btwedutech/hoppscotch
5
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 6 Wiki Activity

chore: moved auth utility functions to auth/helper.ts from src/utils.ts

Browse Source
This commit is contained in:
Balu Babu
2023-02-01 18:47:11 +05:30
parent 587e7118c9
commit b5e7877912
4 changed files with 311 additions and 308 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
packages/hoppscotch-backend/src/auth/auth.controller.ts
View File

@@ -11,15 +11,15 @@ import {
} from '@nestjs/common'; } from '@nestjs/common';
import { AuthService } from './auth.service'; import { AuthService } from './auth.service';
import { SignInMagicDto } from './dto/signin-magic.dto'; import { SignInMagicDto } from './dto/signin-magic.dto';
import { verifyMagicDto } from './dto/verify-magic.dto'; import { VerifyMagicDto } from './dto/verify-magic.dto';
import { Response } from 'express'; import { Response } from 'express';
import * as E from 'fp-ts/Either'; import * as E from 'fp-ts/Either';
import { authCookieHandler, throwHTTPErr } from 'src/utils';
import { RTJwtAuthGuard } from './guards/rt-jwt-auth.guard'; import { RTJwtAuthGuard } from './guards/rt-jwt-auth.guard';
import { GqlUser } from 'src/decorators/gql-user.decorator'; import { GqlUser } from 'src/decorators/gql-user.decorator';
import { AuthUser } from 'src/types/AuthUser'; import { AuthUser } from 'src/types/AuthUser';
import { RTCookie } from 'src/decorators/rt-cookie.decorator'; import { RTCookie } from 'src/decorators/rt-cookie.decorator';
import { AuthGuard } from '@nestjs/passport'; import { AuthGuard } from '@nestjs/passport';
import { authCookieHandler, throwHTTPErr } from './helper';
@Controller('/v1/auth') @Controller('/v1/auth')
export class AuthController { export class AuthController {
@@ -41,7 +41,7 @@ export class AuthController {
** Route to verify and sign in a valid user via magic-link ** Route to verify and sign in a valid user via magic-link
*/ */
@Post('verify') @Post('verify')
async verify(@Body() data: verifyMagicDto, @Res() res: Response) { async verify(@Body() data: VerifyMagicDto, @Res() res: Response) {
const authTokens = await this.authService.verifyMagicLinkTokens(data); const authTokens = await this.authService.verifyMagicLinkTokens(data);
if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left); if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
authCookieHandler(res, authTokens.right, false); authCookieHandler(res, authTokens.right, false);

56
packages/hoppscotch-backend/src/auth/helper.ts Normal file
View File

@@ -0,0 +1,56 @@
import { HttpException, HttpStatus } from '@nestjs/common';
import { DateTime } from 'luxon';
import { AuthError } from 'src/types/AuthError';
import { AuthTokens } from 'src/types/AuthTokens';
import { Response } from 'express';
/**
* This function allows throw to be used as an expression
* @param errMessage Message present in the error message
*/
export function throwHTTPErr(errorData: AuthError): never {
const { message, statusCode } = errorData;
throw new HttpException(message, statusCode);
}
/**
* Sets and returns the cookies in the response object on successful authentication
* @param res Express Response Object
* @param authTokens Object containing the access and refresh tokens
* @param redirect if true will redirect to provided URL else just send a 200 status code
*/
export const authCookieHandler = (
res: Response,
authTokens: AuthTokens,
redirect: boolean,
) => {
const currentTime = DateTime.now();
const accessTokenValidity = currentTime
.plus({
milliseconds: parseInt(process.env.ACCESS_TOKEN_VALIDITY),
})
.toMillis();
const refreshTokenValidity = currentTime
.plus({
milliseconds: parseInt(process.env.REFRESH_TOKEN_VALIDITY),
})
.toMillis();
res.cookie('access_token', authTokens.access_token, {
httpOnly: true,
secure: true,
sameSite: 'lax',
maxAge: accessTokenValidity,
signed: true,
});
res.cookie('refresh_token', authTokens.refresh_token, {
httpOnly: true,
secure: true,
sameSite: 'lax',
maxAge: refreshTokenValidity,
signed: true,
});
if (redirect) {
res.status(HttpStatus.OK).redirect(process.env.REDIRECT_URL);
} else res.status(HttpStatus.OK).send();
};

500
packages/hoppscotch-backend/src/user/user.service.spec.ts
View File

@@ -40,274 +40,276 @@ beforeEach(() => {
mockPubSub.publish.mockClear(); mockPubSub.publish.mockClear();
}); });
describe('findUserByEmail', () => { describe('UserService', () => {
test('should successfully return a valid user given a valid email', async () => { describe('findUserByEmail', () => {
mockPrisma.user.findUniqueOrThrow.mockResolvedValueOnce(user); test('should successfully return a valid user given a valid email', async () => {
mockPrisma.user.findUniqueOrThrow.mockResolvedValueOnce(user);
const result = await userService.findUserByEmail( const result = await userService.findUserByEmail(
'dwight@dundermifflin.com', 'dwight@dundermifflin.com',
); );
expect(result).toEqualSome(user); expect(result).toEqualSome(user);
});
test('should return a null user given a invalid email', async () => {
mockPrisma.user.findUniqueOrThrow.mockRejectedValueOnce('NotFoundError');
const result = await userService.findUserByEmail('jim@dundermifflin.com');
expect(result).resolves.toBeNone;
});
});
describe('findUserById', () => {
test('should successfully return a valid user given a valid user uid', async () => {
mockPrisma.user.findUniqueOrThrow.mockResolvedValueOnce(user);
const result = await userService.findUserById('123344');
expect(result).toEqualSome(user);
});
test('should return a null user given a invalid user uid', async () => {
mockPrisma.user.findUniqueOrThrow.mockRejectedValueOnce('NotFoundError');
const result = await userService.findUserById('sdcvbdbr');
expect(result).resolves.toBeNone;
});
});
describe('createUserViaMagicLink', () => {
test('should successfully create user and account for magic-link given valid inputs', async () => {
mockPrisma.user.create.mockResolvedValueOnce(user);
const result = await userService.createUserViaMagicLink(
'dwight@dundermifflin.com',
);
expect(result).toEqual(user);
});
});
describe('createUserSSO', () => {
test('should successfully create user and account for SSO provider given valid inputs ', async () => {
mockPrisma.user.create.mockResolvedValueOnce(user);
const result = await userService.createUserSSO(
'sdcsdcsdc',
'dscsdc',
exampleSSOProfileData,
);
expect(result).toEqual(user);
});
test('should successfully create user and account for SSO provider given no displayName ', async () => {
mockPrisma.user.create.mockResolvedValueOnce({
...user,
displayName: null,
}); });
const result = await userService.createUserSSO('sdcsdcsdc', 'dscsdc', { test('should return a null user given a invalid email', async () => {
...exampleSSOProfileData, mockPrisma.user.findUniqueOrThrow.mockRejectedValueOnce('NotFoundError');
displayName: null,
});
expect(result).toEqual({ const result = await userService.findUserByEmail('jim@dundermifflin.com');
...user, expect(result).resolves.toBeNone;
displayName: null,
}); });
}); });
test('should successfully create user and account for SSO provider given no photoURL ', async () => { describe('findUserById', () => {
mockPrisma.user.create.mockResolvedValueOnce({ test('should successfully return a valid user given a valid user uid', async () => {
...user, mockPrisma.user.findUniqueOrThrow.mockResolvedValueOnce(user);
photoURL: null,
const result = await userService.findUserById('123344');
expect(result).toEqualSome(user);
}); });
const result = await userService.createUserSSO('sdcsdcsdc', 'dscsdc', { test('should return a null user given a invalid user uid', async () => {
...exampleSSOProfileData, mockPrisma.user.findUniqueOrThrow.mockRejectedValueOnce('NotFoundError');
photoURL: null,
});
expect(result).toEqual({ const result = await userService.findUserById('sdcvbdbr');
...user, expect(result).resolves.toBeNone;
photoURL: null,
});
});
});
describe('createProviderAccount', () => {
test('should successfully create ProviderAccount for user given valid inputs ', async () => {
mockPrisma.account.create.mockResolvedValueOnce({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: 'dscsdc',
providerAccessToken: 'sdcsdcsdc',
providerScope: 'user.email',
loggedIn: currentTime,
});
const result = await userService.createProviderAccount(
user,
'sdcsdcsdc',
'dscsdc',
exampleSSOProfileData,
);
expect(result).toEqual({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: 'dscsdc',
providerAccessToken: 'sdcsdcsdc',
providerScope: 'user.email',
loggedIn: currentTime,
}); });
}); });
test('should successfully create ProviderAccount for user given no accessToken ', async () => { describe('createUserViaMagicLink', () => {
mockPrisma.account.create.mockResolvedValueOnce({ test('should successfully create user and account for magic-link given valid inputs', async () => {
id: '123dcdc', mockPrisma.user.create.mockResolvedValueOnce(user);
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: 'dscsdc',
providerAccessToken: null,
providerScope: 'user.email',
loggedIn: currentTime,
});
const result = await userService.createProviderAccount( const result = await userService.createUserViaMagicLink(
user, 'dwight@dundermifflin.com',
'sdcsdcsdc', );
'dscsdc', expect(result).toEqual(user);
exampleSSOProfileData,
);
expect(result).toEqual({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: 'dscsdc',
providerAccessToken: null,
providerScope: 'user.email',
loggedIn: currentTime,
}); });
}); });
test('should successfully create ProviderAccount for user given no refreshToken', async () => { describe('createUserSSO', () => {
mockPrisma.account.create.mockResolvedValueOnce({ test('should successfully create user and account for SSO provider given valid inputs ', async () => {
id: '123dcdc', mockPrisma.user.create.mockResolvedValueOnce(user);
userId: user.uid,
provider: exampleSSOProfileData.provider, const result = await userService.createUserSSO(
providerAccountId: exampleSSOProfileData.id, 'sdcsdcsdc',
providerRefreshToken: null, 'dscsdc',
providerAccessToken: 'sdcsdcsdc', exampleSSOProfileData,
providerScope: 'user.email', );
loggedIn: currentTime, expect(result).toEqual(user);
}); });
const result = await userService.createProviderAccount( test('should successfully create user and account for SSO provider given no displayName ', async () => {
user, mockPrisma.user.create.mockResolvedValueOnce({
'sdcsdcsdc',
'dscsdc',
exampleSSOProfileData,
);
expect(result).toEqual({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: null,
providerAccessToken: 'sdcsdcsdc',
providerScope: 'user.email',
loggedIn: currentTime,
});
});
});
describe('updateUserSessions', () => {
test('Should resolve right and update users GQL session', async () => {
const sessionData = user.currentGQLSession;
mockPrisma.user.update.mockResolvedValue({
...user,
currentGQLSession: sessionData,
currentRESTSession: null,
});
const result = await userService.updateUserSessions(
user,
JSON.stringify(sessionData),
'GQL',
);
expect(result).toEqualRight({
...user,
currentGQLSession: JSON.stringify(sessionData),
currentRESTSession: null,
});
});
test('Should resolve right and update users REST session', async () => {
const sessionData = user.currentGQLSession;
mockPrisma.user.update.mockResolvedValue({
...user,
currentGQLSession: null,
currentRESTSession: sessionData,
});
const result = await userService.updateUserSessions(
user,
JSON.stringify(sessionData),
'REST',
);
expect(result).toEqualRight({
...user,
currentGQLSession: null,
currentRESTSession: JSON.stringify(sessionData),
});
});
test('Should reject left and update user for invalid GQL session', async () => {
const sessionData = 'invalid json';
const result = await userService.updateUserSessions(
user,
sessionData,
'GQL',
);
expect(result).toEqualLeft(JSON_INVALID);
});
test('Should reject left and update user for invalid REST session', async () => {
const sessionData = 'invalid json';
const result = await userService.updateUserSessions(
user,
sessionData,
'REST',
);
expect(result).toEqualLeft(JSON_INVALID);
});
test('Should publish pubsub message on user update sessions', async () => {
mockPrisma.user.update.mockResolvedValue({
...user,
});
await userService.updateUserSessions(
user,
JSON.stringify(user.currentGQLSession),
'GQL',
);
expect(mockPubSub.publish).toHaveBeenCalledTimes(1);
expect(mockPubSub.publish).toHaveBeenCalledWith(
`user/${user.uid}/updated`,
{
...user, ...user,
currentGQLSession: JSON.stringify(user.currentGQLSession), displayName: null,
currentRESTSession: JSON.stringify(user.currentRESTSession), });
},
); const result = await userService.createUserSSO('sdcsdcsdc', 'dscsdc', {
...exampleSSOProfileData,
displayName: null,
});
expect(result).toEqual({
...user,
displayName: null,
});
});
test('should successfully create user and account for SSO provider given no photoURL ', async () => {
mockPrisma.user.create.mockResolvedValueOnce({
...user,
photoURL: null,
});
const result = await userService.createUserSSO('sdcsdcsdc', 'dscsdc', {
...exampleSSOProfileData,
photoURL: null,
});
expect(result).toEqual({
...user,
photoURL: null,
});
});
});
describe('createProviderAccount', () => {
test('should successfully create ProviderAccount for user given valid inputs ', async () => {
mockPrisma.account.create.mockResolvedValueOnce({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: 'dscsdc',
providerAccessToken: 'sdcsdcsdc',
providerScope: 'user.email',
loggedIn: currentTime,
});
const result = await userService.createProviderAccount(
user,
'sdcsdcsdc',
'dscsdc',
exampleSSOProfileData,
);
expect(result).toEqual({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: 'dscsdc',
providerAccessToken: 'sdcsdcsdc',
providerScope: 'user.email',
loggedIn: currentTime,
});
});
test('should successfully create ProviderAccount for user given no accessToken ', async () => {
mockPrisma.account.create.mockResolvedValueOnce({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: 'dscsdc',
providerAccessToken: null,
providerScope: 'user.email',
loggedIn: currentTime,
});
const result = await userService.createProviderAccount(
user,
'sdcsdcsdc',
'dscsdc',
exampleSSOProfileData,
);
expect(result).toEqual({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: 'dscsdc',
providerAccessToken: null,
providerScope: 'user.email',
loggedIn: currentTime,
});
});
test('should successfully create ProviderAccount for user given no refreshToken', async () => {
mockPrisma.account.create.mockResolvedValueOnce({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: null,
providerAccessToken: 'sdcsdcsdc',
providerScope: 'user.email',
loggedIn: currentTime,
});
const result = await userService.createProviderAccount(
user,
'sdcsdcsdc',
'dscsdc',
exampleSSOProfileData,
);
expect(result).toEqual({
id: '123dcdc',
userId: user.uid,
provider: exampleSSOProfileData.provider,
providerAccountId: exampleSSOProfileData.id,
providerRefreshToken: null,
providerAccessToken: 'sdcsdcsdc',
providerScope: 'user.email',
loggedIn: currentTime,
});
});
});
describe('updateUserSessions', () => {
test('Should resolve right and update users GQL session', async () => {
const sessionData = user.currentGQLSession;
mockPrisma.user.update.mockResolvedValue({
...user,
currentGQLSession: sessionData,
currentRESTSession: null,
});
const result = await userService.updateUserSessions(
user,
JSON.stringify(sessionData),
'GQL',
);
expect(result).toEqualRight({
...user,
currentGQLSession: JSON.stringify(sessionData),
currentRESTSession: null,
});
});
test('Should resolve right and update users REST session', async () => {
const sessionData = user.currentGQLSession;
mockPrisma.user.update.mockResolvedValue({
...user,
currentGQLSession: null,
currentRESTSession: sessionData,
});
const result = await userService.updateUserSessions(
user,
JSON.stringify(sessionData),
'REST',
);
expect(result).toEqualRight({
...user,
currentGQLSession: null,
currentRESTSession: JSON.stringify(sessionData),
});
});
test('Should reject left and update user for invalid GQL session', async () => {
const sessionData = 'invalid json';
const result = await userService.updateUserSessions(
user,
sessionData,
'GQL',
);
expect(result).toEqualLeft(JSON_INVALID);
});
test('Should reject left and update user for invalid REST session', async () => {
const sessionData = 'invalid json';
const result = await userService.updateUserSessions(
user,
sessionData,
'REST',
);
expect(result).toEqualLeft(JSON_INVALID);
});
test('Should publish pubsub message on user update sessions', async () => {
mockPrisma.user.update.mockResolvedValue({
...user,
});
await userService.updateUserSessions(
user,
JSON.stringify(user.currentGQLSession),
'GQL',
);
expect(mockPubSub.publish).toHaveBeenCalledTimes(1);
expect(mockPubSub.publish).toHaveBeenCalledWith(
`user/${user.uid}/updated`,
{
...user,
currentGQLSession: JSON.stringify(user.currentGQLSession),
currentRESTSession: JSON.stringify(user.currentRESTSession),
},
);
});
}); });
}); });

57
packages/hoppscotch-backend/src/utils.ts
View File

@@ -1,4 +1,4 @@
import { ExecutionContext, HttpException, HttpStatus } from '@nestjs/common'; import { ExecutionContext } from '@nestjs/common';
import { GqlExecutionContext } from '@nestjs/graphql'; import { GqlExecutionContext } from '@nestjs/graphql';
import { pipe } from 'fp-ts/lib/function'; import { pipe } from 'fp-ts/lib/function';
import * as O from 'fp-ts/Option'; import * as O from 'fp-ts/Option';
@@ -7,10 +7,6 @@ import * as T from 'fp-ts/Task';
import * as E from 'fp-ts/Either'; import * as E from 'fp-ts/Either';
import { User } from './user/user.model'; import { User } from './user/user.model';
import * as A from 'fp-ts/Array'; import * as A from 'fp-ts/Array';
import { AuthError } from './types/AuthError';
import { AuthTokens } from './types/AuthTokens';
import { Response } from 'express';
import { DateTime } from 'luxon';
import { JSON_INVALID } from './errors'; import { JSON_INVALID } from './errors';
/** /**
@@ -23,15 +19,6 @@ export function throwErr(errMessage: string): never {
throw new Error(errMessage); throw new Error(errMessage);
} }
/**
* This function allows throw to be used as an expression
* @param errMessage Message present in the error message
*/
export function throwHTTPErr(errorData: AuthError): never {
const { message, statusCode } = errorData;
throw new HttpException(message, statusCode);
}
/** /**
* Prints the given value to log and returns the same value. * Prints the given value to log and returns the same value.
* Used for debugging functional pipelines. * Used for debugging functional pipelines.
@@ -136,48 +123,6 @@ export const validateEmail = (email: string) => {
).test(email); ).test(email);
}; };
/**
* Sets and returns the cookies in the response object on successful authentication
* @param res Express Response Object
* @param authTokens Object containing the access and refresh tokens
* @param redirect if true will redirect to provided URL else just send a 200 status code
*/
export const authCookieHandler = (
res: Response,
authTokens: AuthTokens,
redirect: boolean,
) => {
const currentTime = DateTime.now();
const accessTokenValidity = currentTime
.plus({
milliseconds: parseInt(process.env.ACCESS_TOKEN_VALIDITY),
})
.toMillis();
const refreshTokenValidity = currentTime
.plus({
milliseconds: parseInt(process.env.REFRESH_TOKEN_VALIDITY),
})
.toMillis();
res.cookie('access_token', authTokens.access_token, {
httpOnly: true,
secure: true,
sameSite: 'lax',
maxAge: accessTokenValidity,
signed: true,
});
res.cookie('refresh_token', authTokens.refresh_token, {
httpOnly: true,
secure: true,
sameSite: 'lax',
maxAge: refreshTokenValidity,
signed: true,
});
if (redirect) {
res.status(HttpStatus.OK).redirect(process.env.REDIRECT_URL);
} else res.status(HttpStatus.OK).send();
};
/* /*
* String to JSON parser * String to JSON parser
* @param {str} str The string to parse * @param {str} str The string to parse