propro-utils 1.7.18 → 1.7.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
package/src/server/index.js
CHANGED
|
@@ -6,6 +6,7 @@ const {
|
|
|
6
6
|
const {
|
|
7
7
|
setAuthCookies,
|
|
8
8
|
clearAuthCookies,
|
|
9
|
+
prepAuthCookies,
|
|
9
10
|
} = require('./middleware/cookieUtils');
|
|
10
11
|
const { checkIfUserExists } = require('../../middlewares/account_info');
|
|
11
12
|
const authValidation = require('../../middlewares/access_token');
|
|
@@ -101,7 +102,27 @@ class AuthMiddleware {
|
|
|
101
102
|
res.status(response.status).json({ account, user, tokens });
|
|
102
103
|
} else {
|
|
103
104
|
const { tokens, urlToRedirect } = response.data;
|
|
104
|
-
|
|
105
|
+
|
|
106
|
+
const cookies = prepAuthCookies(tokens, account, user, this.options.appUrl);
|
|
107
|
+
Object.entries(cookies).forEach(
|
|
108
|
+
([name, config]) => {
|
|
109
|
+
try{
|
|
110
|
+
console.log(domain,'Setting cookie 1:', {name, value: config.value, commonAttributes, config})
|
|
111
|
+
res.cookie(name, config.value, {
|
|
112
|
+
...commonAttributes,
|
|
113
|
+
...config,
|
|
114
|
+
});
|
|
115
|
+
// console.log('Setting cookie 2:', {response})
|
|
116
|
+
} catch (error) {
|
|
117
|
+
console.error('Error setting cookie: Object.entries', {
|
|
118
|
+
error: error.message,
|
|
119
|
+
stack: error.stack,
|
|
120
|
+
});
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
);
|
|
124
|
+
console.log('cookies:', cookies);
|
|
125
|
+
// setAuthCookies(res, tokens, account, user, this.options.appUrl);
|
|
105
126
|
res.status(response.status).json({ urlToRedirect });
|
|
106
127
|
}
|
|
107
128
|
} catch (error) {
|
|
@@ -104,13 +104,13 @@ const setAuthCookies = async (res, tokens, account, user, appUrl) => {
|
|
|
104
104
|
try {
|
|
105
105
|
domain = appUrl ? new URL(appUrl).hostname : undefined;
|
|
106
106
|
if (domain?.includes('mapmap.app')) {
|
|
107
|
-
domain = '
|
|
107
|
+
domain = '.mapmap.app';
|
|
108
108
|
}
|
|
109
109
|
if (domain?.includes('localhost')) {
|
|
110
110
|
domain = undefined;
|
|
111
111
|
}
|
|
112
112
|
if (domain?.includes('propro.so')) {
|
|
113
|
-
domain = '
|
|
113
|
+
domain = 'propro.so';
|
|
114
114
|
}
|
|
115
115
|
} catch (error) {
|
|
116
116
|
console.error('Invalid appUrl:', { error, appUrl });
|
|
@@ -217,6 +217,83 @@ const setAuthCookies = async (res, tokens, account, user, appUrl) => {
|
|
|
217
217
|
}
|
|
218
218
|
};
|
|
219
219
|
|
|
220
|
+
const prepAuthCookies = async (tokens, account, user, appUrl) => {
|
|
221
|
+
if (!tokens?.refresh?.token || !tokens?.access?.token) {
|
|
222
|
+
throw new Error('Invalid tokens object');
|
|
223
|
+
}
|
|
224
|
+
if (!account) {
|
|
225
|
+
throw new Error('Invalid account object');
|
|
226
|
+
}
|
|
227
|
+
if (!user) {
|
|
228
|
+
throw new Error('Invalid user object');
|
|
229
|
+
}
|
|
230
|
+
|
|
231
|
+
const currentDateTime = new Date();
|
|
232
|
+
const refreshMaxAge =
|
|
233
|
+
new Date(tokens.refresh.expires).getTime() - currentDateTime.getTime();
|
|
234
|
+
const accessMaxAge =
|
|
235
|
+
new Date(tokens.access.expires).getTime() - currentDateTime.getTime();
|
|
236
|
+
|
|
237
|
+
// Domain configuration
|
|
238
|
+
let domain;
|
|
239
|
+
try {
|
|
240
|
+
domain = appUrl ? new URL(appUrl).hostname : undefined;
|
|
241
|
+
if (domain?.includes('mapmap.app')) {
|
|
242
|
+
domain = '.mapmap.app';
|
|
243
|
+
}
|
|
244
|
+
if (domain?.includes('localhost')) {
|
|
245
|
+
domain = undefined;
|
|
246
|
+
}
|
|
247
|
+
if (domain?.includes('propro.so')) {
|
|
248
|
+
domain = 'propro.so';
|
|
249
|
+
}
|
|
250
|
+
} catch (error) {
|
|
251
|
+
console.error('Invalid appUrl:', { error, appUrl });
|
|
252
|
+
domain = undefined;
|
|
253
|
+
}
|
|
254
|
+
|
|
255
|
+
const commonAttributes = {
|
|
256
|
+
secure: true,
|
|
257
|
+
sameSite: 'None',
|
|
258
|
+
domain,
|
|
259
|
+
path: '/',
|
|
260
|
+
};
|
|
261
|
+
|
|
262
|
+
const httpOnlyCookies = {
|
|
263
|
+
'x-refresh-token': {
|
|
264
|
+
value: tokens.refresh.token,
|
|
265
|
+
maxAge: refreshMaxAge,
|
|
266
|
+
httpOnly: true,
|
|
267
|
+
},
|
|
268
|
+
'x-access-token': {
|
|
269
|
+
value: tokens.access.token,
|
|
270
|
+
maxAge: accessMaxAge,
|
|
271
|
+
httpOnly: true,
|
|
272
|
+
},
|
|
273
|
+
};
|
|
274
|
+
|
|
275
|
+
const sanitizedUser = sanitizeUser(user);
|
|
276
|
+
const sanitizedAccount = { ...account };
|
|
277
|
+
delete sanitizedAccount.passwordHistory;
|
|
278
|
+
|
|
279
|
+
const regularCookies = {
|
|
280
|
+
user: {
|
|
281
|
+
value: safeStringify(sanitizedUser),
|
|
282
|
+
maxAge: refreshMaxAge,
|
|
283
|
+
},
|
|
284
|
+
account: {
|
|
285
|
+
value: safeStringify(sanitizedAccount),
|
|
286
|
+
maxAge: refreshMaxAge,
|
|
287
|
+
},
|
|
288
|
+
has_account_token: {
|
|
289
|
+
value: JSON.stringify({ value: 'true', expires: accessMaxAge }),
|
|
290
|
+
maxAge: accessMaxAge,
|
|
291
|
+
},
|
|
292
|
+
};
|
|
293
|
+
|
|
294
|
+
return {...httpOnlyCookies, ...regularCookies, ...commonAttributes}
|
|
295
|
+
};
|
|
296
|
+
|
|
220
297
|
/**
|
|
221
298
|
* Clears cookies from both web and extension contexts
|
|
222
299
|
*/
|
|
@@ -284,4 +361,5 @@ const clearAuthCookies = async (res, appUrl) => {
|
|
|
284
361
|
module.exports = {
|
|
285
362
|
setAuthCookies,
|
|
286
363
|
clearAuthCookies,
|
|
364
|
+
prepAuthCookies
|
|
287
365
|
};
|