prostgles-server 4.2.271 → 4.2.273

package/lib/Auth/getClientAuth.ts

@@ -5,14 +5,20 @@ import {
   CHANNELS,
   getObjectEntries,
   isEmpty,
+  isObject,
 } from "prostgles-types";
-import { AuthClientRequest, LoginWithOAuthConfig, AuthResultWithSID } from "./AuthTypes";
+import {
+  AuthClientRequest,
+  LoginWithOAuthConfig,
+  AuthResultWithSID,
+  type AuthResult,
+} from "./AuthTypes";
 import { AUTH_ROUTES_AND_PARAMS, AuthHandler } from "./AuthHandler";
 
 export async function getClientAuth(
   this: AuthHandler,
   clientReq: AuthClientRequest
-): Promise<{ auth: AuthSocketSchema; userData: AuthResultWithSID }> {
+): Promise<{ auth: AuthSocketSchema; userData: AuthResultWithSID } | "new-session-redirect"> {
   let pathGuard = false;
   const {
     loginWithOAuth,
@@ -30,6 +36,12 @@ export async function getClientAuth(
      * Due to SPA nature of some clients, we need to check if the connected client ends up on a protected route
      */
     if (clientReq.socket) {
+      const getUserFromRequest = async (clientReq: AuthClientRequest): Promise<AuthResult> => {
+        const sidAndUser = await this.getSidAndUserFromRequest(clientReq);
+        if (isObject(sidAndUser) && sidAndUser.sid && sidAndUser.user) {
+          return sidAndUser;
+        }
+      };
       const { socket } = clientReq;
       socket.removeAllListeners(CHANNELS.AUTHGUARD);
       socket.on(
@@ -54,7 +66,7 @@ export async function getClientAuth(
               pathname &&
               typeof pathname === "string" &&
               this.isUserRoute(pathname) &&
-              !(await this.getUserFromRequest({ socket }))
+              !(await getUserFromRequest({ socket }))
             ) {
               cb(null, { shouldReload: true });
             } else {
@@ -70,7 +82,9 @@ export async function getClientAuth(
   }
 
   const userData = await this.getSidAndUserFromRequest(clientReq);
-
+  if (userData === "new-session-redirect") {
+    return userData;
+  }
   const auth: AuthSocketSchema = {
     providers: getOAuthProviders(loginWithOAuth),
     signupWithEmailAndPassword: signupWithEmailAndPassword && {

package/lib/Auth/login.ts

@@ -1,6 +1,6 @@
 import { DBOFullyTyped } from "../DBSchemaBuilder";
 import { AuthHandler, getClientRequestIPsInfo, HTTP_FAIL_CODES } from "./AuthHandler";
-import { ExpressReq, LoginParams } from "./AuthTypes";
+import { ExpressReq, LoginParams, type BasicSession } from "./AuthTypes";
 import { LoginResponseHandler } from "./endpoints/setLoginRequestHandler";
 import { throttledAuthCall } from "./utils/throttledReject";
 
@@ -30,22 +30,9 @@ export async function login(
       return result;
     }
 
-    const { sid, expires } = result.session;
-    if (!sid) {
-      console.error("Invalid sid");
-      return "server-error";
-    }
-    if (sid && (typeof sid !== "string" || typeof expires !== "number")) {
-      console.error(
-        "Bad login result type. \nExpecting: undefined | null | { sid: string; expires: number }"
-      );
-      return "server-error";
-    }
-    if (expires < Date.now()) {
-      console.error(
-        "auth.login() is returning an expired session. Can only login with a session.expires greater than Date.now()"
-      );
-      return "server-error";
+    const sessionErrorCode = getBasicSessionErrorCode(result.session);
+    if (sessionErrorCode) {
+      return sessionErrorCode;
     }
 
     return result;
@@ -76,3 +63,23 @@ export async function login(
   }
   this.setCookieAndGoToReturnURLIFSet(loginResponse.session, { req, res });
 }
+
+export const getBasicSessionErrorCode = (session: Pick<BasicSession, "expires" | "sid">) => {
+  const { sid, expires } = session;
+  if (!sid) {
+    console.error("Invalid sid");
+    return "server-error";
+  }
+  if (sid && (typeof sid !== "string" || typeof expires !== "number")) {
+    console.error(
+      "Bad login result type. \nExpecting: undefined | null | { sid: string; expires: number }"
+    );
+    return "server-error";
+  }
+  if (expires < Date.now()) {
+    console.error(
+      "auth.login() is returning an expired session. Can only login with a session.expires greater than Date.now()"
+    );
+    return "server-error";
+  }
+};

package/lib/Auth/setupAuthRoutes.ts

@@ -42,17 +42,23 @@ export function setupAuthRoutes(this: AuthHandler) {
   if (onUseOrSocketConnected) {
     const prostglesUseMiddleware: RequestHandler = async (req, res, next) => {
       const reqInfo = { httpReq: req, res };
-      const errorInfo = await onUseOrSocketConnected(
+      const errorInfoOrSession = await onUseOrSocketConnected(
         this.getSIDNoError(reqInfo),
         getClientRequestIPsInfo(reqInfo),
         reqInfo
       );
 
-      if (errorInfo) {
-        const { error, httpCode } = errorInfo;
+      if (errorInfoOrSession && "error" in errorInfoOrSession) {
+        const { error, httpCode } = errorInfoOrSession;
         res.status(httpCode).json({ error });
         return;
       }
+
+      if (errorInfoOrSession && "session" in errorInfoOrSession) {
+        const { session } = errorInfoOrSession;
+        this.validateSessionAndSetCookie(session, { req, res });
+        return;
+      }
       next();
     };
     upsertNamedExpressMiddleware(app, prostglesUseMiddleware, "prostglesonUseOrSocketConnected");
@@ -66,6 +72,9 @@ export function setupAuthRoutes(this: AuthHandler) {
         next,
         getUser: async () => {
           const userOrErr = await this.getUserOrError({ httpReq: req, res });
+          if (userOrErr === "new-session-redirect") {
+            throw "new-session-redirect";
+          }
           if (userOrErr.error) {
             res.status(HTTP_FAIL_CODES.BAD_REQUEST).json(userOrErr.error);
             throw userOrErr.error;

package/lib/Auth/utils/getSidAndUserFromRequest.ts

@@ -1,7 +1,9 @@
+import { isObject } from "prostgles-types";
 import { DBOFullyTyped } from "../../DBSchemaBuilder";
 import { AuthHandler, getClientRequestIPsInfo } from "../AuthHandler";
 import { AuthClientRequest, AuthResultWithSID } from "../AuthTypes";
 import { throttledAuthCall } from "./throttledReject";
+import type { GetUserOrRedirected } from "./handleGetUser";
 
 /**
  * For a given sid return the user data if available using the auth handler's getUser method.
@@ -11,7 +13,7 @@ import { throttledAuthCall } from "./throttledReject";
 export async function getSidAndUserFromRequest(
   this: AuthHandler,
   clientReq: AuthClientRequest
-): Promise<AuthResultWithSID> {
+): Promise<GetUserOrRedirected> {
   /**
    * Get cached session if available
    */
@@ -71,14 +73,14 @@ export async function getSidAndUserFromRequest(
   //   return { sid, preferredLogin: !clientInfo?.user ? clientInfo?.preferredLogin : undefined };
   // }, 100);
   const result = await this.handleGetUser(clientReq);
-  if (result.error) {
+  if (isObject(result) && result.error) {
     throw result.error;
   }
   await this.prostgles.opts.onLog?.({
     type: "auth",
     command: "getClientInfo",
     duration: Date.now() - authStart,
-    sid: result.sid,
+    sid: isObject(result) ? result.sid : undefined,
     socketId: clientReq.socket?.id,
   });
   return result;

package/lib/Auth/utils/getUserOrError.ts

@@ -3,7 +3,7 @@ import { DBOFullyTyped } from "../../DBSchemaBuilder";
 import type { AuthHandler } from "../AuthHandler";
 import { AuthClientRequest, AuthResultWithSID } from "../AuthTypes";
 import { getClientRequestIPsInfo } from "../utils/getClientRequestIPsInfo";
-import { isAuthError } from "./handleGetUser";
+import { isAuthError, type GetUserOrRedirected } from "./handleGetUser";
 import { throttledAuthCall } from "./throttledReject";
 
 /**
@@ -14,7 +14,7 @@ import { throttledAuthCall } from "./throttledReject";
 export async function getUserOrError(
   this: AuthHandler,
   clientReq: AuthClientRequest
-): Promise<AuthResultWithSID> {
+): Promise<GetUserOrRedirected> {
   // const sid = this.getValidatedSid(clientReq);
   // if (!sid) return { sid };
 

package/lib/Auth/utils/handleGetUser.ts

@@ -1,14 +1,15 @@
+import { AuthResponse, isObject } from "prostgles-types";
 import type { DBOFullyTyped } from "../../DBSchemaBuilder";
-import { tout } from "../../PubSubManager/initPubSubManager";
 import { getClientRequestIPsInfo, type AuthHandler } from "../AuthHandler";
 import type { AuthClientRequest, AuthResultOrError, AuthResultWithSID } from "../AuthTypes";
 import { throttledAuthCall } from "./throttledReject";
-import { AuthResponse, isObject } from "prostgles-types";
+
+export type GetUserOrRedirected = AuthResultWithSID | "new-session-redirect";
 
 export async function handleGetUserThrottled(
   this: AuthHandler,
   clientReq: AuthClientRequest
-): Promise<AuthResultWithSID> {
+): Promise<GetUserOrRedirected> {
   const getSessionForCaching = this.opts.cacheSession?.getSession;
   const result = await throttledAuthCall(async () => {
     const clientInfoOrErr = await this.opts.getUser(
@@ -31,13 +32,8 @@ export async function handleGetUserThrottled(
       if (!("httpReq" in clientReq) || !clientReq.httpReq)
         throw "httpReq missing. new-session not implemented for sockets.";
       const { httpReq, res } = clientReq;
-      this.setCookieAndGoToReturnURLIFSet(clientInfo.session, { req: httpReq, res });
-      /** Wait for refresh */
-      await tout(200);
-      return {
-        error: { success: false, code: "something-went-wrong" },
-        sid: this.getValidatedSid(clientReq),
-      } satisfies AuthResultWithSID;
+      this.validateSessionAndSetCookie(clientInfo.session, { req: httpReq, res });
+      return "new-session-redirect" as const;
     }
 
     const sid = this.getValidatedSid(clientReq);

package/lib/Prostgles.ts

@@ -367,6 +367,9 @@ export class Prostgles {
         : { type: "http" as const, ...clientReq };
 
       const userData = await this.authHandler?.getSidAndUserFromRequest(clientInfo);
+      if (userData === "new-session-redirect") {
+        throw "new-session-redirect";
+      }
       const { publishParser } = this;
       let fullSchema: Awaited<ReturnType<PublishParser["getSchemaFromPublish"]>> | undefined;
       let publishValidationError;
@@ -427,6 +430,9 @@ export class Prostgles {
             });
 
       const authInfo = await this.authHandler?.getClientAuth(clientReq);
+      if (authInfo === "new-session-redirect") {
+        throw "new-session-redirect";
+      }
 
       const clientSchema: ClientSchema = {
         schema,

package/lib/ProstglesTypes.ts

@@ -299,7 +299,7 @@ export type ProstglesInitOptions<S = void, SUser extends SessionUser = SessionUs
   /**
    * Usefull for logging or debugging
    */
-  onLog?: (evt: EventInfo) => Promise<void>;
+  onLog?: (evt: EventInfo) => Promise<void> | void;
 };
 
 export type TableConfigMigrations = {

package/lib/PublishParser/PublishParser.ts

@@ -10,12 +10,11 @@ import { getTableRulesWithoutFileTable } from "./getTableRulesWithoutFileTable";
 import {
   DboTable,
   DboTableCommand,
-  ParsedPublishTable,
+  ParsedTableRule,
   PublishMethods,
   type PublishObject,
   PublishParams,
   RULE_TO_METHODS,
-  ParsedTableRule,
   parsePublishTableRule,
 } from "./publishTypesAndUtils";
 
@@ -43,9 +42,14 @@ export class PublishParser {
     clientReq: AuthClientRequest,
     clientInfo: AuthResultWithSID | undefined
   ): Promise<PublishParams> {
+    const _clientInfo =
+      clientInfo ?? (await this.prostgles.authHandler?.getSidAndUserFromRequest(clientReq));
+    if (_clientInfo === "new-session-redirect") {
+      throw "new-session-redirect";
+    }
     return {
       sid: undefined,
-      ...(clientInfo ?? (await this.prostgles.authHandler?.getSidAndUserFromRequest(clientReq))),
+      ..._clientInfo,
       dbo: this.dbo as DBOFullyTyped,
       db: this.db,
       clientReq,
@@ -109,6 +113,9 @@ export class PublishParser {
   }: DboTableCommand): Promise<ParsedTableRule> {
     const clientInfo =
       clientReq && (await this.prostgles.authHandler?.getSidAndUserFromRequest(clientReq));
+    if (clientInfo === "new-session-redirect") {
+      throw "new-session-redirect";
+    }
     const rules = await this.getValidatedRequestRule({ tableName, command, clientReq }, clientInfo);
     return rules;
   }

package/lib/PublishParser/getSchemaFromPublish.ts

@@ -38,7 +38,9 @@ export async function getSchemaFromPublish(
     /* Publish tables and views based on socket */
     const clientInfo =
       userData ?? (await this.prostgles.authHandler?.getSidAndUserFromRequest(clientReq));
-
+    if (clientInfo === "new-session-redirect") {
+      throw "new-session-redirect";
+    }
     let _publish: PublishObject | undefined;
     try {
       _publish = await this.getPublishAsObject(clientReq, clientInfo);

package/lib/onSocketConnected.ts

@@ -15,6 +15,15 @@ export async function onSocketConnected(this: Prostgles, socket: PRGLIOSocket) {
   this.connectedSockets.push(socket);
 
   try {
+    const getUser = async () => {
+      if (!this.authHandler) throw "authHandler missing";
+      const res = await this.authHandler.getSidAndUserFromRequest({ socket });
+      if (res === "new-session-redirect") {
+        throw "new-session-redirect";
+      }
+      return res;
+    };
+
     await this.opts.onLog?.({
       type: "connect",
       sid: this.authHandler?.getValidatedSid({ socket }),
@@ -35,17 +44,15 @@ export async function onSocketConnected(this: Prostgles, socket: PRGLIOSocket) {
         { socket }
       );
       if (errorInfo) {
-        socket.emit(CHANNELS.CONNECTION, { error: errorInfo.error });
+        socket.emit(CHANNELS.CONNECTION, {
+          error: "error" in errorInfo ? errorInfo.error : "New session setup",
+        });
         socket.disconnect();
         return;
       }
     }
     if (this.opts.onSocketConnect) {
       try {
-        const getUser = async () => {
-          if (!this.authHandler) throw "authHandler missing";
-          return await this.authHandler.getSidAndUserFromRequest({ socket });
-        };
         await this.opts.onSocketConnect({
           socket,
           dbo: dbo as DBOFullyTyped,
@@ -97,10 +104,6 @@ export async function onSocketConnected(this: Prostgles, socket: PRGLIOSocket) {
       });
 
       if (this.opts.onSocketDisconnect) {
-        const getUser = async () => {
-          if (!this.authHandler) throw "authHandler missing";
-          return await this.authHandler.getSidAndUserFromRequest({ socket });
-        };
         void this.opts.onSocketDisconnect({ socket, dbo: dbo as DBOFullyTyped, db, getUser });
       }
     });

package/lib/runClientRequest.ts

@@ -77,6 +77,9 @@ export const runClientRequest = async function (
   }
 
   const clientInfo = await this.authHandler?.getSidAndUserFromRequest(clientReq);
+  if (clientInfo === "new-session-redirect") {
+    throw clientInfo;
+  }
   const validRules = await this.publishParser.getValidatedRequestRule(
     { tableName, command, clientReq },
     clientInfo

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prostgles-server",
-  "version": "4.2.271",
+  "version": "4.2.273",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -68,8 +68,6 @@
     "@types/pg": "^8.11.5",
     "@types/pg-cursor": "^2.7.2",
     "@types/sharp": "^0.30.4",
-    "@typescript-eslint/eslint-plugin": "^8.26.1",
-    "@typescript-eslint/parser": "^8.26.1",
     "eslint": "^9.22.0",
     "eslint-plugin-security": "^3.0.1",
     "prettier": "^3.4.2",