Fixed authentication.
This commit is contained in:
@ -1,4 +1,4 @@
|
||||
import { Controller, Request, Post, UseGuards, Body, Res } from '@nestjs/common';
|
||||
import { Controller, Request, Post, UseGuards, Body, Res, Delete, Patch } from '@nestjs/common';
|
||||
import { LoginAuthGuard } from './guards/login-auth.guard';
|
||||
import { AuthService } from './auth.service';
|
||||
import { UsersService } from 'src/users/users.service';
|
||||
@ -6,7 +6,7 @@ import { RegisterUserDto } from './dto/register-user.dto';
|
||||
import { Response } from 'express';
|
||||
import { JwtRefreshGuard } from './guards/jwt-refresh.guard';
|
||||
import { OfflineGuard } from './guards/offline.guard';
|
||||
import { UserEntity } from 'src/users/users.entity';
|
||||
import { UserEntity } from 'src/users/entities/users.entity';
|
||||
import { QueryFailedError } from 'typeorm';
|
||||
import { PinoLogger } from 'nestjs-pino';
|
||||
import { JwtAccessGuard } from './guards/jwt-access.guard';
|
||||
@ -29,6 +29,7 @@ export class AuthController {
|
||||
try {
|
||||
data = await this.auth.login(req.user);
|
||||
if (!data.access_token || !data.refresh_token || !data.refresh_exp) {
|
||||
response.statusCode = 500;
|
||||
return {
|
||||
success: false,
|
||||
error_message: 'Something went wrong with tokens while logging in.',
|
||||
@ -42,6 +43,8 @@ export class AuthController {
|
||||
msg: 'Failed to login.',
|
||||
error: err,
|
||||
});
|
||||
|
||||
response.statusCode = 500;
|
||||
return {
|
||||
success: false,
|
||||
error_message: 'Something went wrong while logging in.',
|
||||
@ -52,12 +55,14 @@ export class AuthController {
|
||||
httpOnly: true,
|
||||
secure: true,
|
||||
expires: new Date(data.exp),
|
||||
sameSite: 'strict',
|
||||
});
|
||||
|
||||
response.cookie('Refresh', data.refresh_token, {
|
||||
httpOnly: true,
|
||||
secure: true,
|
||||
expires: new Date(data.refresh_exp),
|
||||
sameSite: 'strict',
|
||||
});
|
||||
|
||||
this.logger.info({
|
||||
@ -75,17 +80,32 @@ export class AuthController {
|
||||
}
|
||||
|
||||
@UseGuards(JwtAccessGuard)
|
||||
@Post('logout')
|
||||
@Delete('login')
|
||||
async logout(
|
||||
@Request() req,
|
||||
@Res({ passthrough: true }) response: Response,
|
||||
) {
|
||||
console.log('logout cookie', req.cookies?.Refresh);
|
||||
// TODO: delete refresh token from database.
|
||||
// await this.auth.delete(req.cookies?.Refresh);
|
||||
const accessToken = req.cookies?.Authentication;
|
||||
const refreshToken = req.cookies?.Refresh;
|
||||
|
||||
response.clearCookie('Refresh');
|
||||
response.clearCookie('Authentication');
|
||||
response.clearCookie('Refresh');
|
||||
|
||||
if (!refreshToken || !await this.auth.revoke(req.user.userId, refreshToken)) {
|
||||
// User has already logged off.
|
||||
this.logger.info({
|
||||
class: AuthController.name,
|
||||
method: this.login.name,
|
||||
user: req.user,
|
||||
msg: 'User has already logged off via ' + (!refreshToken ? 'cookies' : 'database'),
|
||||
});
|
||||
|
||||
response.statusCode = 400;
|
||||
return {
|
||||
success: false,
|
||||
error_message: 'User has already logged off.'
|
||||
};
|
||||
}
|
||||
|
||||
this.logger.info({
|
||||
class: AuthController.name,
|
||||
@ -94,61 +114,59 @@ export class AuthController {
|
||||
msg: 'User logged off',
|
||||
});
|
||||
|
||||
return req.logout();
|
||||
return {
|
||||
success: true,
|
||||
};
|
||||
}
|
||||
|
||||
@UseGuards(JwtRefreshGuard)
|
||||
@Post('refresh')
|
||||
@Patch('login')
|
||||
async refresh(
|
||||
@Request() req,
|
||||
@Res({ passthrough: true }) response: Response,
|
||||
) {
|
||||
try {
|
||||
const refresh_token = req.cookies.Refresh;
|
||||
const data = await this.auth.renew(req.user, refresh_token);
|
||||
this.logger.info({
|
||||
class: AuthController.name,
|
||||
method: this.login.name,
|
||||
user: req.user,
|
||||
refresh_token: req.cookies.Refresh,
|
||||
msg: 'User logged in.',
|
||||
});
|
||||
|
||||
response.cookie('Authentication', data.access_token, {
|
||||
const refreshToken = req.cookies.Refresh;
|
||||
const data = await this.auth.renew(req.user, refreshToken);
|
||||
|
||||
response.cookie('Authentication', data.access_token, {
|
||||
httpOnly: true,
|
||||
secure: true,
|
||||
expires: new Date(data.exp),
|
||||
sameSite: 'strict',
|
||||
});
|
||||
this.logger.debug({
|
||||
class: AuthController.name,
|
||||
method: this.refresh.name,
|
||||
user: req.user,
|
||||
access_token: data.access_token,
|
||||
msg: 'Updated Authentication cookie for access token.',
|
||||
});
|
||||
|
||||
if (data.refresh_token != refreshToken) {
|
||||
response.cookie('Refresh', data.refresh_token, {
|
||||
httpOnly: true,
|
||||
secure: true,
|
||||
expires: new Date(data.exp),
|
||||
expires: new Date(data.refresh_exp),
|
||||
sameSite: 'strict',
|
||||
});
|
||||
this.logger.debug({
|
||||
class: AuthController.name,
|
||||
method: this.refresh.name,
|
||||
user: req.user,
|
||||
access_token: data.access_token,
|
||||
msg: 'Updated Authentication cookie for access token.',
|
||||
refresh_token: data.refresh_token,
|
||||
msg: 'Updated Refresh cookie for refresh token.',
|
||||
});
|
||||
|
||||
if (data.refresh_token != refresh_token) {
|
||||
response.cookie('Refresh', data.refresh_token, {
|
||||
httpOnly: true,
|
||||
secure: true,
|
||||
expires: new Date(data.refresh_exp),
|
||||
});
|
||||
this.logger.debug({
|
||||
class: AuthController.name,
|
||||
method: this.refresh.name,
|
||||
user: req.user,
|
||||
refresh_token: data.refresh_token,
|
||||
msg: 'Updated Refresh cookie for refresh token.',
|
||||
});
|
||||
}
|
||||
|
||||
return { success: true };
|
||||
} catch (err) {
|
||||
this.logger.error({
|
||||
class: AuthController.name,
|
||||
method: this.refresh.name,
|
||||
user: req.user,
|
||||
msg: 'Failed to refresh tokens.',
|
||||
error: err,
|
||||
});
|
||||
return {
|
||||
success: false,
|
||||
error_message: 'Something went wrong.',
|
||||
};
|
||||
}
|
||||
|
||||
return { success: true };
|
||||
}
|
||||
|
||||
@UseGuards(OfflineGuard)
|
||||
@ -178,6 +196,8 @@ export class AuthController {
|
||||
user: req.user,
|
||||
msg: 'Failed to register due to duplicate userLogin.',
|
||||
});
|
||||
|
||||
response.statusCode = 400;
|
||||
return {
|
||||
success: false,
|
||||
error_message: 'Username already exist.',
|
||||
@ -191,6 +211,8 @@ export class AuthController {
|
||||
msg: 'Failed to register.',
|
||||
error: err,
|
||||
});
|
||||
|
||||
response.statusCode = 500;
|
||||
return {
|
||||
success: false,
|
||||
error_message: 'Something went wrong when creating user.',
|
||||
@ -208,6 +230,8 @@ export class AuthController {
|
||||
refresh_token: data.refresh_token,
|
||||
msg: 'Failed to generate tokens after registering.',
|
||||
});
|
||||
|
||||
response.statusCode = 500;
|
||||
return {
|
||||
success: false,
|
||||
error_message: 'Something went wrong with tokens while logging in.',
|
||||
@ -221,6 +245,8 @@ export class AuthController {
|
||||
msg: 'Failed to login after registering.',
|
||||
error: err,
|
||||
});
|
||||
|
||||
response.statusCode = 500;
|
||||
return {
|
||||
success: false,
|
||||
error_message: 'Something went wrong while logging in.',
|
||||
@ -231,12 +257,14 @@ export class AuthController {
|
||||
httpOnly: true,
|
||||
secure: true,
|
||||
expires: new Date(data.exp),
|
||||
sameSite: 'strict',
|
||||
});
|
||||
|
||||
response.cookie('Refresh', data.refresh_token, {
|
||||
httpOnly: true,
|
||||
secure: true,
|
||||
expires: new Date(data.refresh_exp),
|
||||
sameSite: 'strict',
|
||||
});
|
||||
|
||||
return {
|
||||
|
||||
Reference in New Issue
Block a user