Rename refreshToken to appToken and add fields (#4691)
This commit is contained in:
martmull
@ -7,7 +7,7 @@ import { HttpModule } from '@nestjs/axios';
|
||||
import { EnvironmentService } from 'src/engine/integrations/environment/environment.service';
|
||||
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
|
||||
import { User } from 'src/engine/core-modules/user/user.entity';
|
||||
import { RefreshToken } from 'src/engine/core-modules/refresh-token/refresh-token.entity';
|
||||
import { AppToken } from 'src/engine/core-modules/app-token/app-token.entity';
|
||||
import { DataSourceModule } from 'src/engine/metadata-modules/data-source/data-source.module';
|
||||
import { UserModule } from 'src/engine/core-modules/user/user.module';
|
||||
import { WorkspaceManagerModule } from 'src/engine/workspace-manager/workspace-manager.module';
|
||||
@ -48,7 +48,7 @@ const jwtModule = JwtModule.registerAsync({
|
||||
WorkspaceManagerModule,
|
||||
TypeORMModule,
|
||||
TypeOrmModule.forFeature(
|
||||
[Workspace, User, RefreshToken, FeatureFlagEntity],
|
||||
[Workspace, User, AppToken, FeatureFlagEntity],
|
||||
'core',
|
||||
),
|
||||
HttpModule,
|
||||
|
||||
@ -10,6 +10,7 @@ import { InjectRepository } from '@nestjs/typeorm';
|
||||
|
||||
import { Repository } from 'typeorm';
|
||||
|
||||
import { AppTokenInput } from 'src/engine/core-modules/auth/dto/app-token.input';
|
||||
import { JwtAuthGuard } from 'src/engine/guards/jwt.auth.guard';
|
||||
import { AuthUser } from 'src/engine/decorators/auth/auth-user.decorator';
|
||||
import { assert } from 'src/utils/assert';
|
||||
@ -34,7 +35,6 @@ import { ExchangeAuthCode } from 'src/engine/core-modules/auth/dto/exchange-auth
|
||||
|
||||
import { ApiKeyToken, AuthTokens } from './dto/token.entity';
|
||||
import { TokenService } from './services/token.service';
|
||||
import { RefreshTokenInput } from './dto/refresh-token.input';
|
||||
import { Verify } from './dto/verify.entity';
|
||||
import { VerifyInput } from './dto/verify.input';
|
||||
import { AuthService } from './services/auth.service';
|
||||
@ -170,13 +170,13 @@ export class AuthResolver {
|
||||
}
|
||||
|
||||
@Mutation(() => AuthTokens)
|
||||
async renewToken(@Args() args: RefreshTokenInput): Promise<AuthTokens> {
|
||||
if (!args.refreshToken) {
|
||||
async renewToken(@Args() args: AppTokenInput): Promise<AuthTokens> {
|
||||
if (!args.appToken) {
|
||||
throw new BadRequestException('Refresh token is mendatory');
|
||||
}
|
||||
|
||||
const tokens = await this.tokenService.generateTokensFromRefreshToken(
|
||||
args.refreshToken,
|
||||
args.appToken,
|
||||
);
|
||||
|
||||
return { tokens: tokens };
|
||||
|
||||
@ -3,9 +3,9 @@ import { ArgsType, Field } from '@nestjs/graphql';
|
||||
import { IsNotEmpty, IsString } from 'class-validator';
|
||||
|
||||
@ArgsType()
|
||||
export class RefreshTokenInput {
|
||||
export class AppTokenInput {
|
||||
@Field(() => String)
|
||||
@IsNotEmpty()
|
||||
@IsString()
|
||||
refreshToken: string;
|
||||
appToken: string;
|
||||
}
|
||||
@ -3,7 +3,7 @@ import { JwtService } from '@nestjs/jwt';
|
||||
import { getRepositoryToken } from '@nestjs/typeorm';
|
||||
|
||||
import { EnvironmentService } from 'src/engine/integrations/environment/environment.service';
|
||||
import { RefreshToken } from 'src/engine/core-modules/refresh-token/refresh-token.entity';
|
||||
import { AppToken } from 'src/engine/core-modules/app-token/app-token.entity';
|
||||
import { User } from 'src/engine/core-modules/user/user.entity';
|
||||
import { JwtAuthStrategy } from 'src/engine/core-modules/auth/strategies/jwt.auth.strategy';
|
||||
import { EmailService } from 'src/engine/integrations/email/email.service';
|
||||
@ -39,7 +39,7 @@ describe('TokenService', () => {
|
||||
useValue: {},
|
||||
},
|
||||
{
|
||||
provide: getRepositoryToken(RefreshToken, 'core'),
|
||||
provide: getRepositoryToken(AppToken, 'core'),
|
||||
useValue: {},
|
||||
},
|
||||
{
|
||||
|
||||
@ -34,7 +34,10 @@ import {
|
||||
} from 'src/engine/core-modules/auth/dto/token.entity';
|
||||
import { EnvironmentService } from 'src/engine/integrations/environment/environment.service';
|
||||
import { User } from 'src/engine/core-modules/user/user.entity';
|
||||
import { RefreshToken } from 'src/engine/core-modules/refresh-token/refresh-token.entity';
|
||||
import {
|
||||
AppToken,
|
||||
AppTokenType,
|
||||
} from 'src/engine/core-modules/app-token/app-token.entity';
|
||||
import { ValidatePasswordResetToken } from 'src/engine/core-modules/auth/dto/validate-password-reset-token.entity';
|
||||
import { EmailService } from 'src/engine/integrations/email/email.service';
|
||||
import { InvalidatePassword } from 'src/engine/core-modules/auth/dto/invalidate-password.entity';
|
||||
@ -53,8 +56,8 @@ export class TokenService {
|
||||
private readonly environmentService: EnvironmentService,
|
||||
@InjectRepository(User, 'core')
|
||||
private readonly userRepository: Repository<User>,
|
||||
@InjectRepository(RefreshToken, 'core')
|
||||
private readonly refreshTokenRepository: Repository<RefreshToken>,
|
||||
@InjectRepository(AppToken, 'core')
|
||||
private readonly appTokenRepository: Repository<AppToken>,
|
||||
@InjectRepository(Workspace, 'core')
|
||||
private readonly workspaceRepository: Repository<Workspace>,
|
||||
private readonly emailService: EmailService,
|
||||
@ -103,15 +106,15 @@ export class TokenService {
|
||||
const refreshTokenPayload = {
|
||||
userId,
|
||||
expiresAt,
|
||||
type: AppTokenType.RefreshToken,
|
||||
};
|
||||
const jwtPayload = {
|
||||
sub: userId,
|
||||
};
|
||||
|
||||
const refreshToken =
|
||||
this.refreshTokenRepository.create(refreshTokenPayload);
|
||||
const refreshToken = this.appTokenRepository.create(refreshTokenPayload);
|
||||
|
||||
await this.refreshTokenRepository.save(refreshToken);
|
||||
await this.appTokenRepository.save(refreshToken);
|
||||
|
||||
return {
|
||||
token: this.jwtService.sign(jwtPayload, {
|
||||
@ -360,7 +363,7 @@ export class TokenService {
|
||||
UnprocessableEntityException,
|
||||
);
|
||||
|
||||
const token = await this.refreshTokenRepository.findOneBy({
|
||||
const token = await this.appTokenRepository.findOneBy({
|
||||
id: jwtPayload.jti,
|
||||
});
|
||||
|
||||
@ -379,15 +382,16 @@ export class TokenService {
|
||||
) {
|
||||
// Revoke all user refresh tokens
|
||||
await Promise.all(
|
||||
user.refreshTokens.map(
|
||||
async ({ id }) =>
|
||||
await this.refreshTokenRepository.update(
|
||||
user.appTokens.map(async ({ id, type }) => {
|
||||
if (type === AppTokenType.RefreshToken) {
|
||||
await this.appTokenRepository.update(
|
||||
{ id },
|
||||
{
|
||||
revokedAt: new Date(),
|
||||
},
|
||||
),
|
||||
),
|
||||
);
|
||||
}
|
||||
}),
|
||||
);
|
||||
|
||||
throw new ForbiddenException(
|
||||
@ -408,7 +412,7 @@ export class TokenService {
|
||||
} = await this.verifyRefreshToken(token);
|
||||
|
||||
// Revoke old refresh token
|
||||
await this.refreshTokenRepository.update(
|
||||
await this.appTokenRepository.update(
|
||||
{
|
||||
id,
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user