hotfix: adding dynamic redirection in self-host auth system (HBE-173) (#40)

* chore: completed base auth implementation with redirectUrl * chore: completed base auth fix with redirect_uri * chore: added whitelist based redirection * chore: added a env variable for session secret in main.ts * chore: removed migrations folder from prisma directory
2023-03-14 19:19:22 +05:30
parent be46ed2686
commit a779ba5c0e
13 changed files with 139 additions and 20 deletions
--- a/packages/hoppscotch-backend/pnpm-lock.yaml
+++ b/packages/hoppscotch-backend/pnpm-lock.yaml
@@ -38,6 +38,7 @@ specifiers:
  eslint-config-prettier: ^8.5.0
  eslint-plugin-prettier: ^4.2.1
  express: ^4.17.1
+  express-session: ^1.17.3
  fp-ts: ^2.13.1
  graphql: ^15.5.0
  graphql-query-complexity: ^0.12.0
@@ -85,6 +86,7 @@ dependencies:
  cookie: 0.5.0
  cookie-parser: 1.4.6
  express: 4.18.2
+  express-session: 1.17.3
  fp-ts: 2.13.1
  graphql: 15.8.0
  graphql-query-complexity: 0.12.0_graphql@15.8.0
@@ -2927,6 +2929,11 @@ packages:
    engines: {node: '>= 0.6'}
    dev: false

+  /cookie/0.4.2:
+    resolution: {integrity: sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==}
+    engines: {node: '>= 0.6'}
+    dev: false
+
  /cookie/0.5.0:
    resolution: {integrity: sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==}
    engines: {node: '>= 0.6'}
@@ -3376,6 +3383,22 @@ packages:
      jest-util: 29.4.3
    dev: true

+  /express-session/1.17.3:
+    resolution: {integrity: sha512-4+otWXlShYlG1Ma+2Jnn+xgKUZTMJ5QD3YvfilX3AcocOAbIkVylSWEklzALe/+Pu4qV6TYBj5GwOBFfdKqLBw==}
+    engines: {node: '>= 0.8.0'}
+    dependencies:
+      cookie: 0.4.2
+      cookie-signature: 1.0.6
+      debug: 2.6.9
+      depd: 2.0.0
+      on-headers: 1.0.2
+      parseurl: 1.3.3
+      safe-buffer: 5.2.1
+      uid-safe: 2.1.5
+    transitivePeerDependencies:
+      - supports-color
+    dev: false
+
  /express/4.18.2:
    resolution: {integrity: sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==}
    engines: {node: '>= 0.10.0'}
@@ -5017,6 +5040,11 @@ packages:
    dependencies:
      ee-first: 1.1.1

+  /on-headers/1.0.2:
+    resolution: {integrity: sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==}
+    engines: {node: '>= 0.8'}
+    dev: false
+
  /once/1.4.0:
    resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==}
    dependencies:
@@ -5340,6 +5368,11 @@ packages:
  /queue-microtask/1.2.3:
    resolution: {integrity: sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==}

+  /random-bytes/1.0.0:
+    resolution: {integrity: sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==}
+    engines: {node: '>= 0.8'}
+    dev: false
+
  /randombytes/2.1.0:
    resolution: {integrity: sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==}
    dependencies:
@@ -6092,6 +6125,13 @@ packages:
    hasBin: true
    dev: true

+  /uid-safe/2.1.5:
+    resolution: {integrity: sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==}
+    engines: {node: '>= 0.8'}
+    dependencies:
+      random-bytes: 1.0.0
+    dev: false
+
  /uid/2.0.1:
    resolution: {integrity: sha512-PF+1AnZgycpAIEmNtjxGBVmKbZAQguaa4pBUq6KNaGEcpzZ2klCNZLM34tsjp76maN00TttiiUf6zkIBpJQm2A==}
    engines: {node: '>=8'}