@wepublish/api
Version:
API core for we.publish.
104 lines • 4.41 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.createOAuth2Session = exports.createJWTSession = exports.createSession = exports.createUserSession = exports.revokeSessionByToken = exports.generateToken = void 0;
const tslib_1 = require("tslib");
const generate_1 = tslib_1.__importDefault(require("nanoid/generate"));
const openid_client_1 = require("openid-client");
const api_1 = require("../../../../authentication-api/src");
const api_2 = require("../../../../user-api/src");
const error_1 = require("../../error");
const user_queries_1 = require("../user/user.queries");
const IDAlphabet = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
function generateToken() {
return (0, generate_1.default)(IDAlphabet, 32);
}
exports.generateToken = generateToken;
const revokeSessionByToken = (authenticateUser, sessionClient) => {
const session = authenticateUser();
return session
? sessionClient.delete({
where: {
token: session.token
}
})
: Promise.resolve();
};
exports.revokeSessionByToken = revokeSessionByToken;
const createUserSession = (user, sessionTTL, sessionClient, userRoleClient) => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
const token = generateToken();
const expiresAt = new Date(Date.now() + sessionTTL);
const { id, createdAt } = yield sessionClient.create({
data: {
token,
userID: user.id,
expiresAt
}
});
return {
type: api_1.AuthSessionType.User,
id,
user,
token,
createdAt,
expiresAt,
roles: yield userRoleClient.findMany({
where: {
id: {
in: user.roleIDs
}
}
})
};
});
exports.createUserSession = createUserSession;
const createSession = (email, password, sessionTTL, sessionClient, userClient, userRoleClient) => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
const user = yield (0, user_queries_1.getUserForCredentials)(email, password, userClient);
if (!user)
throw new error_1.InvalidCredentialsError();
if (!user.active)
throw new error_1.NotActiveError();
return yield (0, exports.createUserSession)(user, sessionTTL, sessionClient, userRoleClient);
});
exports.createSession = createSession;
const createJWTSession = (jwt, sessionTTL, verifyJWT, sessionClient, userClient, userRoleClient) => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
const userID = verifyJWT(jwt);
const user = yield userClient.findUnique({
where: { id: userID },
select: api_2.unselectPassword
});
if (!user)
throw new error_1.InvalidCredentialsError();
if (!user.active)
throw new error_1.NotActiveError();
return yield (0, exports.createUserSession)(user, sessionTTL, sessionClient, userRoleClient);
});
exports.createJWTSession = createJWTSession;
const createOAuth2Session = (name, code, redirectUri, sessionTTL, oauth2Providers, sessionClient, userClient, userRoleClient) => tslib_1.__awaiter(void 0, void 0, void 0, function* () {
const provider = oauth2Providers.find(provider => provider.name === name);
if (!provider)
throw new error_1.OAuth2ProviderNotFoundError();
const issuer = yield openid_client_1.Issuer.discover(provider.discoverUrl);
const client = new issuer.Client({
client_id: provider.clientId,
client_secret: provider.clientKey,
redirect_uris: provider.redirectUri,
response_types: ['code']
});
const token = yield client.callback(redirectUri, { code });
if (!token.access_token)
throw new error_1.InvalidOAuth2TokenError();
const userInfo = yield client.userinfo(token.access_token);
if (!userInfo.email)
throw new Error('UserInfo did not return an email');
const user = yield userClient.findUnique({
where: { email: userInfo.email },
select: api_2.unselectPassword
});
if (!user)
throw new error_1.UserNotFoundError();
if (!user.active)
throw new error_1.NotActiveError();
return yield (0, exports.createUserSession)(user, sessionTTL, sessionClient, userRoleClient);
});
exports.createOAuth2Session = createOAuth2Session;
//# sourceMappingURL=session.mutation.js.map