Various fixes: profilePicture / logo upload, imageIdentifiers (#6530)

In this PR:
- refactoring auth module to extract a jwt module that can be re-used
from other part of the app (avoiding circular dependencies file module
=> auth => file (file and auth both need jwt actually)
- activating imageIdentfier on person on workspace creation (this will
put back the images on people)
- fixing picture upload (we were missing some fileToken)

packages/twenty-server/src/engine/core-modules/auth/auth.module.ts

@@ -1,7 +1,6 @@
 /* eslint-disable no-restricted-imports */
 import { HttpModule } from '@nestjs/axios';
 import { forwardRef, Module } from '@nestjs/common';
-import { JwtModule } from '@nestjs/jwt';
 import { TypeOrmModule } from '@nestjs/typeorm';
 
 import { TypeORMModule } from 'src/database/typeorm/typeorm.module';
@@ -16,13 +15,13 @@ import { SignInUpService } from 'src/engine/core-modules/auth/services/sign-in-u
 import { TokenService } from 'src/engine/core-modules/auth/services/token.service';
 import { FeatureFlagEntity } from 'src/engine/core-modules/feature-flag/feature-flag.entity';
 import { FileUploadModule } from 'src/engine/core-modules/file/file-upload/file-upload.module';
+import { JwtModule } from 'src/engine/core-modules/jwt/jwt.module';
 import { OnboardingModule } from 'src/engine/core-modules/onboarding/onboarding.module';
 import { UserWorkspaceModule } from 'src/engine/core-modules/user-workspace/user-workspace.module';
 import { User } from 'src/engine/core-modules/user/user.entity';
 import { UserModule } from 'src/engine/core-modules/user/user.module';
 import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
 import { WorkspaceModule } from 'src/engine/core-modules/workspace/workspace.module';
-import { EnvironmentService } from 'src/engine/integrations/environment/environment.service';
 import { DataSourceModule } from 'src/engine/metadata-modules/data-source/data-source.module';
 import { ObjectMetadataRepositoryModule } from 'src/engine/object-metadata-repository/object-metadata-repository.module';
 import { TwentyORMModule } from 'src/engine/twenty-orm/twenty-orm.module';
@@ -32,27 +31,15 @@ import { CalendarChannelWorkspaceEntity } from 'src/modules/calendar/common/stan
 import { ConnectedAccountModule } from 'src/modules/connected-account/connected-account.module';
 import { ConnectedAccountWorkspaceEntity } from 'src/modules/connected-account/standard-objects/connected-account.workspace-entity';
 import { MessageChannelWorkspaceEntity } from 'src/modules/messaging/common/standard-objects/message-channel.workspace-entity';
-import { UserVarsModule } from 'src/engine/core-modules/user/user-vars/user-vars.module';
 
 import { AuthResolver } from './auth.resolver';
 
 import { AuthService } from './services/auth.service';
 import { JwtAuthStrategy } from './strategies/jwt.auth.strategy';
-const jwtModule = JwtModule.registerAsync({
-  useFactory: async (environmentService: EnvironmentService) => {
-    return {
-      secret: environmentService.get('ACCESS_TOKEN_SECRET'),
-      signOptions: {
-        expiresIn: environmentService.get('ACCESS_TOKEN_EXPIRES_IN'),
-      },
-    };
-  },
-  inject: [EnvironmentService],
-});
 
 @Module({
   imports: [
-    jwtModule,
+    JwtModule,
     FileUploadModule,
     DataSourceModule,
     forwardRef(() => UserModule),
@@ -89,6 +76,6 @@ const jwtModule = JwtModule.registerAsync({
     GoogleAPIsService,
     AppTokenService,
   ],
-  exports: [jwtModule, TokenService],
+  exports: [TokenService],
 })
 export class AuthModule {}

packages/twenty-server/src/engine/core-modules/auth/services/token.service.spec.ts

@@ -1,25 +1,25 @@
-import { Test, TestingModule } from '@nestjs/testing';
-import { JwtService } from '@nestjs/jwt';
-import { getRepositoryToken } from '@nestjs/typeorm';
 import {
   BadRequestException,
   InternalServerErrorException,
   NotFoundException,
 } from '@nestjs/common';
+import { JwtService } from '@nestjs/jwt';
+import { Test, TestingModule } from '@nestjs/testing';
+import { getRepositoryToken } from '@nestjs/typeorm';
 
 import crypto from 'crypto';
 
 import { IsNull, MoreThan, Repository } from 'typeorm';
 
-import { EnvironmentService } from 'src/engine/integrations/environment/environment.service';
 import {
   AppToken,
   AppTokenType,
 } from 'src/engine/core-modules/app-token/app-token.entity';
-import { User } from 'src/engine/core-modules/user/user.entity';
 import { JwtAuthStrategy } from 'src/engine/core-modules/auth/strategies/jwt.auth.strategy';
-import { EmailService } from 'src/engine/integrations/email/email.service';
+import { User } from 'src/engine/core-modules/user/user.entity';
 import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
+import { EmailService } from 'src/engine/integrations/email/email.service';
+import { EnvironmentService } from 'src/engine/integrations/environment/environment.service';
 
 import { TokenService } from './token.service';
 

packages/twenty-server/src/engine/core-modules/auth/services/token.service.ts

@@ -7,50 +7,50 @@ import {
   UnauthorizedException,
   UnprocessableEntityException,
 } from '@nestjs/common';
-import { JwtService } from '@nestjs/jwt';
 import { InjectRepository } from '@nestjs/typeorm';
 
 import crypto from 'crypto';
 
-import { addMilliseconds, differenceInMilliseconds } from 'date-fns';
-import ms from 'ms';
-import { JsonWebTokenError, TokenExpiredError } from 'jsonwebtoken';
-import { IsNull, MoreThan, Repository } from 'typeorm';
-import { Request } from 'express';
-import { ExtractJwt } from 'passport-jwt';
 import { render } from '@react-email/render';
+import { addMilliseconds, differenceInMilliseconds } from 'date-fns';
+import { Request } from 'express';
+import { JsonWebTokenError, TokenExpiredError } from 'jsonwebtoken';
+import ms from 'ms';
+import { ExtractJwt } from 'passport-jwt';
 import { PasswordResetLinkEmail } from 'twenty-emails';
+import { IsNull, MoreThan, Repository } from 'typeorm';
 
 import {
-  JwtAuthStrategy,
-  JwtPayload,
-} from 'src/engine/core-modules/auth/strategies/jwt.auth.strategy';
-import { assert } from 'src/utils/assert';
+  AppToken,
+  AppTokenType,
+} from 'src/engine/core-modules/app-token/app-token.entity';
+import { EmailPasswordResetLink } from 'src/engine/core-modules/auth/dto/email-password-reset-link.entity';
+import { ExchangeAuthCode } from 'src/engine/core-modules/auth/dto/exchange-auth-code.entity';
+import { ExchangeAuthCodeInput } from 'src/engine/core-modules/auth/dto/exchange-auth-code.input';
+import { InvalidatePassword } from 'src/engine/core-modules/auth/dto/invalidate-password.entity';
 import {
   ApiKeyToken,
   AuthToken,
   AuthTokens,
   PasswordResetToken,
 } from 'src/engine/core-modules/auth/dto/token.entity';
-import { EnvironmentService } from 'src/engine/integrations/environment/environment.service';
-import { User } from 'src/engine/core-modules/user/user.entity';
-import {
-  AppToken,
-  AppTokenType,
-} from 'src/engine/core-modules/app-token/app-token.entity';
 import { ValidatePasswordResetToken } from 'src/engine/core-modules/auth/dto/validate-password-reset-token.entity';
-import { EmailService } from 'src/engine/integrations/email/email.service';
-import { InvalidatePassword } from 'src/engine/core-modules/auth/dto/invalidate-password.entity';
-import { EmailPasswordResetLink } from 'src/engine/core-modules/auth/dto/email-password-reset-link.entity';
+import {
+  JwtAuthStrategy,
+  JwtPayload,
+} from 'src/engine/core-modules/auth/strategies/jwt.auth.strategy';
 import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type';
+import { JwtWrapperService } from 'src/engine/core-modules/jwt/services/jwt-wrapper.service';
+import { User } from 'src/engine/core-modules/user/user.entity';
 import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
-import { ExchangeAuthCodeInput } from 'src/engine/core-modules/auth/dto/exchange-auth-code.input';
-import { ExchangeAuthCode } from 'src/engine/core-modules/auth/dto/exchange-auth-code.entity';
+import { EmailService } from 'src/engine/integrations/email/email.service';
+import { EnvironmentService } from 'src/engine/integrations/environment/environment.service';
+import { assert } from 'src/utils/assert';
 
 @Injectable()
 export class TokenService {
   constructor(
-    private readonly jwtService: JwtService,
+    private readonly jwtWrapperService: JwtWrapperService,
     private readonly jwtStrategy: JwtAuthStrategy,
     private readonly environmentService: EnvironmentService,
     @InjectRepository(User, 'core')
@@ -90,7 +90,7 @@ export class TokenService {
     };
 
     return {
-      token: this.jwtService.sign(jwtPayload),
+      token: this.jwtWrapperService.sign(jwtPayload),
       expiresAt,
     };
   }
@@ -116,7 +116,7 @@ export class TokenService {
     await this.appTokenRepository.save(refreshToken);
 
     return {
-      token: this.jwtService.sign(jwtPayload, {
+      token: this.jwtWrapperService.sign(jwtPayload, {
         secret,
         expiresIn,
         // Jwtid will be used to link RefreshToken entity to this token
@@ -137,7 +137,7 @@ export class TokenService {
     };
 
     return {
-      token: this.jwtService.sign(jwtPayload, {
+      token: this.jwtWrapperService.sign(jwtPayload, {
         secret,
         expiresIn,
       }),
@@ -164,7 +164,7 @@ export class TokenService {
     };
 
     return {
-      token: this.jwtService.sign(jwtPayload, {
+      token: this.jwtWrapperService.sign(jwtPayload, {
         secret,
         expiresIn,
       }),
@@ -193,7 +193,7 @@ export class TokenService {
     } else {
       expiresIn = this.environmentService.get('API_TOKEN_EXPIRES_IN');
     }
-    const token = this.jwtService.sign(jwtPayload, {
+    const token = this.jwtWrapperService.sign(jwtPayload, {
       secret,
       expiresIn,
       jwtid: apiKeyId,
@@ -496,7 +496,10 @@ export class TokenService {
 
   async verifyJwt(token: string, secret?: string) {
     try {
-      return this.jwtService.verify(token, secret ? { secret } : undefined);
+      return this.jwtWrapperService.verify(
+        token,
+        secret ? { secret } : undefined,
+      );
     } catch (error) {
       if (error instanceof TokenExpiredError) {
         throw new UnauthorizedException('Token has expired.');
@@ -668,12 +671,4 @@ export class TokenService {
 
     return { success: true };
   }
-
-  async encodePayload(payload: any, options?: any): Promise<string> {
-    return this.jwtService.sign(payload, options);
-  }
-
-  async decodePayload(payload: any, options?: any): Promise<string> {
-    return this.jwtService.decode(payload, options);
-  }
 }