fix: login/logout

colonizer-training-camp · Jul 16, 2024 · 2fa76ec · 2fa76ec
1 parent 21981b2
commit 2fa76ec
Show file tree

Hide file tree

Showing 8 changed files with 68 additions and 1 deletion.
diff --git a/src/api/auth/credentials/$get.ts b/src/api/auth/credentials/$get.ts
@@ -0,0 +1,13 @@
+import { RequestHandler } from "express";
+import { toUserResponse } from "src/model/user/types";
+
+const handler: RequestHandler = (req, res) => {
+  if (!req.user) {
+    res.status(401).send("Unauthorized");
+    return;
+  }
+
+  res.send(toUserResponse(req.user));
+};
+
+export default handler;
diff --git a/src/api/auth/credentials/index.ts b/src/api/auth/credentials/index.ts
@@ -0,0 +1,8 @@
+import { Router } from "express";
+import $get from "./$get";
+
+const router = Router();
+
+router.get("/", $get);
+
+export default router;
diff --git a/src/api/auth/index.ts b/src/api/auth/index.ts
@@ -1,8 +1,12 @@
 import { Router } from "express";
 import login from "./login";
+import logout from "./logout";
+import credentials from "./credentials";
 
 const router = Router();
 
+router.use("/credentials", credentials);
 router.use("/login", login);
+router.use("/logout", logout);
 
 export default router;
diff --git a/src/api/auth/login/$post.ts b/src/api/auth/login/$post.ts
@@ -30,7 +30,10 @@ const login: RequestHandler = async (req, res) => {
   }
 
   const jwt = UserToJWT(user, new Date(Date.now() + 1000 * 60 * 60 * 24 * 7)); // 7 days
-  res.header("Authorization", `Bearer ${jwt}`).sendStatus(200);
+  res.cookie("Authorization", jwt, {
+    signed: true,
+  });
+  res.sendStatus(200);
 };
 
 export default login;
diff --git a/src/api/auth/logout/$post.ts b/src/api/auth/logout/$post.ts
@@ -0,0 +1,8 @@
+import { RequestHandler } from "express";
+
+const logout: RequestHandler = (req, res) => {
+  res.clearCookie("Authorization");
+  res.sendStatus(200);
+};
+
+export default logout;
diff --git a/src/api/auth/logout/index.ts b/src/api/auth/logout/index.ts
@@ -0,0 +1,8 @@
+import { Router } from "express";
+import $post from "./$post";
+
+const router = Router();
+
+router.post("/", $post);
+
+export default router;
diff --git a/src/middlewares/auth.ts b/src/middlewares/auth.ts
@@ -1,6 +1,11 @@
 import { RequestHandler } from "express";
+import { Record, String } from "runtypes";
 import { JWTToUser } from "../utils/jwt";
 
+const Cookie = Record({
+  Authorization: String,
+});
+
 const Auth: RequestHandler = async (req, res, next) => {
   let token: string | null = null;
   if (req.headers.authorization) {
@@ -9,6 +14,9 @@ const Auth: RequestHandler = async (req, res, next) => {
       token = auth.substring(7);
     }
   }
+  if (Cookie.guard(req.signedCookies)) {
+    token = req.signedCookies.Authorization;
+  }
 
   if (token !== null) {
     try {

diff --git a/src/model/user/types.ts b/src/model/user/types.ts
@@ -0,0 +1,15 @@
+import { User } from "@prisma/client";
+
+export const toUserResponse = ({
+  userId,
+  loginId,
+  displayName,
+  isHost,
+}: User) => {
+  return {
+    userId,
+    loginId,
+    displayName,
+    isHost,
+  };
+};