsoft/callback')
   @UseGuards(AuthGuard('microsoft'))
   async microsoftAuthRedirect(@Request() req, @Res() res) {
-    const authTokens = await this.authService.generateAuthTokens(req.user.id);
+    const authTokens = await this.authService.generateAuthTokens(req.user.uid);
     if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
     authCookieHandler(res, authTokens.right, true);
   }
@@ -94,6 +94,6 @@ export class AuthController {
   async logout(@Res() res: Response) {
     res.clearCookie('access_token');
     res.clearCookie('refresh_token');
-    return res.redirect(process.env.REDIRECT_URL);
+    return res.status(200).send();
   }
 }

packages/hoppscotch-backend/src/user/user.resolver.ts

@@ -13,7 +13,7 @@ export class UserResolver {
       "Gives details of the user executing this query (pass Authorization 'Bearer' header)",
   })
   @UseGuards(GqlAuthGuard)
-  me(@GqlUser() user: User): User {
+  me(@GqlUser() user) {
     return user;
   }
 }

packages/hoppscotch-backend/src/utils.ts

@@ -146,30 +146,15 @@ export const authCookieHandler = (
   authTokens: AuthTokens,
   redirect: boolean,
 ) => {
-  const currentTime = DateTime.now();
-  const accessTokenValidity = currentTime.plus({
-    millisecond: parseInt(process.env.ACCESS_TOKEN_VALIDITY),
-  });
-  const refreshTokenValidity = currentTime.plus({
-    millisecond: parseInt(process.env.REFRESH_TOKEN_VALIDITY),
-  });
-  console.log(process.env.ACCESS_TOKEN_VALIDITY, accessTokenValidity);
-  console.log(process.env.REFRESH_TOKEN_VALIDITY, refreshTokenValidity);
-  console.log(process.env.REDIRECT_URL);
-
   res.cookie('access_token', authTokens.access_token, {
     httpOnly: true,
     secure: true,
     sameSite: 'lax',
-    maxAge: accessTokenValidity.toMillis(),
-    expires: accessTokenValidity.toJSDate(),
   });
   res.cookie('refresh_token', authTokens.refresh_token, {
     httpOnly: true,
     secure: true,
     sameSite: 'lax',
-    maxAge: refreshTokenValidity.toMillis(),
-    expires: refreshTokenValidity.toJSDate(),
   });
   if (redirect) {
     res.status(HttpStatus.OK).redirect('http://localhost:3170/graphql');