Clean server post refactor to remove Hasura (#156)
* Clean BE post refactor to remove Hasura * Add server CI
This commit is contained in:
Charles Bochet
@ -1,5 +1,5 @@
|
||||
import { Module } from '@nestjs/common';
|
||||
import { JwtModule, JwtService } from '@nestjs/jwt';
|
||||
import { JwtModule } from '@nestjs/jwt';
|
||||
import { ConfigModule, ConfigService } from '@nestjs/config';
|
||||
import { JwtAuthStrategy } from './strategies/jwt.auth.strategy';
|
||||
import { AuthService } from './services/auth.service';
|
||||
|
||||
@ -1,8 +1,15 @@
|
||||
import { Controller, Get, Req, Res, UseGuards } from '@nestjs/common';
|
||||
import {
|
||||
Controller,
|
||||
Get,
|
||||
HttpException,
|
||||
HttpStatus,
|
||||
Req,
|
||||
Res,
|
||||
UseGuards,
|
||||
} from '@nestjs/common';
|
||||
import { AuthGuard } from '@nestjs/passport';
|
||||
import { Request, Response } from 'express';
|
||||
import { AuthService } from './services/auth.service';
|
||||
import { Profile } from 'passport-google-oauth20';
|
||||
|
||||
@Controller('auth/google')
|
||||
export class GoogleAuthController {
|
||||
@ -10,18 +17,27 @@ export class GoogleAuthController {
|
||||
|
||||
@Get()
|
||||
@UseGuards(AuthGuard('google'))
|
||||
async googleAuth(@Req() req) {}
|
||||
async googleAuth() {
|
||||
// As this method is protected by Google Auth guard, it will trigger Google SSO flow
|
||||
return;
|
||||
}
|
||||
|
||||
@Get('redirect')
|
||||
@UseGuards(AuthGuard('google'))
|
||||
async googleAuthRedirect(@Req() req: Request, @Res() res: Response) {
|
||||
const user = await this.authService.upsertUser(req.user as { firstName: string, lastName: string, email: string })
|
||||
const user = await this.authService.upsertUser(
|
||||
req.user as { firstName: string; lastName: string; email: string },
|
||||
);
|
||||
|
||||
if (!user) {
|
||||
return res.status(400).send('User not created');
|
||||
throw new HttpException(
|
||||
{ reason: 'User email domain does not match an existing workspace' },
|
||||
HttpStatus.INTERNAL_SERVER_ERROR,
|
||||
);
|
||||
}
|
||||
const refreshToken = await this.authService.registerRefreshToken(user)
|
||||
return res.redirect(this.authService.computeRedirectURI(refreshToken.refreshToken));
|
||||
const refreshToken = await this.authService.registerRefreshToken(user);
|
||||
return res.redirect(
|
||||
this.authService.computeRedirectURI(refreshToken.refreshToken),
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,9 +1,7 @@
|
||||
import { Injectable } from '@nestjs/common';
|
||||
import { HttpException, HttpStatus, Injectable } from '@nestjs/common';
|
||||
import { JwtService } from '@nestjs/jwt';
|
||||
import { JwtPayload } from '../strategies/jwt.auth.strategy';
|
||||
import { randomUUID } from 'crypto';
|
||||
import { ConfigService } from '@nestjs/config';
|
||||
import { Profile } from 'passport-google-oauth20';
|
||||
import { UserRepository } from 'src/entities/user/user.repository';
|
||||
import { WorkspaceRepository } from 'src/entities/workspace/workspace.repository';
|
||||
import { RefreshTokenRepository } from 'src/entities/refresh-token/refresh-token.repository';
|
||||
@ -26,17 +24,26 @@ export class AuthService {
|
||||
email: string;
|
||||
}) {
|
||||
if (!rawUser.email) {
|
||||
return;
|
||||
throw new HttpException(
|
||||
{ reason: 'Email is missing' },
|
||||
HttpStatus.BAD_REQUEST,
|
||||
);
|
||||
}
|
||||
|
||||
if (!rawUser.firstName || !rawUser.lastName) {
|
||||
return;
|
||||
throw new HttpException(
|
||||
{ reason: 'Firstname or lastname is missing' },
|
||||
HttpStatus.BAD_REQUEST,
|
||||
);
|
||||
}
|
||||
|
||||
const emailDomain = rawUser.email.split('@')[1];
|
||||
|
||||
if (!emailDomain) {
|
||||
return;
|
||||
throw new HttpException(
|
||||
{ reason: 'Email is malformed' },
|
||||
HttpStatus.BAD_REQUEST,
|
||||
);
|
||||
}
|
||||
|
||||
const workspace = await this.workspaceRepository.findUnique({
|
||||
@ -44,7 +51,10 @@ export class AuthService {
|
||||
});
|
||||
|
||||
if (!workspace) {
|
||||
return;
|
||||
throw new HttpException(
|
||||
{ reason: 'User email domain does not match an existing workspace' },
|
||||
HttpStatus.FORBIDDEN,
|
||||
);
|
||||
}
|
||||
|
||||
const user = await this.userRepository.upsertUser({
|
||||
|
||||
@ -6,7 +6,6 @@ import { ConfigService } from '@nestjs/config';
|
||||
|
||||
@Injectable()
|
||||
export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
|
||||
|
||||
constructor(configService: ConfigService) {
|
||||
super({
|
||||
clientID: configService.get<string>('AUTH_GOOGLE_CLIENT_ID'),
|
||||
@ -16,15 +15,21 @@ export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
|
||||
});
|
||||
}
|
||||
|
||||
async validate (accessToken: string, refreshToken: string, profile: any, done: VerifyCallback): Promise<any> {
|
||||
const { name, emails, photos } = profile
|
||||
async validate(
|
||||
accessToken: string,
|
||||
refreshToken: string,
|
||||
profile: any,
|
||||
done: VerifyCallback,
|
||||
): Promise<any> {
|
||||
const { name, emails, photos } = profile;
|
||||
const user = {
|
||||
email: emails[0].value,
|
||||
firstName: name.givenName,
|
||||
lastName: name.familyName,
|
||||
picture: photos[0].value,
|
||||
accessToken
|
||||
}
|
||||
refreshToken,
|
||||
accessToken,
|
||||
};
|
||||
done(null, user);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user