alp-node-auth 7.2.2 → 8.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -3,6 +3,20 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
5
5
 
6
+ ## [8.0.0](https://github.com/christophehurpeau/alp/compare/alp-node-auth@7.2.2...alp-node-auth@8.0.0) (2023-03-19)
7
+
8
+
9
+ ### ⚠ BREAKING CHANGES
10
+
11
+ * changed api for alp-node-auth
12
+
13
+ ### Features
14
+
15
+ * auth browser-readable cookie ([7ce6b13](https://github.com/christophehurpeau/alp/commit/7ce6b13752ffd3b6238e6c9fe04fe907e208b7d5))
16
+ * update dev dependencies ([9d7e24f](https://github.com/christophehurpeau/alp/commit/9d7e24f8e504d47feae64ca618dc2b3a69babc38))
17
+
18
+
19
+
6
20
  ## [7.2.2](https://github.com/christophehurpeau/alp/compare/alp-node-auth@7.2.1...alp-node-auth@7.2.2) (2023-02-18)
7
21
 
8
22
 
package/README.md CHANGED
@@ -23,7 +23,7 @@ npm install --save alp-node-auth
23
23
 
24
24
  - Provides route and controller to login user
25
25
  - Provides extandable services and managers
26
- - Provides authentication middleware: `context.state.connected` and `context.state.user`
26
+ - Provides authentication middleware: `context.state.loggedInUserId` and `context.state.loggedInUser`
27
27
 
28
28
  ## How to use
29
29
 
@@ -3,7 +3,9 @@ import type { User, Account, UserSanitized } from '../types.d';
3
3
  export default class MongoUsersManager<U extends User = User, USanitized extends UserSanitized = UserSanitized> {
4
4
  store: MongoStore<U>;
5
5
  constructor(store: MongoStore<U>);
6
+ /** @deprecated use findById instead */
6
7
  findConnected(connected: string): Promise<U | undefined>;
8
+ findById(userId: string): Promise<U | undefined>;
7
9
  insertOne(user: MongoInsertType<U>): Promise<any>;
8
10
  replaceOne(user: U): Promise<any>;
9
11
  sanitize(user: U): USanitized;
@@ -1 +1 @@
1
- {"version":3,"file":"MongoUsersManager.d.ts","sourceRoot":"","sources":["../../src/MongoUsersManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,UAAU,EAAU,MAAM,YAAY,CAAC;AACtE,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE/D,MAAM,CAAC,OAAO,OAAO,iBAAiB,CACpC,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa;IAEhD,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;gBAET,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;IAIhC,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAIxD,SAAS,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IAIjD,UAAU,CAAC,IAAI,EAAE,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IAIjC,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,UAAU;IAI7B,wBAAwB,CAAC,EACvB,SAAS,EACT,MAAM,EACN,QAAQ,GACT,EAAE;QACD,SAAS,EAAE,MAAM,GAAG,MAAM,CAAC;QAC3B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAqB1B,aAAa,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC;IAapD,gBAAgB,CAAC,IAAI,EAAE,CAAC,GAAG,aAAa;CAmBzC"}
1
+ {"version":3,"file":"MongoUsersManager.d.ts","sourceRoot":"","sources":["../../src/MongoUsersManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,UAAU,EAAU,MAAM,YAAY,CAAC;AACtE,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE/D,MAAM,CAAC,OAAO,OAAO,iBAAiB,CACpC,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa;IAEhD,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;gBAET,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;IAIhC,uCAAuC;IACvC,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAIxD,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAIhD,SAAS,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IAIjD,UAAU,CAAC,IAAI,EAAE,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IAIjC,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,UAAU;IAI7B,wBAAwB,CAAC,EACvB,SAAS,EACT,MAAM,EACN,QAAQ,GACT,EAAE;QACD,SAAS,EAAE,MAAM,GAAG,MAAM,CAAC;QAC3B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAqB1B,aAAa,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC;IAapD,gBAAgB,CAAC,IAAI,EAAE,CAAC,GAAG,aAAa;CAmBzC"}
@@ -1,5 +1,5 @@
1
1
  import type { NodeApplication } from 'alp-types';
2
2
  import type { User } from '../types.d';
3
3
  import type MongoUsersManager from './MongoUsersManager';
4
- export declare const authSocketIO: <U extends User = User>(app: NodeApplication, usersManager: MongoUsersManager<U, import("../types.d").UserSanitized>, io: any) => void;
4
+ export declare const authSocketIO: <U extends User = User>(app: NodeApplication, usersManager: MongoUsersManager<U, import("../types.d").UserSanitized>, io: any, jwtAudience?: string) => void;
5
5
  //# sourceMappingURL=authSocketIO.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"authSocketIO.d.ts","sourceRoot":"","sources":["../../src/authSocketIO.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAEjD,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,KAAK,iBAAiB,MAAM,qBAAqB,CAAC;AAMzD,eAAO,MAAM,YAAY,+BAClB,eAAe,8EAGhB,GAAG,KACN,IAgCF,CAAC"}
1
+ {"version":3,"file":"authSocketIO.d.ts","sourceRoot":"","sources":["../../src/authSocketIO.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAEjD,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,KAAK,iBAAiB,MAAM,qBAAqB,CAAC;AAMzD,eAAO,MAAM,YAAY,+BAClB,eAAe,8EAGhB,GAAG,gBACO,MAAM,KACnB,IAgCF,CAAC"}
@@ -16,15 +16,15 @@ export { createAuthApolloContext } from './authApolloContext';
16
16
  export { STATUSES } from './services/user/UserAccountsService';
17
17
  declare module 'alp-types' {
18
18
  interface ContextState {
19
- connected: NonNullable<ContextState['user']>['_id'] | null | undefined;
20
- user: User | null | undefined;
19
+ loggedInUserId: NonNullable<ContextState['loggedInUser']>['_id'] | null | undefined;
20
+ loggedInUser: User | null | undefined;
21
21
  }
22
22
  interface ContextSanitizedState {
23
- connected: NonNullable<ContextSanitizedState['user']>['_id'] | null | undefined;
24
- user: UserSanitized | null | undefined;
23
+ loggedInUserId: NonNullable<ContextSanitizedState['loggedInUser']>['_id'] | null | undefined;
24
+ loggedInUser: UserSanitized | null | undefined;
25
25
  }
26
26
  interface BaseContext {
27
- setConnected: (connected: NonNullable<ContextState['user']>['_id'], user: NonNullable<ContextState['user']>) => Promise<void>;
27
+ setLoggedIn: (loggedInUserId: NonNullable<ContextState['loggedInUserId']>, loggedInUser: NonNullable<ContextState['loggedInUser']>) => Promise<void>;
28
28
  logout: () => void;
29
29
  }
30
30
  }
@@ -41,8 +41,8 @@ export default function init<StrategyKeys extends AllowedStrategyKeys = 'google'
41
41
  jwtAudience?: string;
42
42
  }): (app: NodeApplication) => {
43
43
  routes: AuthRoutesType;
44
- getConnectedAndUserFromRequest: (req: IncomingMessage) => Promise<[U["_id"] | null | undefined, U | null | undefined]>;
45
- getConnectedAndUser: import("./utils/createFindConnectedAndUser").FindConnectedAndUser<U>;
44
+ findLoggedInUserFromRequest: (req: IncomingMessage) => Promise<[U["_id"] | null | undefined, U | null | undefined]>;
45
+ findLoggedInUser: import("./utils/createFindLoggedInUser").FindLoggedInUser<U>;
46
46
  middleware: <T>(ctx: Context, next: () => T | Promise<T>) => Promise<T>;
47
47
  };
48
48
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAE5C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,KAAK,EAAgB,eAAe,EAAE,MAAM,WAAW,CAAC;AAG/D,OAAO,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AACtD,OAAO,KAAK,iBAAiB,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,EACV,cAAc,IAAI,kBAAkB,EACpC,SAAS,EACV,MAAM,wBAAwB,CAAC;AAEhC,OAAO,KAAK,EAAE,UAAU,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAEnE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mDAAmD,CAAC;AAEpF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAC;AAE7E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAI5D,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,EAAE,OAAO,IAAI,wBAAwB,EAAE,MAAM,0CAA0C,CAAC;AAC/F,OAAO,EAAE,OAAO,IAAI,uBAAuB,EAAE,MAAM,yCAAyC,CAAC;AAC7F,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAC9D,OAAO,EAAE,QAAQ,EAAE,MAAM,qCAAqC,CAAC;AAE/D,OAAO,QAAQ,WAAW,CAAC;IAEzB,UAAU,YAAY;QACpB,SAAS,EAAE,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC;QACvE,IAAI,EAAE,IAAI,GAAG,IAAI,GAAG,SAAS,CAAC;KAC/B;IAED,UAAU,qBAAqB;QAC7B,SAAS,EACL,WAAW,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,GACjD,IAAI,GACJ,SAAS,CAAC;QACd,IAAI,EAAE,aAAa,GAAG,IAAI,GAAG,SAAS,CAAC;KACxC;IAED,UAAU,WAAW;QACnB,YAAY,EAAE,CACZ,SAAS,EAAE,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,EACnD,IAAI,EAAE,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,KACpC,OAAO,CAAC,IAAI,CAAC,CAAC;QACnB,MAAM,EAAE,MAAM,IAAI,CAAC;KACpB;CACF;AAMD,MAAM,MAAM,cAAc,GAAG,kBAAkB,CAAC;AAChD,MAAM,MAAM,UAAU,GAAG,cAAc,CAAC;AACxC,OAAO,EAAE,qBAAqB,EAAE,MAAM,mDAAmD,CAAC;AAE1F,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,YAAY,SAAS,mBAAmB,GAAG,QAAQ,EACnD,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa,EAChD,EACA,aAAa,EACb,YAAY,EACZ,UAAU,EACV,eAAe,EACf,iBAAiB,EACjB,SAAS,EACT,WAAW,GACZ,EAAE;IACD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,iBAAiB,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IAC/C,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;IACrC,eAAe,CAAC,EAAE,YAAY,CAAC;IAC/B,iBAAiB,EAAE,MAAM,CAAC,YAAY,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7D,SAAS,CAAC,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC;IACpC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,SAEc,eAAe;;0CAsEjB,eAAe;;yBAWf,OAAO;EAkCnB"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAE5C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,KAAK,EAAgB,eAAe,EAAE,MAAM,WAAW,CAAC;AAG/D,OAAO,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AACtD,OAAO,KAAK,iBAAiB,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,EACV,cAAc,IAAI,kBAAkB,EACpC,SAAS,EACV,MAAM,wBAAwB,CAAC;AAEhC,OAAO,KAAK,EAAE,UAAU,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAEnE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mDAAmD,CAAC;AAEpF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAC;AAE7E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAQ5D,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,EAAE,OAAO,IAAI,wBAAwB,EAAE,MAAM,0CAA0C,CAAC;AAC/F,OAAO,EAAE,OAAO,IAAI,uBAAuB,EAAE,MAAM,yCAAyC,CAAC;AAC7F,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAC9D,OAAO,EAAE,QAAQ,EAAE,MAAM,qCAAqC,CAAC;AAE/D,OAAO,QAAQ,WAAW,CAAC;IAEzB,UAAU,YAAY;QACpB,cAAc,EACV,WAAW,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,GAChD,IAAI,GACJ,SAAS,CAAC;QACd,YAAY,EAAE,IAAI,GAAG,IAAI,GAAG,SAAS,CAAC;KACvC;IAED,UAAU,qBAAqB;QAC7B,cAAc,EACV,WAAW,CAAC,qBAAqB,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,GACzD,IAAI,GACJ,SAAS,CAAC;QACd,YAAY,EAAE,aAAa,GAAG,IAAI,GAAG,SAAS,CAAC;KAChD;IAED,UAAU,WAAW;QACnB,WAAW,EAAE,CACX,cAAc,EAAE,WAAW,CAAC,YAAY,CAAC,gBAAgB,CAAC,CAAC,EAC3D,YAAY,EAAE,WAAW,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC,KACpD,OAAO,CAAC,IAAI,CAAC,CAAC;QACnB,MAAM,EAAE,MAAM,IAAI,CAAC;KACpB;CACF;AAMD,MAAM,MAAM,cAAc,GAAG,kBAAkB,CAAC;AAChD,MAAM,MAAM,UAAU,GAAG,cAAc,CAAC;AACxC,OAAO,EAAE,qBAAqB,EAAE,MAAM,mDAAmD,CAAC;AAE1F,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,YAAY,SAAS,mBAAmB,GAAG,QAAQ,EACnD,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa,EAChD,EACA,aAAa,EACb,YAAY,EACZ,UAAU,EACV,eAAe,EACf,iBAAiB,EACjB,SAAS,EACT,WAAW,GACZ,EAAE;IACD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,iBAAiB,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IAC/C,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;IACrC,eAAe,CAAC,EAAE,YAAY,CAAC;IAC/B,iBAAiB,EAAE,MAAM,CAAC,YAAY,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7D,SAAS,CAAC,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC;IACpC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,SAEc,eAAe;;uCAqFjB,eAAe;;yBAUf,OAAO;EAsCnB"}
@@ -28,7 +28,7 @@ export interface Oauth2Strategy<Params extends string> extends Strategy {
28
28
  }
29
29
  export type Strategies<StrategyKeys extends AllowedStrategyKeys> = Record<StrategyKeys, Oauth2Strategy<any>>;
30
30
  export interface AccessResponseHooks<StrategyKeys, U extends User = User> {
31
- afterLoginSuccess?: <StrategyKey extends StrategyKeys>(strategy: StrategyKey, connectedUser: U) => void | Promise<void>;
31
+ afterLoginSuccess?: <StrategyKey extends StrategyKeys>(strategy: StrategyKey, loggedInUser: U) => void | Promise<void>;
32
32
  afterScopeUpdate?: <StrategyKey extends StrategyKeys>(strategy: StrategyKey, scopeKey: string, account: Account, user: U) => void | Promise<void>;
33
33
  }
34
34
  export declare class AuthenticationService<StrategyKeys extends AllowedStrategyKeys, U extends User = User, USanitized extends UserSanitized = UserSanitized> extends EventEmitter {
@@ -48,7 +48,7 @@ export declare class AuthenticationService<StrategyKeys extends AllowedStrategyK
48
48
  user?: U;
49
49
  accountId?: AccountId;
50
50
  }, params?: any): Promise<void>;
51
- accessResponse<StrategyKey extends StrategyKeys>(ctx: any, strategy: StrategyKey, isConnected: undefined | boolean, hooks: AccessResponseHooks<StrategyKeys, U>): Promise<U>;
51
+ accessResponse<StrategyKey extends StrategyKeys>(ctx: Context, strategy: StrategyKey, isLoggedIn: boolean, hooks: AccessResponseHooks<StrategyKeys, U>): Promise<U>;
52
52
  refreshAccountTokens(user: U, account: Account): Promise<boolean>;
53
53
  }
54
54
  //# sourceMappingURL=AuthenticationService.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../../../src/services/authentification/AuthenticationService.ts"],"names":[],"mappings":";AAIA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAErD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEhF,OAAO,KAAK,mBAAmB,MAAM,6BAA6B,CAAC;AACnE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAI3D,MAAM,WAAW,sBAAsB;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc,CAAC,MAAM,SAAS,MAAM,CAAE,SAAQ,QAAQ;IACrE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CAC7B;AAED,MAAM,MAAM,UAAU,CAAC,YAAY,SAAS,mBAAmB,IAAI,MAAM,CACvE,YAAY,EACZ,cAAc,CAAC,GAAG,CAAC,CACpB,CAAC;AAEF,MAAM,WAAW,mBAAmB,CAAC,YAAY,EAAE,CAAC,SAAS,IAAI,GAAG,IAAI;IACtE,iBAAiB,CAAC,EAAE,CAAC,WAAW,SAAS,YAAY,EACnD,QAAQ,EAAE,WAAW,EACrB,aAAa,EAAE,CAAC,KACb,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE1B,gBAAgB,CAAC,EAAE,CAAC,WAAW,SAAS,YAAY,EAClD,QAAQ,EAAE,WAAW,EACrB,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,CAAC,KACJ,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAED,qBAAa,qBAAqB,CAChC,YAAY,SAAS,mBAAmB,EACxC,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa,CAChD,SAAQ,YAAY;IACpB,MAAM,EAAE,UAAU,CAAC;IAEnB,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;IAErC,mBAAmB,EAAE,mBAAmB,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC;gBAGpE,MAAM,EAAE,UAAU,EAClB,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,EACpC,mBAAmB,EAAE,mBAAmB,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,CAAC;IAQvE,eAAe,CAAC,CAAC,SAAS,YAAY,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,GAAG,MAAM;IAWnE,SAAS,CACb,QAAQ,EAAE,YAAY,EACtB,OAAO,EAAE,gBAAgB,GACxB,OAAO,CAAC,MAAM,CAAC;IAgCZ,YAAY,CAChB,QAAQ,EAAE,YAAY,EACtB,WAAW,EAAE;QAAE,YAAY,EAAE,MAAM,CAAA;KAAE,GACpC,OAAO,CAAC,MAAM,CAAC;IA+BlB,WAAW,CAAC,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM;IAS7C,eAAe,CACnB,GAAG,EAAE,OAAO,EACZ,QAAQ,EAAE,YAAY,EACtB,EACE,YAAY,EACZ,QAAQ,EACR,IAAI,EACJ,SAAS,GACV,EAAE;QACD,YAAY,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;QAClC,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,EAAE,CAAC,CAAC;QACT,SAAS,CAAC,EAAE,SAAS,CAAC;KACvB,EACD,MAAM,CAAC,EAAE,GAAG,GACX,OAAO,CAAC,IAAI,CAAC;IAuCV,cAAc,CAAC,WAAW,SAAS,YAAY,EACnD,GAAG,EAAE,GAAG,EACR,QAAQ,EAAE,WAAW,EACrB,WAAW,EAAE,SAAS,GAAG,OAAO,EAChC,KAAK,EAAE,mBAAmB,CAAC,YAAY,EAAE,CAAC,CAAC,GAC1C,OAAO,CAAC,CAAC,CAAC;IAgEb,oBAAoB,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;CAsBlE"}
1
+ {"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../../../src/services/authentification/AuthenticationService.ts"],"names":[],"mappings":";AAIA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAErD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEhF,OAAO,KAAK,mBAAmB,MAAM,6BAA6B,CAAC;AACnE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAI3D,MAAM,WAAW,sBAAsB;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc,CAAC,MAAM,SAAS,MAAM,CAAE,SAAQ,QAAQ;IACrE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CAC7B;AAED,MAAM,MAAM,UAAU,CAAC,YAAY,SAAS,mBAAmB,IAAI,MAAM,CACvE,YAAY,EACZ,cAAc,CAAC,GAAG,CAAC,CACpB,CAAC;AAEF,MAAM,WAAW,mBAAmB,CAAC,YAAY,EAAE,CAAC,SAAS,IAAI,GAAG,IAAI;IACtE,iBAAiB,CAAC,EAAE,CAAC,WAAW,SAAS,YAAY,EACnD,QAAQ,EAAE,WAAW,EACrB,YAAY,EAAE,CAAC,KACZ,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE1B,gBAAgB,CAAC,EAAE,CAAC,WAAW,SAAS,YAAY,EAClD,QAAQ,EAAE,WAAW,EACrB,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,CAAC,KACJ,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAED,qBAAa,qBAAqB,CAChC,YAAY,SAAS,mBAAmB,EACxC,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa,CAChD,SAAQ,YAAY;IACpB,MAAM,EAAE,UAAU,CAAC;IAEnB,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;IAErC,mBAAmB,EAAE,mBAAmB,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC;gBAGpE,MAAM,EAAE,UAAU,EAClB,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,EACpC,mBAAmB,EAAE,mBAAmB,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,CAAC;IAQvE,eAAe,CAAC,CAAC,SAAS,YAAY,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,GAAG,MAAM;IAWnE,SAAS,CACb,QAAQ,EAAE,YAAY,EACtB,OAAO,EAAE,gBAAgB,GACxB,OAAO,CAAC,MAAM,CAAC;IAgCZ,YAAY,CAChB,QAAQ,EAAE,YAAY,EACtB,WAAW,EAAE;QAAE,YAAY,EAAE,MAAM,CAAA;KAAE,GACpC,OAAO,CAAC,MAAM,CAAC;IA+BlB,WAAW,CAAC,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM;IAS7C,eAAe,CACnB,GAAG,EAAE,OAAO,EACZ,QAAQ,EAAE,YAAY,EACtB,EACE,YAAY,EACZ,QAAQ,EACR,IAAI,EACJ,SAAS,GACV,EAAE;QACD,YAAY,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;QAClC,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,EAAE,CAAC,CAAC;QACT,SAAS,CAAC,EAAE,SAAS,CAAC;KACvB,EACD,MAAM,CAAC,EAAE,GAAG,GACX,OAAO,CAAC,IAAI,CAAC;IAuCV,cAAc,CAAC,WAAW,SAAS,YAAY,EACnD,GAAG,EAAE,OAAO,EACZ,QAAQ,EAAE,WAAW,EACrB,UAAU,EAAE,OAAO,EACnB,KAAK,EAAE,mBAAmB,CAAC,YAAY,EAAE,CAAC,CAAC,GAC1C,OAAO,CAAC,CAAC,CAAC;IAgEb,oBAAoB,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;CAsBlE"}
@@ -1,5 +1,6 @@
1
1
  import type { IncomingMessage } from 'http';
2
2
  import type { Option } from 'cookies';
3
- export declare const COOKIE_NAME = "connectedUser";
3
+ export declare const COOKIE_NAME_TOKEN = "loggedInUserToken";
4
+ export declare const COOKIE_NAME_STATE = "loggedInUserState";
4
5
  export declare const getTokenFromRequest: (req: IncomingMessage, options?: Pick<Option, Exclude<keyof Option, 'secure'>>) => string | undefined;
5
6
  //# sourceMappingURL=cookies.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/utils/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAC5C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGtC,eAAO,MAAM,WAAW,kBAAkB,CAAC;AAE3C,eAAO,MAAM,mBAAmB,QACzB,eAAe,YACV,KAAK,MAAM,EAAE,QAAQ,MAAM,MAAM,EAAE,QAAQ,CAAC,CAAC,KACtD,MAAM,GAAG,SAQX,CAAC"}
1
+ {"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/utils/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAC5C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGtC,eAAO,MAAM,iBAAiB,sBAAsB,CAAC;AACrD,eAAO,MAAM,iBAAiB,sBAAsB,CAAC;AAErD,eAAO,MAAM,mBAAmB,QACzB,eAAe,YACV,KAAK,MAAM,EAAE,QAAQ,MAAM,MAAM,EAAE,QAAQ,CAAC,CAAC,KACtD,MAAM,GAAG,SAYX,CAAC"}
@@ -0,0 +1,6 @@
1
+ import type { Logger } from 'nightingale-logger';
2
+ import type { User, UserSanitized } from '../../types';
3
+ import type MongoUsersManager from '../MongoUsersManager';
4
+ export type FindLoggedInUser<U extends User> = (jwtAudience?: string, token?: string) => Promise<[null | undefined | U['_id'], null | undefined | U]>;
5
+ export declare const createFindLoggedInUser: <U extends User, USanitized extends UserSanitized>(secretKey: string, usersManager: MongoUsersManager<U, USanitized>, logger: Logger) => FindLoggedInUser<U>;
6
+ //# sourceMappingURL=createFindLoggedInUser.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"createFindLoggedInUser.d.ts","sourceRoot":"","sources":["../../../src/utils/createFindLoggedInUser.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAC;AA0B1D,MAAM,MAAM,gBAAgB,CAAC,CAAC,SAAS,IAAI,IAAI,CAC7C,WAAW,CAAC,EAAE,MAAM,EACpB,KAAK,CAAC,EAAE,MAAM,KACX,OAAO,CAAC,CAAC,IAAI,GAAG,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,IAAI,GAAG,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC;AAElE,eAAO,MAAM,sBAAsB,gEAItB,MAAM,0DAET,MAAM,wBAwBf,CAAC"}
@@ -26,7 +26,7 @@ function createAuthController({
26
26
  * The user must already be connected
27
27
  */
28
28
  async addScope(ctx) {
29
- if (!ctx.state.connected) {
29
+ if (!ctx.state.loggedInUser) {
30
30
  await ctx.redirectTo(homeRouterKey);
31
31
  return;
32
32
  }
@@ -41,12 +41,12 @@ function createAuthController({
41
41
  async response(ctx) {
42
42
  const strategy = ctx.namedParam('strategy');
43
43
  ctx.assert(strategy);
44
- const connectedUser = await authenticationService.accessResponse(ctx, strategy, ctx.state.connected, {
44
+ const loggedInUser = await authenticationService.accessResponse(ctx, strategy, !!ctx.state.loggedInUser, {
45
45
  afterLoginSuccess: authHooks.afterLoginSuccess,
46
46
  afterScopeUpdate: authHooks.afterScopeUpdate
47
47
  });
48
48
  const keyPath = usersManager.store.keyPath;
49
- await ctx.setConnected(connectedUser[keyPath], connectedUser);
49
+ await ctx.setLoggedIn(loggedInUser[keyPath], loggedInUser);
50
50
  await ctx.redirectTo(homeRouterKey);
51
51
  },
52
52
  async logout(ctx) {
@@ -198,7 +198,7 @@ class AuthenticationService extends EventEmitter {
198
198
  });
199
199
  return ctx.redirect(redirectUri);
200
200
  }
201
- async accessResponse(ctx, strategy, isConnected, hooks) {
201
+ async accessResponse(ctx, strategy, isLoggedIn, hooks) {
202
202
  if (ctx.query.error) {
203
203
  const error = new Error(ctx.query.error);
204
204
  error.status = 403;
@@ -220,7 +220,7 @@ class AuthenticationService extends EventEmitter {
220
220
  throw new Error('Unexpected cookie value');
221
221
  }
222
222
  if (!cookie.isLoginAccess) {
223
- if (!isConnected) {
223
+ if (!isLoggedIn) {
224
224
  throw new Error('You are not connected');
225
225
  }
226
226
  }
@@ -235,15 +235,15 @@ class AuthenticationService extends EventEmitter {
235
235
  }
236
236
  return user;
237
237
  }
238
- const connectedUser = ctx.state.user;
238
+ const loggedInUser = ctx.state.loggedInUser;
239
239
  const {
240
240
  account,
241
241
  user
242
- } = await this.userAccountsService.update(connectedUser, strategy, tokens, cookie.scope, cookie.scopeKey);
242
+ } = await this.userAccountsService.update(loggedInUser, strategy, tokens, cookie.scope, cookie.scopeKey);
243
243
  if (hooks.afterScopeUpdate) {
244
244
  await hooks.afterScopeUpdate(strategy, cookie.scopeKey, account, user);
245
245
  }
246
- return connectedUser;
246
+ return loggedInUser;
247
247
  }
248
248
  refreshAccountTokens(user, account) {
249
249
  if (account.tokenExpireDate && account.tokenExpireDate.getTime() > Date.now()) {
@@ -397,14 +397,19 @@ class UserAccountsService extends EventEmitter {
397
397
  }
398
398
  }
399
399
 
400
- const COOKIE_NAME = 'connectedUser';
400
+ const COOKIE_NAME_TOKEN = 'loggedInUserToken';
401
+ const COOKIE_NAME_STATE = 'loggedInUserState';
401
402
  const getTokenFromRequest = (req, options) => {
403
+ if (req.headers.authorization?.startsWith('Bearer ')) {
404
+ return req.headers.authorization.slice(7);
405
+ }
406
+
402
407
  // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
403
408
  const cookies = new Cookies(req, null, {
404
409
  ...options,
405
410
  secure: true
406
411
  });
407
- return cookies.get(COOKIE_NAME);
412
+ return cookies.get(COOKIE_NAME_TOKEN);
408
413
  };
409
414
 
410
415
  const verifyPromisified = promisify(jsonwebtoken.verify);
@@ -413,23 +418,24 @@ const createDecodeJWT = secretKey => async (token, jwtAudience) => {
413
418
  algorithms: ['HS512'],
414
419
  audience: jwtAudience
415
420
  });
416
- return result?.connected;
421
+ return result?.loggedInUserId;
417
422
  };
418
- const createFindConnectedAndUser = (secretKey, usersManager, logger) => {
423
+ const createFindLoggedInUser = (secretKey, usersManager, logger) => {
419
424
  const decodeJwt = createDecodeJWT(secretKey);
420
425
  return async (jwtAudience, token) => {
421
426
  if (!token || !jwtAudience) return [null, null];
422
- let connected;
427
+ let loggedInUserId;
423
428
  try {
424
- connected = await decodeJwt(token, jwtAudience);
429
+ loggedInUserId = await decodeJwt(token, jwtAudience);
425
430
  } catch (err) {
426
431
  logger.debug('failed to verify authentification', {
427
432
  err
428
433
  });
429
434
  }
430
- if (connected == null) return [null, null];
431
- const user = await usersManager.findConnected(connected);
432
- return [connected, user];
435
+ if (loggedInUserId == null) return [null, null];
436
+ const loggedInUser = await usersManager.findById(loggedInUserId);
437
+ if (!loggedInUser) return [null, null];
438
+ return [loggedInUserId, loggedInUser];
433
439
  };
434
440
  };
435
441
 
@@ -437,9 +443,14 @@ class MongoUsersManager {
437
443
  constructor(store) {
438
444
  this.store = store;
439
445
  }
446
+
447
+ /** @deprecated use findById instead */
440
448
  findConnected(connected) {
441
449
  return this.store.findByKey(connected);
442
450
  }
451
+ findById(userId) {
452
+ return this.store.findByKey(userId);
453
+ }
443
454
  insertOne(user) {
444
455
  return this.store.insertOne(user);
445
456
  }
@@ -586,8 +597,8 @@ class UserAccountSlackService {
586
597
  }
587
598
 
588
599
  const logger$2 = new Logger('alp:auth');
589
- const authSocketIO = (app, usersManager, io) => {
590
- const findConnectedAndUser = createFindConnectedAndUser(app.config.get('authentication').get('secretKey'), usersManager, logger$2);
600
+ const authSocketIO = (app, usersManager, io, jwtAudience) => {
601
+ const findLoggedInUser = createFindLoggedInUser(app.config.get('authentication').get('secretKey'), usersManager, logger$2);
591
602
  const users = new Map();
592
603
  io.users = users;
593
604
  io.use(async (socket, next) => {
@@ -595,12 +606,12 @@ const authSocketIO = (app, usersManager, io) => {
595
606
  // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
596
607
  const token = getTokenFromRequest(handshakeData);
597
608
  if (!token) return next();
598
- const [connected, user] = await findConnectedAndUser(
609
+ const [loggedInUserId, loggedInUser] = await findLoggedInUser(
599
610
  // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
600
- handshakeData.headers['user-agent'], token);
601
- if (!connected || !user) return next();
602
- socket.user = user;
603
- users.set(socket.client.id, user);
611
+ jwtAudience || handshakeData.headers['user-agent'], token);
612
+ if (!loggedInUserId || !loggedInUser) return next();
613
+ socket.user = loggedInUser;
614
+ users.set(socket.client.id, loggedInUser);
604
615
  socket.on('disconnected', () => users.delete(socket.client.id));
605
616
  await next();
606
617
  });
@@ -608,7 +619,7 @@ const authSocketIO = (app, usersManager, io) => {
608
619
 
609
620
  const logger$1 = new Logger('alp:auth');
610
621
  const getTokenFromReq = req => {
611
- if (req.cookies) return req.cookies[COOKIE_NAME];
622
+ if (req.cookies) return req.cookies[COOKIE_NAME_TOKEN];
612
623
  return getTokenFromRequest(req);
613
624
  };
614
625
 
@@ -617,14 +628,14 @@ const getTokenFromReq = req => {
617
628
  * @internal
618
629
  */
619
630
  const createAuthApolloContext = (config, usersManager) => {
620
- const findConnectedAndUser = createFindConnectedAndUser(config.get('authentication').get('secretKey'), usersManager, logger$1);
631
+ const findLoggedInUser = createFindLoggedInUser(config.get('authentication').get('secretKey'), usersManager, logger$1);
621
632
  return async ({
622
633
  req,
623
634
  connection
624
635
  }) => {
625
- if (connection?.user) {
636
+ if (connection?.loggedInUser) {
626
637
  return {
627
- user: connection.user
638
+ user: connection.loggedInUser
628
639
  };
629
640
  }
630
641
  if (!req) return null;
@@ -634,15 +645,16 @@ const createAuthApolloContext = (config, usersManager) => {
634
645
  if (!token) return {
635
646
  user: undefined
636
647
  };
637
- const [, user] = await findConnectedAndUser(
648
+ const [, loggedInUser] = await findLoggedInUser(
638
649
  // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
639
650
  req.headers['user-agent'], token);
640
651
  return {
641
- user
652
+ user: loggedInUser
642
653
  };
643
654
  };
644
655
  };
645
656
 
657
+ /* eslint-disable max-lines */
646
658
  const logger = new Logger('alp:auth');
647
659
  const signPromisified = promisify(jsonwebtoken.sign);
648
660
  function init({
@@ -665,69 +677,87 @@ function init({
665
677
  defaultStrategy,
666
678
  authHooks
667
679
  });
668
- app.context.setConnected = async function (connected, user) {
669
- logger.debug('setConnected', {
670
- connected
680
+ app.context.setLoggedIn = async function (loggedInUserId, loggedInUser) {
681
+ logger.debug('setLoggedIn', {
682
+ loggedInUser
671
683
  });
672
- if (!connected) {
673
- throw new Error('Illegal value for setConnected');
684
+ if (!loggedInUserId) {
685
+ throw new Error('Illegal value for setLoggedIn');
674
686
  }
675
- this.state.connected = connected;
676
- this.state.user = user;
687
+ this.state.loggedInUserId = loggedInUserId;
688
+ this.state.loggedInUser = loggedInUser;
677
689
  const token = await signPromisified({
678
- connected,
690
+ loggedInUserId,
679
691
  time: Date.now()
680
692
  }, this.config.get('authentication').get('secretKey'), {
681
693
  algorithm: 'HS512',
682
694
  audience: jwtAudience || this.request.headers['user-agent'],
683
695
  expiresIn: '30 days'
684
696
  });
685
-
686
697
  // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
687
- this.cookies.set(COOKIE_NAME, token, {
698
+ this.cookies.set(COOKIE_NAME_TOKEN, token, {
688
699
  httpOnly: true,
689
700
  secure: this.config.get('allowHttps')
690
701
  });
702
+ this.cookies.set(COOKIE_NAME_STATE, JSON.stringify({
703
+ loggedInUserId,
704
+ expiresIn: (() => {
705
+ const date = new Date();
706
+ date.setDate(date.getDate() + 30);
707
+ return date.getTime();
708
+ })()
709
+ }), {
710
+ httpOnly: false,
711
+ secure: this.config.get('allowHttps')
712
+ });
691
713
  };
692
714
  app.context.logout = function () {
693
- delete this.state.connected;
694
- delete this.state.user;
695
- this.cookies.set(COOKIE_NAME, '', {
715
+ delete this.state.loggedInUserId;
716
+ delete this.state.loggedInUser;
717
+ this.cookies.set(COOKIE_NAME_TOKEN, '', {
718
+ expires: new Date(1)
719
+ });
720
+ this.cookies.set(COOKIE_NAME_STATE, '', {
696
721
  expires: new Date(1)
697
722
  });
698
723
  };
699
- const getConnectedAndUser = createFindConnectedAndUser(app.config.get('authentication').get('secretKey'), usersManager, logger);
724
+ const findLoggedInUser = createFindLoggedInUser(app.config.get('authentication').get('secretKey'), usersManager, logger);
700
725
  return {
701
726
  routes: createRoutes(controller),
702
- getConnectedAndUserFromRequest: req => {
727
+ findLoggedInUserFromRequest: req => {
703
728
  const token = getTokenFromRequest(req);
704
- return getConnectedAndUser(jwtAudience || req.headers['user-agent'], token);
729
+ return findLoggedInUser(jwtAudience || req.headers['user-agent'], token);
705
730
  },
706
- getConnectedAndUser,
731
+ findLoggedInUser,
707
732
  middleware: async (ctx, next) => {
708
- const token = ctx.cookies.get(COOKIE_NAME);
733
+ const token = ctx.cookies.get(COOKIE_NAME_TOKEN);
709
734
  const userAgent = ctx.request.headers['user-agent'];
710
735
  logger.debug('middleware', {
711
736
  token
712
737
  });
713
- const setState = (connected, user) => {
714
- ctx.state.connected = connected;
715
- ctx.state.user = user;
716
- ctx.sanitizedState.connected = connected;
717
- ctx.sanitizedState.user = user && usersManager.sanitize(user);
738
+ const setState = (loggedInUserId, loggedInUser) => {
739
+ ctx.state.loggedInUserId = loggedInUserId;
740
+ ctx.state.user = loggedInUser;
741
+ ctx.sanitizedState.loggedInUserId = loggedInUserId;
742
+ ctx.sanitizedState.loggedInUser = loggedInUser && usersManager.sanitize(loggedInUser);
718
743
  };
719
- const [connected, user] = await getConnectedAndUser(jwtAudience || userAgent, token);
744
+ const [loggedInUserId, loggedInUser] = await findLoggedInUser(jwtAudience || userAgent, token);
720
745
  logger.debug('middleware', {
721
- connected
746
+ loggedInUserId
722
747
  });
723
- if (connected == null || user == null) {
724
- if (token) ctx.cookies.set(COOKIE_NAME, '', {
725
- expires: new Date(1)
726
- });
748
+ if (loggedInUserId == null || loggedInUser == null) {
749
+ if (token) {
750
+ ctx.cookies.set(COOKIE_NAME_TOKEN, '', {
751
+ expires: new Date(1)
752
+ });
753
+ ctx.cookies.set(COOKIE_NAME_STATE, '', {
754
+ expires: new Date(1)
755
+ });
756
+ }
727
757
  setState(null, null);
728
758
  return next();
729
759
  }
730
- setState(connected, user);
760
+ setState(loggedInUserId, loggedInUser);
731
761
  return next();
732
762
  }
733
763
  };