From 05842a289202a2028a05682142d843e3d0cad4f7 Mon Sep 17 00:00:00 2001 From: adrien2p Date: Tue, 13 Dec 2022 18:32:23 +0100 Subject: [PATCH 1/3] feat: Allow to access session fromm the plugin and remove cookie usage --- packages/medusa-plugin-auth/.gitignore | 1 + packages/medusa-plugin-auth/src/api/index.ts | 51 +------------------ .../src/auth-strategies/facebook/admin.ts | 3 +- .../src/auth-strategies/facebook/store.ts | 3 +- .../src/auth-strategies/google/admin.ts | 3 +- .../src/auth-strategies/google/store.ts | 3 +- .../src/auth-strategies/jwt/admin.ts | 21 -------- .../src/auth-strategies/jwt/index.ts | 11 ---- .../src/auth-strategies/jwt/store.ts | 21 -------- .../src/auth-strategies/jwt/types.ts | 2 - .../src/auth-strategies/linkedin/admin.ts | 3 +- .../src/auth-strategies/linkedin/store.ts | 3 +- .../src/core/utils/build-callback-handler.ts | 7 +-- .../src/core/utils/get-cookie-options.ts | 18 ------- packages/medusa-plugin-auth/src/index.ts | 8 +++ .../medusa-plugin-auth/src/loaders/index.ts | 6 ++- .../medusa-plugin-auth/src/types/index.ts | 3 -- 17 files changed, 24 insertions(+), 143 deletions(-) delete mode 100644 packages/medusa-plugin-auth/src/auth-strategies/jwt/admin.ts delete mode 100644 packages/medusa-plugin-auth/src/auth-strategies/jwt/index.ts delete mode 100644 packages/medusa-plugin-auth/src/auth-strategies/jwt/store.ts delete mode 100644 packages/medusa-plugin-auth/src/auth-strategies/jwt/types.ts delete mode 100644 packages/medusa-plugin-auth/src/core/utils/get-cookie-options.ts create mode 100644 packages/medusa-plugin-auth/src/index.ts diff --git a/packages/medusa-plugin-auth/.gitignore b/packages/medusa-plugin-auth/.gitignore index 03db783..7079bb7 100644 --- a/packages/medusa-plugin-auth/.gitignore +++ b/packages/medusa-plugin-auth/.gitignore @@ -8,6 +8,7 @@ /services /loaders /auth-strategies +index.* node_modules .DS_store diff --git a/packages/medusa-plugin-auth/src/api/index.ts b/packages/medusa-plugin-auth/src/api/index.ts index 3263b82..517df2b 100644 --- a/packages/medusa-plugin-auth/src/api/index.ts +++ b/packages/medusa-plugin-auth/src/api/index.ts @@ -1,13 +1,11 @@ import { Router } from 'express'; import { ConfigModule } from '@medusajs/medusa/dist/types/global'; -import wrapHandler from '@medusajs/medusa/dist/api/middlewares/await-middleware'; import loadConfig from '@medusajs/medusa/dist/loaders/config'; -import cors from 'cors'; import GoogleStrategy from '../auth-strategies/google'; import FacebookStrategy from '../auth-strategies/facebook'; import LinkedinStrategy from '../auth-strategies/linkedin'; -import { ADMIN_AUTH_TOKEN_COOKIE_NAME, AuthOptions, STORE_AUTH_TOKEN_COOKIE_NAME } from '../types'; +import { AuthOptions } from '../types'; export default function (rootDirectory, pluginOptions: AuthOptions): Router[] { const configModule = loadConfig(rootDirectory) as ConfigModule; @@ -20,53 +18,6 @@ function loadRouters(configModule: ConfigModule, options: AuthOptions): Router[] routers.push(...GoogleStrategy.getRouter(configModule, options)); routers.push(...FacebookStrategy.getRouter(configModule, options)); routers.push(...LinkedinStrategy.getRouter(configModule, options)); - routers.push(getLogoutRouter(configModule)); return routers; } - -function getLogoutRouter(configModule: ConfigModule): Router { - const router = Router(); - - const adminCorsOptions = { - origin: configModule.projectConfig.admin_cors.split(','), - credentials: true, - }; - - router.use('/admin/auth', cors(adminCorsOptions)); - router.delete( - '/admin/auth', - wrapHandler(async (req, res) => { - if ((req as unknown as Request & { session: unknown }).session) { - (req as unknown as Request & { session: { jwt: string } }).session.jwt = null; - (req as unknown as Request & { session: { destroy: () => void } }).session.destroy(); - } - - res.clearCookie(ADMIN_AUTH_TOKEN_COOKIE_NAME); - - res.status(200).json({}); - }) - ); - - const storeCorsOptions = { - origin: configModule.projectConfig.store_cors.split(','), - credentials: true, - }; - - router.use('/store/auth', cors(storeCorsOptions)); - router.delete( - '/store/auth', - wrapHandler(async (req, res) => { - if ((req as unknown as Request & { session: unknown }).session) { - (req as unknown as Request & { session: { jwt_store: string } }).session.jwt_store = null; - (req as unknown as Request & { session: { destroy: () => void } }).session.destroy(); - } - - res.clearCookie(STORE_AUTH_TOKEN_COOKIE_NAME); - - res.status(200).json({}); - }) - ); - - return router; -} diff --git a/packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts b/packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts index 7fda9e2..c23fcc9 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts @@ -1,7 +1,7 @@ import passport from 'passport'; import { Strategy as FacebookStrategy } from 'passport-facebook'; import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; -import { ADMIN_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types'; +import { TWENTY_FOUR_HOURS_IN_MS } from '../../types'; import { UserService } from '@medusajs/medusa'; import { MedusaError } from 'medusa-core-utils'; import { Router } from 'express'; @@ -93,7 +93,6 @@ export function getFacebookAdminAuthRouter(facebook: FacebookAuthOptions, config const expiresIn = facebook.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( "admin", - ADMIN_AUTH_TOKEN_COOKIE_NAME, configModule.projectConfig.jwt_secret, expiresIn, facebook.admin.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts b/packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts index daa760a..a51f0d2 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts @@ -7,7 +7,7 @@ import { CustomerService } from '@medusajs/medusa'; import { MedusaError } from 'medusa-core-utils'; import { EntityManager } from 'typeorm'; -import { CUSTOMER_METADATA_KEY, STORE_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types'; +import { CUSTOMER_METADATA_KEY, TWENTY_FOUR_HOURS_IN_MS } from '../../types'; import { FACEBOOK_STORE_STRATEGY_NAME, FacebookAuthOptions, Profile } from './types'; import { PassportStrategy } from '../../core/Strategy'; import { buildCallbackHandler } from '../../core/utils/build-callback-handler'; @@ -119,7 +119,6 @@ export function getFacebookStoreAuthRouter(facebook: FacebookAuthOptions, config const expiresIn = facebook.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( "store", - STORE_AUTH_TOKEN_COOKIE_NAME, configModule.projectConfig.jwt_secret, expiresIn, facebook.store.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts b/packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts index a3788f1..efcdea3 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts @@ -1,7 +1,7 @@ import passport from 'passport'; import { Strategy as GoogleStrategy } from 'passport-google-oauth2'; import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; -import { ADMIN_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types'; +import { TWENTY_FOUR_HOURS_IN_MS } from '../../types'; import { UserService } from '@medusajs/medusa'; import { MedusaError } from 'medusa-core-utils'; import { Router } from 'express'; @@ -95,7 +95,6 @@ export function getGoogleAdminAuthRouter(google: GoogleAuthOptions, configModule const expiresIn = google.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( "admin", - ADMIN_AUTH_TOKEN_COOKIE_NAME, configModule.projectConfig.jwt_secret, expiresIn, google.admin.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/google/store.ts b/packages/medusa-plugin-auth/src/auth-strategies/google/store.ts index e80759c..590dd10 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/google/store.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/google/store.ts @@ -7,7 +7,7 @@ import { CustomerService } from '@medusajs/medusa'; import { MedusaError } from 'medusa-core-utils'; import { EntityManager } from 'typeorm'; -import { CUSTOMER_METADATA_KEY, STORE_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types'; +import { CUSTOMER_METADATA_KEY, TWENTY_FOUR_HOURS_IN_MS } from '../../types'; import { PassportStrategy } from '../../core/Strategy'; import { GOOGLE_STORE_STRATEGY_NAME, GoogleAuthOptions, Profile } from './types'; import { buildCallbackHandler } from '../../core/utils/build-callback-handler'; @@ -121,7 +121,6 @@ export function getGoogleStoreAuthRouter(google: GoogleAuthOptions, configModule const expiresIn = google.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( "store", - STORE_AUTH_TOKEN_COOKIE_NAME, configModule.projectConfig.jwt_secret, expiresIn, google.store.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/jwt/admin.ts b/packages/medusa-plugin-auth/src/auth-strategies/jwt/admin.ts deleted file mode 100644 index 00a0dc7..0000000 --- a/packages/medusa-plugin-auth/src/auth-strategies/jwt/admin.ts +++ /dev/null @@ -1,21 +0,0 @@ -import { PassportStrategy } from '../../core/Strategy'; -import { Strategy as JWTStrategy } from 'passport-jwt'; -import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; -import { JWT_ADMIN_STRATEGY_NAME } from './types'; -import { ADMIN_AUTH_TOKEN_COOKIE_NAME } from '../../types'; - -export class JwtAdminStrategy extends PassportStrategy(JWTStrategy, JWT_ADMIN_STRATEGY_NAME) { - constructor(protected readonly container: MedusaContainer, protected readonly configModule: ConfigModule) { - const { jwt_secret } = configModule.projectConfig; - super({ - jwtFromRequest: (req) => { - return req.cookies[ADMIN_AUTH_TOKEN_COOKIE_NAME] ?? req.session.jwt; - }, - secretOrKey: jwt_secret, - }); - } - - async validate(jwtPayload): Promise { - return jwtPayload; - } -} diff --git a/packages/medusa-plugin-auth/src/auth-strategies/jwt/index.ts b/packages/medusa-plugin-auth/src/auth-strategies/jwt/index.ts deleted file mode 100644 index 10ed5f7..0000000 --- a/packages/medusa-plugin-auth/src/auth-strategies/jwt/index.ts +++ /dev/null @@ -1,11 +0,0 @@ -import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; -import { StrategyExport } from '../../types'; -import { JwtAdminStrategy } from './admin'; -import { JwtStoreStrategy } from './store'; - -export default { - load: (container: MedusaContainer, configModule: ConfigModule): void => { - new JwtAdminStrategy(container, configModule); - new JwtStoreStrategy(container, configModule); - }, -} as StrategyExport; diff --git a/packages/medusa-plugin-auth/src/auth-strategies/jwt/store.ts b/packages/medusa-plugin-auth/src/auth-strategies/jwt/store.ts deleted file mode 100644 index 9799bb2..0000000 --- a/packages/medusa-plugin-auth/src/auth-strategies/jwt/store.ts +++ /dev/null @@ -1,21 +0,0 @@ -import { PassportStrategy } from '../../core/Strategy'; -import { Strategy as JWTStrategy } from 'passport-jwt'; -import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; -import { JWT_STORE_STRATEGY_NAME } from './types'; -import { STORE_AUTH_TOKEN_COOKIE_NAME } from '../../types'; - -export class JwtStoreStrategy extends PassportStrategy(JWTStrategy, JWT_STORE_STRATEGY_NAME) { - constructor(protected readonly container: MedusaContainer, protected readonly configModule: ConfigModule) { - const { jwt_secret } = configModule.projectConfig; - super({ - jwtFromRequest: (req) => { - return req.cookies[STORE_AUTH_TOKEN_COOKIE_NAME] ?? req.session.jwt_store; - }, - secretOrKey: jwt_secret, - }); - } - - async validate(jwtPayload): Promise { - return jwtPayload; - } -} diff --git a/packages/medusa-plugin-auth/src/auth-strategies/jwt/types.ts b/packages/medusa-plugin-auth/src/auth-strategies/jwt/types.ts deleted file mode 100644 index 4d788b4..0000000 --- a/packages/medusa-plugin-auth/src/auth-strategies/jwt/types.ts +++ /dev/null @@ -1,2 +0,0 @@ -export const JWT_ADMIN_STRATEGY_NAME = 'admin-jwt'; -export const JWT_STORE_STRATEGY_NAME = 'store-jwt'; diff --git a/packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts b/packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts index 6701447..2e2d992 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts @@ -1,7 +1,7 @@ import passport from 'passport'; import { Strategy as LinkedinStrategy } from 'passport-linkedin-oauth2'; import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; -import { ADMIN_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types'; +import { TWENTY_FOUR_HOURS_IN_MS } from '../../types'; import { UserService } from '@medusajs/medusa'; import { MedusaError } from 'medusa-core-utils'; import { Router } from 'express'; @@ -98,7 +98,6 @@ export function getLinkedinAdminAuthRouter(linkedin: LinkedinAuthOptions, config const callbackHandler = buildCallbackHandler( "admin", - ADMIN_AUTH_TOKEN_COOKIE_NAME, configModule.projectConfig.jwt_secret, expiresIn, linkedin.admin.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts b/packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts index cec9051..8c91d9b 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts @@ -7,7 +7,7 @@ import { CustomerService } from '@medusajs/medusa'; import { MedusaError } from 'medusa-core-utils'; import { EntityManager } from 'typeorm'; -import { CUSTOMER_METADATA_KEY, STORE_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types'; +import { CUSTOMER_METADATA_KEY, TWENTY_FOUR_HOURS_IN_MS } from '../../types'; import { PassportStrategy } from '../../core/Strategy'; import { LINKEDIN_STORE_STRATEGY_NAME, LinkedinAuthOptions, Profile } from './types'; import { buildCallbackHandler } from '../../core/utils/build-callback-handler'; @@ -123,7 +123,6 @@ export function getLinkedinStoreAuthRouter(linkedin: LinkedinAuthOptions, config const expiresIn = linkedin.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( "store", - STORE_AUTH_TOKEN_COOKIE_NAME, configModule.projectConfig.jwt_secret, expiresIn, linkedin.store.successRedirect diff --git a/packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts b/packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts index e219f4e..022d5e9 100644 --- a/packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts +++ b/packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts @@ -1,10 +1,11 @@ import jwt from 'jsonwebtoken'; -import { getCookieOptions } from './get-cookie-options'; -export function buildCallbackHandler(domain: "admin" | "store", cookieName: string, secret: string, expiresIn: number, successRedirect: string) { +export function buildCallbackHandler(domain: "admin" | "store", secret: string, expiresIn: number, successRedirect: string) { return (req, res) => { const tokenData = domain === "admin" ? { userId: req.user.id } : { customer_id: req.user.id } const token = jwt.sign(tokenData, secret, { expiresIn }); - res.cookie(cookieName, token, getCookieOptions(expiresIn)).redirect(successRedirect); + const sessionKey = domain === "admin" ? "jwt" : "jwt_store" + req.session[sessionKey] = token + res.redirect(successRedirect); }; } diff --git a/packages/medusa-plugin-auth/src/core/utils/get-cookie-options.ts b/packages/medusa-plugin-auth/src/core/utils/get-cookie-options.ts deleted file mode 100644 index dd82c33..0000000 --- a/packages/medusa-plugin-auth/src/core/utils/get-cookie-options.ts +++ /dev/null @@ -1,18 +0,0 @@ -import { CookieOptions } from 'express-serve-static-core'; - -export function getCookieOptions(maxAge: number): CookieOptions { - let secure = false; - let sameSite: CookieOptions['sameSite'] = false; - - if (process.env.NODE_ENV === 'production' || process.env.NODE_ENV === 'staging') { - secure = true; - sameSite = 'none'; - } - - return { - sameSite, - secure, - httpOnly: true, - maxAge, - }; -} diff --git a/packages/medusa-plugin-auth/src/index.ts b/packages/medusa-plugin-auth/src/index.ts new file mode 100644 index 0000000..8d07de3 --- /dev/null +++ b/packages/medusa-plugin-auth/src/index.ts @@ -0,0 +1,8 @@ +/** + * Noop passport session in order to delayed the usage of it after the custom auth strategies have been applied + */ +import passport from "passport" + +export const originalPassportSession = passport.session +passport.session = () => () => void 0 + diff --git a/packages/medusa-plugin-auth/src/loaders/index.ts b/packages/medusa-plugin-auth/src/loaders/index.ts index 3aa633b..f7b34aa 100644 --- a/packages/medusa-plugin-auth/src/loaders/index.ts +++ b/packages/medusa-plugin-auth/src/loaders/index.ts @@ -1,16 +1,18 @@ +import passport from "passport" import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; import { AuthOptions } from '../types'; -import JwtStrategy from '../auth-strategies/jwt'; import GoogleStrategy from '../auth-strategies/google'; import FacebookStrategy from '../auth-strategies/facebook'; import LinkedinStrategy from '../auth-strategies/linkedin'; +import { originalPassportSession } from "../index"; export default async function authStrategiesLoader(container: MedusaContainer, authOptions: AuthOptions) { const configModule = container.resolve('configModule') as ConfigModule; - JwtStrategy.load(container, configModule); GoogleStrategy.load(container, configModule, authOptions); FacebookStrategy.load(container, configModule, authOptions); LinkedinStrategy.load(container, configModule, authOptions); + + passport.use(originalPassportSession) } diff --git a/packages/medusa-plugin-auth/src/types/index.ts b/packages/medusa-plugin-auth/src/types/index.ts index 55e2b9f..07ed3f3 100644 --- a/packages/medusa-plugin-auth/src/types/index.ts +++ b/packages/medusa-plugin-auth/src/types/index.ts @@ -4,9 +4,6 @@ import { LinkedinAuthOptions } from '../auth-strategies/linkedin'; import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; import { Router } from 'express'; -export const STORE_AUTH_TOKEN_COOKIE_NAME = 'store_auth_token'; -export const ADMIN_AUTH_TOKEN_COOKIE_NAME = 'admin_auth_token'; - export const CUSTOMER_METADATA_KEY = 'useSocialAuth'; export const TWENTY_FOUR_HOURS_IN_MS = 24 * 60 * 60 * 1000; From 73ec1760ae6c3c9232b27d91c830c4017ed99b88 Mon Sep 17 00:00:00 2001 From: adrien2p Date: Tue, 13 Dec 2022 18:34:57 +0100 Subject: [PATCH 2/3] chore: lint --- .../src/auth-strategies/facebook/admin.ts | 2 +- .../src/auth-strategies/facebook/store.ts | 2 +- .../src/auth-strategies/google/admin.ts | 4 ++-- .../src/auth-strategies/google/store.ts | 2 +- .../src/auth-strategies/linkedin/admin.ts | 2 +- .../src/auth-strategies/linkedin/store.ts | 2 +- .../src/core/utils/build-callback-handler.ts | 13 +++++++++---- packages/medusa-plugin-auth/src/index.ts | 7 +++---- packages/medusa-plugin-auth/src/loaders/index.ts | 6 +++--- 9 files changed, 22 insertions(+), 18 deletions(-) diff --git a/packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts b/packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts index c23fcc9..6bd31a7 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts @@ -92,7 +92,7 @@ export function getFacebookAdminAuthRouter(facebook: FacebookAuthOptions, config const expiresIn = facebook.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( - "admin", + 'admin', configModule.projectConfig.jwt_secret, expiresIn, facebook.admin.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts b/packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts index a51f0d2..be3d9dc 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts @@ -118,7 +118,7 @@ export function getFacebookStoreAuthRouter(facebook: FacebookAuthOptions, config const expiresIn = facebook.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( - "store", + 'store', configModule.projectConfig.jwt_secret, expiresIn, facebook.store.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts b/packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts index efcdea3..1e0f7b5 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts @@ -1,7 +1,7 @@ import passport from 'passport'; import { Strategy as GoogleStrategy } from 'passport-google-oauth2'; import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; -import { TWENTY_FOUR_HOURS_IN_MS } from '../../types'; +import { TWENTY_FOUR_HOURS_IN_MS } from '../../types'; import { UserService } from '@medusajs/medusa'; import { MedusaError } from 'medusa-core-utils'; import { Router } from 'express'; @@ -94,7 +94,7 @@ export function getGoogleAdminAuthRouter(google: GoogleAuthOptions, configModule const expiresIn = google.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( - "admin", + 'admin', configModule.projectConfig.jwt_secret, expiresIn, google.admin.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/google/store.ts b/packages/medusa-plugin-auth/src/auth-strategies/google/store.ts index 590dd10..f1a7436 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/google/store.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/google/store.ts @@ -120,7 +120,7 @@ export function getGoogleStoreAuthRouter(google: GoogleAuthOptions, configModule const expiresIn = google.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( - "store", + 'store', configModule.projectConfig.jwt_secret, expiresIn, google.store.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts b/packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts index 2e2d992..f588cd0 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts @@ -97,7 +97,7 @@ export function getLinkedinAdminAuthRouter(linkedin: LinkedinAuthOptions, config const expiresIn = linkedin.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( - "admin", + 'admin', configModule.projectConfig.jwt_secret, expiresIn, linkedin.admin.successRedirect diff --git a/packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts b/packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts index 8c91d9b..4396b3f 100644 --- a/packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts +++ b/packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts @@ -122,7 +122,7 @@ export function getLinkedinStoreAuthRouter(linkedin: LinkedinAuthOptions, config const expiresIn = linkedin.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS; const callbackHandler = buildCallbackHandler( - "store", + 'store', configModule.projectConfig.jwt_secret, expiresIn, linkedin.store.successRedirect diff --git a/packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts b/packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts index 022d5e9..4bbb0c8 100644 --- a/packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts +++ b/packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts @@ -1,11 +1,16 @@ import jwt from 'jsonwebtoken'; -export function buildCallbackHandler(domain: "admin" | "store", secret: string, expiresIn: number, successRedirect: string) { +export function buildCallbackHandler( + domain: 'admin' | 'store', + secret: string, + expiresIn: number, + successRedirect: string +) { return (req, res) => { - const tokenData = domain === "admin" ? { userId: req.user.id } : { customer_id: req.user.id } + const tokenData = domain === 'admin' ? { userId: req.user.id } : { customer_id: req.user.id }; const token = jwt.sign(tokenData, secret, { expiresIn }); - const sessionKey = domain === "admin" ? "jwt" : "jwt_store" - req.session[sessionKey] = token + const sessionKey = domain === 'admin' ? 'jwt' : 'jwt_store'; + req.session[sessionKey] = token; res.redirect(successRedirect); }; } diff --git a/packages/medusa-plugin-auth/src/index.ts b/packages/medusa-plugin-auth/src/index.ts index 8d07de3..75cf860 100644 --- a/packages/medusa-plugin-auth/src/index.ts +++ b/packages/medusa-plugin-auth/src/index.ts @@ -1,8 +1,7 @@ /** * Noop passport session in order to delayed the usage of it after the custom auth strategies have been applied */ -import passport from "passport" - -export const originalPassportSession = passport.session -passport.session = () => () => void 0 +import passport from 'passport'; +export const originalPassportSession = passport.session; +passport.session = () => () => void 0; diff --git a/packages/medusa-plugin-auth/src/loaders/index.ts b/packages/medusa-plugin-auth/src/loaders/index.ts index f7b34aa..f283ffc 100644 --- a/packages/medusa-plugin-auth/src/loaders/index.ts +++ b/packages/medusa-plugin-auth/src/loaders/index.ts @@ -1,11 +1,11 @@ -import passport from "passport" +import passport from 'passport'; import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; import { AuthOptions } from '../types'; import GoogleStrategy from '../auth-strategies/google'; import FacebookStrategy from '../auth-strategies/facebook'; import LinkedinStrategy from '../auth-strategies/linkedin'; -import { originalPassportSession } from "../index"; +import { originalPassportSession } from '../index'; export default async function authStrategiesLoader(container: MedusaContainer, authOptions: AuthOptions) { const configModule = container.resolve('configModule') as ConfigModule; @@ -14,5 +14,5 @@ export default async function authStrategiesLoader(container: MedusaContainer, a FacebookStrategy.load(container, configModule, authOptions); LinkedinStrategy.load(container, configModule, authOptions); - passport.use(originalPassportSession) + passport.use(originalPassportSession); } From 01caad96e616b6f8fc605f414d8c4d8325d76f90 Mon Sep 17 00:00:00 2001 From: adrien2p Date: Tue, 13 Dec 2022 18:58:12 +0100 Subject: [PATCH 3/3] cleanup --- packages/medusa-plugin-auth/src/index.ts | 7 ------- packages/medusa-plugin-auth/src/loaders/index.ts | 4 ---- 2 files changed, 11 deletions(-) delete mode 100644 packages/medusa-plugin-auth/src/index.ts diff --git a/packages/medusa-plugin-auth/src/index.ts b/packages/medusa-plugin-auth/src/index.ts deleted file mode 100644 index 75cf860..0000000 --- a/packages/medusa-plugin-auth/src/index.ts +++ /dev/null @@ -1,7 +0,0 @@ -/** - * Noop passport session in order to delayed the usage of it after the custom auth strategies have been applied - */ -import passport from 'passport'; - -export const originalPassportSession = passport.session; -passport.session = () => () => void 0; diff --git a/packages/medusa-plugin-auth/src/loaders/index.ts b/packages/medusa-plugin-auth/src/loaders/index.ts index f283ffc..c7a99aa 100644 --- a/packages/medusa-plugin-auth/src/loaders/index.ts +++ b/packages/medusa-plugin-auth/src/loaders/index.ts @@ -1,11 +1,9 @@ -import passport from 'passport'; import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global'; import { AuthOptions } from '../types'; import GoogleStrategy from '../auth-strategies/google'; import FacebookStrategy from '../auth-strategies/facebook'; import LinkedinStrategy from '../auth-strategies/linkedin'; -import { originalPassportSession } from '../index'; export default async function authStrategiesLoader(container: MedusaContainer, authOptions: AuthOptions) { const configModule = container.resolve('configModule') as ConfigModule; @@ -13,6 +11,4 @@ export default async function authStrategiesLoader(container: MedusaContainer, a GoogleStrategy.load(container, configModule, authOptions); FacebookStrategy.load(container, configModule, authOptions); LinkedinStrategy.load(container, configModule, authOptions); - - passport.use(originalPassportSession); }