@qelos/auth/dist/server/controllers/auth-callback.js

Express Passport authentication service

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.authCallback = void 0;
const user_1 = __importDefault(require("../models/user"));
const tokens_1 = require("../services/tokens");
const req_host_1 = require("../services/req-host");
const signin_signup_token_1 = require("./signin-signup-token");
// Controller to convert refresh token to cookie token
function authCallback(req, res, next) {
    return __awaiter(this, void 0, void 0, function* () {
        if (!req.query.rt) {
            return res.status(401).end();
        }
        const refreshToken = req.query.rt;
        const tenant = req.headers.tenant || '0'; // Get tenant
        if (!refreshToken || refreshToken.trim() === '') {
            return res.status(400).json({ error: 'Refresh token is missing' });
        }
        try {
            // Validation of refresh token
            const decoded = yield (0, tokens_1.verifyRefreshToken)(refreshToken, tenant);
            const user = yield user_1.default.findOne({ _id: decoded.sub, tenant: decoded.tenant }).exec();
            if (!user) {
                return res.status(401).json({
                    errors: {
                        general: 'User not found',
                    }
                });
            }
            if (!user.tokens.some(token => token.tokenIdentifier === decoded.tokenIdentifier)) {
                return res.status(401).json({
                    errors: {
                        general: 'Refresh token not valid',
                    }
                });
            }
            user.tokens = user.tokens.filter(token => token.tokenIdentifier !== decoded.tokenIdentifier);
            // Generate a new token
            const workspace = decoded.workspace ? { _id: decoded.workspace } : null;
            const cookieToken = user.getToken({ authType: 'cookie', workspace });
            (0, signin_signup_token_1.tokenPayload)((0, req_host_1.getRequestHost)(req), res, { tenant, cookieToken, user, workspace });
            yield user.save();
        }
        catch (error) {
            return res.status(401).json({ error: 'Invalid refresh token' });
        }
    });
}
exports.authCallback = authCallback;