alp-node-auth 7.2.2 → 8.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/README.md +1 -1
- package/dist/definitions/MongoUsersManager.d.ts +2 -0
- package/dist/definitions/MongoUsersManager.d.ts.map +1 -1
- package/dist/definitions/authSocketIO.d.ts +1 -1
- package/dist/definitions/authSocketIO.d.ts.map +1 -1
- package/dist/definitions/index.d.ts +7 -7
- package/dist/definitions/index.d.ts.map +1 -1
- package/dist/definitions/services/authentification/AuthenticationService.d.ts +2 -2
- package/dist/definitions/services/authentification/AuthenticationService.d.ts.map +1 -1
- package/dist/definitions/utils/cookies.d.ts +2 -1
- package/dist/definitions/utils/cookies.d.ts.map +1 -1
- package/dist/definitions/utils/createFindLoggedInUser.d.ts +6 -0
- package/dist/definitions/utils/createFindLoggedInUser.d.ts.map +1 -0
- package/dist/index-node16.mjs +90 -60
- package/dist/index-node16.mjs.map +1 -1
- package/package.json +6 -6
- package/src/MongoUsersManager.ts +5 -0
- package/src/authApolloContext.ts +8 -8
- package/src/authSocketIO.ts +8 -7
- package/src/createAuthController.ts +4 -4
- package/src/index.ts +68 -42
- package/src/services/authentification/AuthenticationService.ts +7 -7
- package/src/utils/cookies.ts +7 -2
- package/src/utils/{createFindConnectedAndUser.ts → createFindLoggedInUser.ts} +14 -15
- package/dist/definitions/utils/createFindConnectedAndUser.d.ts +0 -6
- package/dist/definitions/utils/createFindConnectedAndUser.d.ts.map +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,20 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
|
5
5
|
|
|
6
|
+
## [8.0.0](https://github.com/christophehurpeau/alp/compare/alp-node-auth@7.2.2...alp-node-auth@8.0.0) (2023-03-19)
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
### ⚠ BREAKING CHANGES
|
|
10
|
+
|
|
11
|
+
* changed api for alp-node-auth
|
|
12
|
+
|
|
13
|
+
### Features
|
|
14
|
+
|
|
15
|
+
* auth browser-readable cookie ([7ce6b13](https://github.com/christophehurpeau/alp/commit/7ce6b13752ffd3b6238e6c9fe04fe907e208b7d5))
|
|
16
|
+
* update dev dependencies ([9d7e24f](https://github.com/christophehurpeau/alp/commit/9d7e24f8e504d47feae64ca618dc2b3a69babc38))
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
|
|
6
20
|
## [7.2.2](https://github.com/christophehurpeau/alp/compare/alp-node-auth@7.2.1...alp-node-auth@7.2.2) (2023-02-18)
|
|
7
21
|
|
|
8
22
|
|
package/README.md
CHANGED
|
@@ -23,7 +23,7 @@ npm install --save alp-node-auth
|
|
|
23
23
|
|
|
24
24
|
- Provides route and controller to login user
|
|
25
25
|
- Provides extandable services and managers
|
|
26
|
-
- Provides authentication middleware: `context.state.
|
|
26
|
+
- Provides authentication middleware: `context.state.loggedInUserId` and `context.state.loggedInUser`
|
|
27
27
|
|
|
28
28
|
## How to use
|
|
29
29
|
|
|
@@ -3,7 +3,9 @@ import type { User, Account, UserSanitized } from '../types.d';
|
|
|
3
3
|
export default class MongoUsersManager<U extends User = User, USanitized extends UserSanitized = UserSanitized> {
|
|
4
4
|
store: MongoStore<U>;
|
|
5
5
|
constructor(store: MongoStore<U>);
|
|
6
|
+
/** @deprecated use findById instead */
|
|
6
7
|
findConnected(connected: string): Promise<U | undefined>;
|
|
8
|
+
findById(userId: string): Promise<U | undefined>;
|
|
7
9
|
insertOne(user: MongoInsertType<U>): Promise<any>;
|
|
8
10
|
replaceOne(user: U): Promise<any>;
|
|
9
11
|
sanitize(user: U): USanitized;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MongoUsersManager.d.ts","sourceRoot":"","sources":["../../src/MongoUsersManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,UAAU,EAAU,MAAM,YAAY,CAAC;AACtE,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE/D,MAAM,CAAC,OAAO,OAAO,iBAAiB,CACpC,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa;IAEhD,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;gBAET,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;IAIhC,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAIxD,SAAS,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IAIjD,UAAU,CAAC,IAAI,EAAE,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IAIjC,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,UAAU;IAI7B,wBAAwB,CAAC,EACvB,SAAS,EACT,MAAM,EACN,QAAQ,GACT,EAAE;QACD,SAAS,EAAE,MAAM,GAAG,MAAM,CAAC;QAC3B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAqB1B,aAAa,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC;IAapD,gBAAgB,CAAC,IAAI,EAAE,CAAC,GAAG,aAAa;CAmBzC"}
|
|
1
|
+
{"version":3,"file":"MongoUsersManager.d.ts","sourceRoot":"","sources":["../../src/MongoUsersManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,UAAU,EAAU,MAAM,YAAY,CAAC;AACtE,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE/D,MAAM,CAAC,OAAO,OAAO,iBAAiB,CACpC,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa;IAEhD,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;gBAET,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;IAIhC,uCAAuC;IACvC,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAIxD,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAIhD,SAAS,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IAIjD,UAAU,CAAC,IAAI,EAAE,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC;IAIjC,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,UAAU;IAI7B,wBAAwB,CAAC,EACvB,SAAS,EACT,MAAM,EACN,QAAQ,GACT,EAAE;QACD,SAAS,EAAE,MAAM,GAAG,MAAM,CAAC;QAC3B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAqB1B,aAAa,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC;IAapD,gBAAgB,CAAC,IAAI,EAAE,CAAC,GAAG,aAAa;CAmBzC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { NodeApplication } from 'alp-types';
|
|
2
2
|
import type { User } from '../types.d';
|
|
3
3
|
import type MongoUsersManager from './MongoUsersManager';
|
|
4
|
-
export declare const authSocketIO: <U extends User = User>(app: NodeApplication, usersManager: MongoUsersManager<U, import("../types.d").UserSanitized>, io: any) => void;
|
|
4
|
+
export declare const authSocketIO: <U extends User = User>(app: NodeApplication, usersManager: MongoUsersManager<U, import("../types.d").UserSanitized>, io: any, jwtAudience?: string) => void;
|
|
5
5
|
//# sourceMappingURL=authSocketIO.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authSocketIO.d.ts","sourceRoot":"","sources":["../../src/authSocketIO.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAEjD,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,KAAK,iBAAiB,MAAM,qBAAqB,CAAC;AAMzD,eAAO,MAAM,YAAY,+BAClB,eAAe,8EAGhB,GAAG,
|
|
1
|
+
{"version":3,"file":"authSocketIO.d.ts","sourceRoot":"","sources":["../../src/authSocketIO.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAEjD,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,KAAK,iBAAiB,MAAM,qBAAqB,CAAC;AAMzD,eAAO,MAAM,YAAY,+BAClB,eAAe,8EAGhB,GAAG,gBACO,MAAM,KACnB,IAgCF,CAAC"}
|
|
@@ -16,15 +16,15 @@ export { createAuthApolloContext } from './authApolloContext';
|
|
|
16
16
|
export { STATUSES } from './services/user/UserAccountsService';
|
|
17
17
|
declare module 'alp-types' {
|
|
18
18
|
interface ContextState {
|
|
19
|
-
|
|
20
|
-
|
|
19
|
+
loggedInUserId: NonNullable<ContextState['loggedInUser']>['_id'] | null | undefined;
|
|
20
|
+
loggedInUser: User | null | undefined;
|
|
21
21
|
}
|
|
22
22
|
interface ContextSanitizedState {
|
|
23
|
-
|
|
24
|
-
|
|
23
|
+
loggedInUserId: NonNullable<ContextSanitizedState['loggedInUser']>['_id'] | null | undefined;
|
|
24
|
+
loggedInUser: UserSanitized | null | undefined;
|
|
25
25
|
}
|
|
26
26
|
interface BaseContext {
|
|
27
|
-
|
|
27
|
+
setLoggedIn: (loggedInUserId: NonNullable<ContextState['loggedInUserId']>, loggedInUser: NonNullable<ContextState['loggedInUser']>) => Promise<void>;
|
|
28
28
|
logout: () => void;
|
|
29
29
|
}
|
|
30
30
|
}
|
|
@@ -41,8 +41,8 @@ export default function init<StrategyKeys extends AllowedStrategyKeys = 'google'
|
|
|
41
41
|
jwtAudience?: string;
|
|
42
42
|
}): (app: NodeApplication) => {
|
|
43
43
|
routes: AuthRoutesType;
|
|
44
|
-
|
|
45
|
-
|
|
44
|
+
findLoggedInUserFromRequest: (req: IncomingMessage) => Promise<[U["_id"] | null | undefined, U | null | undefined]>;
|
|
45
|
+
findLoggedInUser: import("./utils/createFindLoggedInUser").FindLoggedInUser<U>;
|
|
46
46
|
middleware: <T>(ctx: Context, next: () => T | Promise<T>) => Promise<T>;
|
|
47
47
|
};
|
|
48
48
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAE5C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,KAAK,EAAgB,eAAe,EAAE,MAAM,WAAW,CAAC;AAG/D,OAAO,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AACtD,OAAO,KAAK,iBAAiB,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,EACV,cAAc,IAAI,kBAAkB,EACpC,SAAS,EACV,MAAM,wBAAwB,CAAC;AAEhC,OAAO,KAAK,EAAE,UAAU,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAEnE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mDAAmD,CAAC;AAEpF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAC;AAE7E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAQ5D,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,EAAE,OAAO,IAAI,wBAAwB,EAAE,MAAM,0CAA0C,CAAC;AAC/F,OAAO,EAAE,OAAO,IAAI,uBAAuB,EAAE,MAAM,yCAAyC,CAAC;AAC7F,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAC9D,OAAO,EAAE,QAAQ,EAAE,MAAM,qCAAqC,CAAC;AAE/D,OAAO,QAAQ,WAAW,CAAC;IAEzB,UAAU,YAAY;QACpB,cAAc,EACV,WAAW,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,GAChD,IAAI,GACJ,SAAS,CAAC;QACd,YAAY,EAAE,IAAI,GAAG,IAAI,GAAG,SAAS,CAAC;KACvC;IAED,UAAU,qBAAqB;QAC7B,cAAc,EACV,WAAW,CAAC,qBAAqB,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,GACzD,IAAI,GACJ,SAAS,CAAC;QACd,YAAY,EAAE,aAAa,GAAG,IAAI,GAAG,SAAS,CAAC;KAChD;IAED,UAAU,WAAW;QACnB,WAAW,EAAE,CACX,cAAc,EAAE,WAAW,CAAC,YAAY,CAAC,gBAAgB,CAAC,CAAC,EAC3D,YAAY,EAAE,WAAW,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC,KACpD,OAAO,CAAC,IAAI,CAAC,CAAC;QACnB,MAAM,EAAE,MAAM,IAAI,CAAC;KACpB;CACF;AAMD,MAAM,MAAM,cAAc,GAAG,kBAAkB,CAAC;AAChD,MAAM,MAAM,UAAU,GAAG,cAAc,CAAC;AACxC,OAAO,EAAE,qBAAqB,EAAE,MAAM,mDAAmD,CAAC;AAE1F,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,YAAY,SAAS,mBAAmB,GAAG,QAAQ,EACnD,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa,EAChD,EACA,aAAa,EACb,YAAY,EACZ,UAAU,EACV,eAAe,EACf,iBAAiB,EACjB,SAAS,EACT,WAAW,GACZ,EAAE;IACD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,iBAAiB,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IAC/C,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;IACrC,eAAe,CAAC,EAAE,YAAY,CAAC;IAC/B,iBAAiB,EAAE,MAAM,CAAC,YAAY,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7D,SAAS,CAAC,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC;IACpC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,SAEc,eAAe;;uCAqFjB,eAAe;;yBAUf,OAAO;EAsCnB"}
|
|
@@ -28,7 +28,7 @@ export interface Oauth2Strategy<Params extends string> extends Strategy {
|
|
|
28
28
|
}
|
|
29
29
|
export type Strategies<StrategyKeys extends AllowedStrategyKeys> = Record<StrategyKeys, Oauth2Strategy<any>>;
|
|
30
30
|
export interface AccessResponseHooks<StrategyKeys, U extends User = User> {
|
|
31
|
-
afterLoginSuccess?: <StrategyKey extends StrategyKeys>(strategy: StrategyKey,
|
|
31
|
+
afterLoginSuccess?: <StrategyKey extends StrategyKeys>(strategy: StrategyKey, loggedInUser: U) => void | Promise<void>;
|
|
32
32
|
afterScopeUpdate?: <StrategyKey extends StrategyKeys>(strategy: StrategyKey, scopeKey: string, account: Account, user: U) => void | Promise<void>;
|
|
33
33
|
}
|
|
34
34
|
export declare class AuthenticationService<StrategyKeys extends AllowedStrategyKeys, U extends User = User, USanitized extends UserSanitized = UserSanitized> extends EventEmitter {
|
|
@@ -48,7 +48,7 @@ export declare class AuthenticationService<StrategyKeys extends AllowedStrategyK
|
|
|
48
48
|
user?: U;
|
|
49
49
|
accountId?: AccountId;
|
|
50
50
|
}, params?: any): Promise<void>;
|
|
51
|
-
accessResponse<StrategyKey extends StrategyKeys>(ctx:
|
|
51
|
+
accessResponse<StrategyKey extends StrategyKeys>(ctx: Context, strategy: StrategyKey, isLoggedIn: boolean, hooks: AccessResponseHooks<StrategyKeys, U>): Promise<U>;
|
|
52
52
|
refreshAccountTokens(user: U, account: Account): Promise<boolean>;
|
|
53
53
|
}
|
|
54
54
|
//# sourceMappingURL=AuthenticationService.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../../../src/services/authentification/AuthenticationService.ts"],"names":[],"mappings":";AAIA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAErD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEhF,OAAO,KAAK,mBAAmB,MAAM,6BAA6B,CAAC;AACnE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAI3D,MAAM,WAAW,sBAAsB;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc,CAAC,MAAM,SAAS,MAAM,CAAE,SAAQ,QAAQ;IACrE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CAC7B;AAED,MAAM,MAAM,UAAU,CAAC,YAAY,SAAS,mBAAmB,IAAI,MAAM,CACvE,YAAY,EACZ,cAAc,CAAC,GAAG,CAAC,CACpB,CAAC;AAEF,MAAM,WAAW,mBAAmB,CAAC,YAAY,EAAE,CAAC,SAAS,IAAI,GAAG,IAAI;IACtE,iBAAiB,CAAC,EAAE,CAAC,WAAW,SAAS,YAAY,EACnD,QAAQ,EAAE,WAAW,EACrB,
|
|
1
|
+
{"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../../../src/services/authentification/AuthenticationService.ts"],"names":[],"mappings":";AAIA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAErD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEhF,OAAO,KAAK,mBAAmB,MAAM,6BAA6B,CAAC;AACnE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAI3D,MAAM,WAAW,sBAAsB;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc,CAAC,MAAM,SAAS,MAAM,CAAE,SAAQ,QAAQ;IACrE,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CAC7B;AAED,MAAM,MAAM,UAAU,CAAC,YAAY,SAAS,mBAAmB,IAAI,MAAM,CACvE,YAAY,EACZ,cAAc,CAAC,GAAG,CAAC,CACpB,CAAC;AAEF,MAAM,WAAW,mBAAmB,CAAC,YAAY,EAAE,CAAC,SAAS,IAAI,GAAG,IAAI;IACtE,iBAAiB,CAAC,EAAE,CAAC,WAAW,SAAS,YAAY,EACnD,QAAQ,EAAE,WAAW,EACrB,YAAY,EAAE,CAAC,KACZ,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE1B,gBAAgB,CAAC,EAAE,CAAC,WAAW,SAAS,YAAY,EAClD,QAAQ,EAAE,WAAW,EACrB,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,CAAC,KACJ,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3B;AAED,qBAAa,qBAAqB,CAChC,YAAY,SAAS,mBAAmB,EACxC,CAAC,SAAS,IAAI,GAAG,IAAI,EACrB,UAAU,SAAS,aAAa,GAAG,aAAa,CAChD,SAAQ,YAAY;IACpB,MAAM,EAAE,UAAU,CAAC;IAEnB,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;IAErC,mBAAmB,EAAE,mBAAmB,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC;gBAGpE,MAAM,EAAE,UAAU,EAClB,UAAU,EAAE,UAAU,CAAC,YAAY,CAAC,EACpC,mBAAmB,EAAE,mBAAmB,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,CAAC;IAQvE,eAAe,CAAC,CAAC,SAAS,YAAY,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,GAAG,MAAM;IAWnE,SAAS,CACb,QAAQ,EAAE,YAAY,EACtB,OAAO,EAAE,gBAAgB,GACxB,OAAO,CAAC,MAAM,CAAC;IAgCZ,YAAY,CAChB,QAAQ,EAAE,YAAY,EACtB,WAAW,EAAE;QAAE,YAAY,EAAE,MAAM,CAAA;KAAE,GACpC,OAAO,CAAC,MAAM,CAAC;IA+BlB,WAAW,CAAC,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM;IAS7C,eAAe,CACnB,GAAG,EAAE,OAAO,EACZ,QAAQ,EAAE,YAAY,EACtB,EACE,YAAY,EACZ,QAAQ,EACR,IAAI,EACJ,SAAS,GACV,EAAE;QACD,YAAY,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;QAClC,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,EAAE,CAAC,CAAC;QACT,SAAS,CAAC,EAAE,SAAS,CAAC;KACvB,EACD,MAAM,CAAC,EAAE,GAAG,GACX,OAAO,CAAC,IAAI,CAAC;IAuCV,cAAc,CAAC,WAAW,SAAS,YAAY,EACnD,GAAG,EAAE,OAAO,EACZ,QAAQ,EAAE,WAAW,EACrB,UAAU,EAAE,OAAO,EACnB,KAAK,EAAE,mBAAmB,CAAC,YAAY,EAAE,CAAC,CAAC,GAC1C,OAAO,CAAC,CAAC,CAAC;IAgEb,oBAAoB,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;CAsBlE"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import type { IncomingMessage } from 'http';
|
|
2
2
|
import type { Option } from 'cookies';
|
|
3
|
-
export declare const
|
|
3
|
+
export declare const COOKIE_NAME_TOKEN = "loggedInUserToken";
|
|
4
|
+
export declare const COOKIE_NAME_STATE = "loggedInUserState";
|
|
4
5
|
export declare const getTokenFromRequest: (req: IncomingMessage, options?: Pick<Option, Exclude<keyof Option, 'secure'>>) => string | undefined;
|
|
5
6
|
//# sourceMappingURL=cookies.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/utils/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAC5C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGtC,eAAO,MAAM,
|
|
1
|
+
{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../../src/utils/cookies.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAC5C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGtC,eAAO,MAAM,iBAAiB,sBAAsB,CAAC;AACrD,eAAO,MAAM,iBAAiB,sBAAsB,CAAC;AAErD,eAAO,MAAM,mBAAmB,QACzB,eAAe,YACV,KAAK,MAAM,EAAE,QAAQ,MAAM,MAAM,EAAE,QAAQ,CAAC,CAAC,KACtD,MAAM,GAAG,SAYX,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import type { Logger } from 'nightingale-logger';
|
|
2
|
+
import type { User, UserSanitized } from '../../types';
|
|
3
|
+
import type MongoUsersManager from '../MongoUsersManager';
|
|
4
|
+
export type FindLoggedInUser<U extends User> = (jwtAudience?: string, token?: string) => Promise<[null | undefined | U['_id'], null | undefined | U]>;
|
|
5
|
+
export declare const createFindLoggedInUser: <U extends User, USanitized extends UserSanitized>(secretKey: string, usersManager: MongoUsersManager<U, USanitized>, logger: Logger) => FindLoggedInUser<U>;
|
|
6
|
+
//# sourceMappingURL=createFindLoggedInUser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"createFindLoggedInUser.d.ts","sourceRoot":"","sources":["../../../src/utils/createFindLoggedInUser.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAC;AA0B1D,MAAM,MAAM,gBAAgB,CAAC,CAAC,SAAS,IAAI,IAAI,CAC7C,WAAW,CAAC,EAAE,MAAM,EACpB,KAAK,CAAC,EAAE,MAAM,KACX,OAAO,CAAC,CAAC,IAAI,GAAG,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,EAAE,IAAI,GAAG,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC;AAElE,eAAO,MAAM,sBAAsB,gEAItB,MAAM,0DAET,MAAM,wBAwBf,CAAC"}
|
package/dist/index-node16.mjs
CHANGED
|
@@ -26,7 +26,7 @@ function createAuthController({
|
|
|
26
26
|
* The user must already be connected
|
|
27
27
|
*/
|
|
28
28
|
async addScope(ctx) {
|
|
29
|
-
if (!ctx.state.
|
|
29
|
+
if (!ctx.state.loggedInUser) {
|
|
30
30
|
await ctx.redirectTo(homeRouterKey);
|
|
31
31
|
return;
|
|
32
32
|
}
|
|
@@ -41,12 +41,12 @@ function createAuthController({
|
|
|
41
41
|
async response(ctx) {
|
|
42
42
|
const strategy = ctx.namedParam('strategy');
|
|
43
43
|
ctx.assert(strategy);
|
|
44
|
-
const
|
|
44
|
+
const loggedInUser = await authenticationService.accessResponse(ctx, strategy, !!ctx.state.loggedInUser, {
|
|
45
45
|
afterLoginSuccess: authHooks.afterLoginSuccess,
|
|
46
46
|
afterScopeUpdate: authHooks.afterScopeUpdate
|
|
47
47
|
});
|
|
48
48
|
const keyPath = usersManager.store.keyPath;
|
|
49
|
-
await ctx.
|
|
49
|
+
await ctx.setLoggedIn(loggedInUser[keyPath], loggedInUser);
|
|
50
50
|
await ctx.redirectTo(homeRouterKey);
|
|
51
51
|
},
|
|
52
52
|
async logout(ctx) {
|
|
@@ -198,7 +198,7 @@ class AuthenticationService extends EventEmitter {
|
|
|
198
198
|
});
|
|
199
199
|
return ctx.redirect(redirectUri);
|
|
200
200
|
}
|
|
201
|
-
async accessResponse(ctx, strategy,
|
|
201
|
+
async accessResponse(ctx, strategy, isLoggedIn, hooks) {
|
|
202
202
|
if (ctx.query.error) {
|
|
203
203
|
const error = new Error(ctx.query.error);
|
|
204
204
|
error.status = 403;
|
|
@@ -220,7 +220,7 @@ class AuthenticationService extends EventEmitter {
|
|
|
220
220
|
throw new Error('Unexpected cookie value');
|
|
221
221
|
}
|
|
222
222
|
if (!cookie.isLoginAccess) {
|
|
223
|
-
if (!
|
|
223
|
+
if (!isLoggedIn) {
|
|
224
224
|
throw new Error('You are not connected');
|
|
225
225
|
}
|
|
226
226
|
}
|
|
@@ -235,15 +235,15 @@ class AuthenticationService extends EventEmitter {
|
|
|
235
235
|
}
|
|
236
236
|
return user;
|
|
237
237
|
}
|
|
238
|
-
const
|
|
238
|
+
const loggedInUser = ctx.state.loggedInUser;
|
|
239
239
|
const {
|
|
240
240
|
account,
|
|
241
241
|
user
|
|
242
|
-
} = await this.userAccountsService.update(
|
|
242
|
+
} = await this.userAccountsService.update(loggedInUser, strategy, tokens, cookie.scope, cookie.scopeKey);
|
|
243
243
|
if (hooks.afterScopeUpdate) {
|
|
244
244
|
await hooks.afterScopeUpdate(strategy, cookie.scopeKey, account, user);
|
|
245
245
|
}
|
|
246
|
-
return
|
|
246
|
+
return loggedInUser;
|
|
247
247
|
}
|
|
248
248
|
refreshAccountTokens(user, account) {
|
|
249
249
|
if (account.tokenExpireDate && account.tokenExpireDate.getTime() > Date.now()) {
|
|
@@ -397,14 +397,19 @@ class UserAccountsService extends EventEmitter {
|
|
|
397
397
|
}
|
|
398
398
|
}
|
|
399
399
|
|
|
400
|
-
const
|
|
400
|
+
const COOKIE_NAME_TOKEN = 'loggedInUserToken';
|
|
401
|
+
const COOKIE_NAME_STATE = 'loggedInUserState';
|
|
401
402
|
const getTokenFromRequest = (req, options) => {
|
|
403
|
+
if (req.headers.authorization?.startsWith('Bearer ')) {
|
|
404
|
+
return req.headers.authorization.slice(7);
|
|
405
|
+
}
|
|
406
|
+
|
|
402
407
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-argument
|
|
403
408
|
const cookies = new Cookies(req, null, {
|
|
404
409
|
...options,
|
|
405
410
|
secure: true
|
|
406
411
|
});
|
|
407
|
-
return cookies.get(
|
|
412
|
+
return cookies.get(COOKIE_NAME_TOKEN);
|
|
408
413
|
};
|
|
409
414
|
|
|
410
415
|
const verifyPromisified = promisify(jsonwebtoken.verify);
|
|
@@ -413,23 +418,24 @@ const createDecodeJWT = secretKey => async (token, jwtAudience) => {
|
|
|
413
418
|
algorithms: ['HS512'],
|
|
414
419
|
audience: jwtAudience
|
|
415
420
|
});
|
|
416
|
-
return result?.
|
|
421
|
+
return result?.loggedInUserId;
|
|
417
422
|
};
|
|
418
|
-
const
|
|
423
|
+
const createFindLoggedInUser = (secretKey, usersManager, logger) => {
|
|
419
424
|
const decodeJwt = createDecodeJWT(secretKey);
|
|
420
425
|
return async (jwtAudience, token) => {
|
|
421
426
|
if (!token || !jwtAudience) return [null, null];
|
|
422
|
-
let
|
|
427
|
+
let loggedInUserId;
|
|
423
428
|
try {
|
|
424
|
-
|
|
429
|
+
loggedInUserId = await decodeJwt(token, jwtAudience);
|
|
425
430
|
} catch (err) {
|
|
426
431
|
logger.debug('failed to verify authentification', {
|
|
427
432
|
err
|
|
428
433
|
});
|
|
429
434
|
}
|
|
430
|
-
if (
|
|
431
|
-
const
|
|
432
|
-
return [
|
|
435
|
+
if (loggedInUserId == null) return [null, null];
|
|
436
|
+
const loggedInUser = await usersManager.findById(loggedInUserId);
|
|
437
|
+
if (!loggedInUser) return [null, null];
|
|
438
|
+
return [loggedInUserId, loggedInUser];
|
|
433
439
|
};
|
|
434
440
|
};
|
|
435
441
|
|
|
@@ -437,9 +443,14 @@ class MongoUsersManager {
|
|
|
437
443
|
constructor(store) {
|
|
438
444
|
this.store = store;
|
|
439
445
|
}
|
|
446
|
+
|
|
447
|
+
/** @deprecated use findById instead */
|
|
440
448
|
findConnected(connected) {
|
|
441
449
|
return this.store.findByKey(connected);
|
|
442
450
|
}
|
|
451
|
+
findById(userId) {
|
|
452
|
+
return this.store.findByKey(userId);
|
|
453
|
+
}
|
|
443
454
|
insertOne(user) {
|
|
444
455
|
return this.store.insertOne(user);
|
|
445
456
|
}
|
|
@@ -586,8 +597,8 @@ class UserAccountSlackService {
|
|
|
586
597
|
}
|
|
587
598
|
|
|
588
599
|
const logger$2 = new Logger('alp:auth');
|
|
589
|
-
const authSocketIO = (app, usersManager, io) => {
|
|
590
|
-
const
|
|
600
|
+
const authSocketIO = (app, usersManager, io, jwtAudience) => {
|
|
601
|
+
const findLoggedInUser = createFindLoggedInUser(app.config.get('authentication').get('secretKey'), usersManager, logger$2);
|
|
591
602
|
const users = new Map();
|
|
592
603
|
io.users = users;
|
|
593
604
|
io.use(async (socket, next) => {
|
|
@@ -595,12 +606,12 @@ const authSocketIO = (app, usersManager, io) => {
|
|
|
595
606
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-argument
|
|
596
607
|
const token = getTokenFromRequest(handshakeData);
|
|
597
608
|
if (!token) return next();
|
|
598
|
-
const [
|
|
609
|
+
const [loggedInUserId, loggedInUser] = await findLoggedInUser(
|
|
599
610
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-argument
|
|
600
|
-
handshakeData.headers['user-agent'], token);
|
|
601
|
-
if (!
|
|
602
|
-
socket.user =
|
|
603
|
-
users.set(socket.client.id,
|
|
611
|
+
jwtAudience || handshakeData.headers['user-agent'], token);
|
|
612
|
+
if (!loggedInUserId || !loggedInUser) return next();
|
|
613
|
+
socket.user = loggedInUser;
|
|
614
|
+
users.set(socket.client.id, loggedInUser);
|
|
604
615
|
socket.on('disconnected', () => users.delete(socket.client.id));
|
|
605
616
|
await next();
|
|
606
617
|
});
|
|
@@ -608,7 +619,7 @@ const authSocketIO = (app, usersManager, io) => {
|
|
|
608
619
|
|
|
609
620
|
const logger$1 = new Logger('alp:auth');
|
|
610
621
|
const getTokenFromReq = req => {
|
|
611
|
-
if (req.cookies) return req.cookies[
|
|
622
|
+
if (req.cookies) return req.cookies[COOKIE_NAME_TOKEN];
|
|
612
623
|
return getTokenFromRequest(req);
|
|
613
624
|
};
|
|
614
625
|
|
|
@@ -617,14 +628,14 @@ const getTokenFromReq = req => {
|
|
|
617
628
|
* @internal
|
|
618
629
|
*/
|
|
619
630
|
const createAuthApolloContext = (config, usersManager) => {
|
|
620
|
-
const
|
|
631
|
+
const findLoggedInUser = createFindLoggedInUser(config.get('authentication').get('secretKey'), usersManager, logger$1);
|
|
621
632
|
return async ({
|
|
622
633
|
req,
|
|
623
634
|
connection
|
|
624
635
|
}) => {
|
|
625
|
-
if (connection?.
|
|
636
|
+
if (connection?.loggedInUser) {
|
|
626
637
|
return {
|
|
627
|
-
user: connection.
|
|
638
|
+
user: connection.loggedInUser
|
|
628
639
|
};
|
|
629
640
|
}
|
|
630
641
|
if (!req) return null;
|
|
@@ -634,15 +645,16 @@ const createAuthApolloContext = (config, usersManager) => {
|
|
|
634
645
|
if (!token) return {
|
|
635
646
|
user: undefined
|
|
636
647
|
};
|
|
637
|
-
const [,
|
|
648
|
+
const [, loggedInUser] = await findLoggedInUser(
|
|
638
649
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-argument
|
|
639
650
|
req.headers['user-agent'], token);
|
|
640
651
|
return {
|
|
641
|
-
user
|
|
652
|
+
user: loggedInUser
|
|
642
653
|
};
|
|
643
654
|
};
|
|
644
655
|
};
|
|
645
656
|
|
|
657
|
+
/* eslint-disable max-lines */
|
|
646
658
|
const logger = new Logger('alp:auth');
|
|
647
659
|
const signPromisified = promisify(jsonwebtoken.sign);
|
|
648
660
|
function init({
|
|
@@ -665,69 +677,87 @@ function init({
|
|
|
665
677
|
defaultStrategy,
|
|
666
678
|
authHooks
|
|
667
679
|
});
|
|
668
|
-
app.context.
|
|
669
|
-
logger.debug('
|
|
670
|
-
|
|
680
|
+
app.context.setLoggedIn = async function (loggedInUserId, loggedInUser) {
|
|
681
|
+
logger.debug('setLoggedIn', {
|
|
682
|
+
loggedInUser
|
|
671
683
|
});
|
|
672
|
-
if (!
|
|
673
|
-
throw new Error('Illegal value for
|
|
684
|
+
if (!loggedInUserId) {
|
|
685
|
+
throw new Error('Illegal value for setLoggedIn');
|
|
674
686
|
}
|
|
675
|
-
this.state.
|
|
676
|
-
this.state.
|
|
687
|
+
this.state.loggedInUserId = loggedInUserId;
|
|
688
|
+
this.state.loggedInUser = loggedInUser;
|
|
677
689
|
const token = await signPromisified({
|
|
678
|
-
|
|
690
|
+
loggedInUserId,
|
|
679
691
|
time: Date.now()
|
|
680
692
|
}, this.config.get('authentication').get('secretKey'), {
|
|
681
693
|
algorithm: 'HS512',
|
|
682
694
|
audience: jwtAudience || this.request.headers['user-agent'],
|
|
683
695
|
expiresIn: '30 days'
|
|
684
696
|
});
|
|
685
|
-
|
|
686
697
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-argument
|
|
687
|
-
this.cookies.set(
|
|
698
|
+
this.cookies.set(COOKIE_NAME_TOKEN, token, {
|
|
688
699
|
httpOnly: true,
|
|
689
700
|
secure: this.config.get('allowHttps')
|
|
690
701
|
});
|
|
702
|
+
this.cookies.set(COOKIE_NAME_STATE, JSON.stringify({
|
|
703
|
+
loggedInUserId,
|
|
704
|
+
expiresIn: (() => {
|
|
705
|
+
const date = new Date();
|
|
706
|
+
date.setDate(date.getDate() + 30);
|
|
707
|
+
return date.getTime();
|
|
708
|
+
})()
|
|
709
|
+
}), {
|
|
710
|
+
httpOnly: false,
|
|
711
|
+
secure: this.config.get('allowHttps')
|
|
712
|
+
});
|
|
691
713
|
};
|
|
692
714
|
app.context.logout = function () {
|
|
693
|
-
delete this.state.
|
|
694
|
-
delete this.state.
|
|
695
|
-
this.cookies.set(
|
|
715
|
+
delete this.state.loggedInUserId;
|
|
716
|
+
delete this.state.loggedInUser;
|
|
717
|
+
this.cookies.set(COOKIE_NAME_TOKEN, '', {
|
|
718
|
+
expires: new Date(1)
|
|
719
|
+
});
|
|
720
|
+
this.cookies.set(COOKIE_NAME_STATE, '', {
|
|
696
721
|
expires: new Date(1)
|
|
697
722
|
});
|
|
698
723
|
};
|
|
699
|
-
const
|
|
724
|
+
const findLoggedInUser = createFindLoggedInUser(app.config.get('authentication').get('secretKey'), usersManager, logger);
|
|
700
725
|
return {
|
|
701
726
|
routes: createRoutes(controller),
|
|
702
|
-
|
|
727
|
+
findLoggedInUserFromRequest: req => {
|
|
703
728
|
const token = getTokenFromRequest(req);
|
|
704
|
-
return
|
|
729
|
+
return findLoggedInUser(jwtAudience || req.headers['user-agent'], token);
|
|
705
730
|
},
|
|
706
|
-
|
|
731
|
+
findLoggedInUser,
|
|
707
732
|
middleware: async (ctx, next) => {
|
|
708
|
-
const token = ctx.cookies.get(
|
|
733
|
+
const token = ctx.cookies.get(COOKIE_NAME_TOKEN);
|
|
709
734
|
const userAgent = ctx.request.headers['user-agent'];
|
|
710
735
|
logger.debug('middleware', {
|
|
711
736
|
token
|
|
712
737
|
});
|
|
713
|
-
const setState = (
|
|
714
|
-
ctx.state.
|
|
715
|
-
ctx.state.user =
|
|
716
|
-
ctx.sanitizedState.
|
|
717
|
-
ctx.sanitizedState.
|
|
738
|
+
const setState = (loggedInUserId, loggedInUser) => {
|
|
739
|
+
ctx.state.loggedInUserId = loggedInUserId;
|
|
740
|
+
ctx.state.user = loggedInUser;
|
|
741
|
+
ctx.sanitizedState.loggedInUserId = loggedInUserId;
|
|
742
|
+
ctx.sanitizedState.loggedInUser = loggedInUser && usersManager.sanitize(loggedInUser);
|
|
718
743
|
};
|
|
719
|
-
const [
|
|
744
|
+
const [loggedInUserId, loggedInUser] = await findLoggedInUser(jwtAudience || userAgent, token);
|
|
720
745
|
logger.debug('middleware', {
|
|
721
|
-
|
|
746
|
+
loggedInUserId
|
|
722
747
|
});
|
|
723
|
-
if (
|
|
724
|
-
if (token)
|
|
725
|
-
|
|
726
|
-
|
|
748
|
+
if (loggedInUserId == null || loggedInUser == null) {
|
|
749
|
+
if (token) {
|
|
750
|
+
ctx.cookies.set(COOKIE_NAME_TOKEN, '', {
|
|
751
|
+
expires: new Date(1)
|
|
752
|
+
});
|
|
753
|
+
ctx.cookies.set(COOKIE_NAME_STATE, '', {
|
|
754
|
+
expires: new Date(1)
|
|
755
|
+
});
|
|
756
|
+
}
|
|
727
757
|
setState(null, null);
|
|
728
758
|
return next();
|
|
729
759
|
}
|
|
730
|
-
setState(
|
|
760
|
+
setState(loggedInUserId, loggedInUser);
|
|
731
761
|
return next();
|
|
732
762
|
}
|
|
733
763
|
};
|