Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Allow to access session from the plugin and remove cookie usage #32

Merged
merged 3 commits into from
Dec 14, 2022
Merged

feat: Allow to access session from the plugin and remove cookie usage #32

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
05842a2
feat: Allow to access session fromm the plugin and remove cookie usage
adrien2p Dec 13, 2022
73ec176
chore: lint
adrien2p Dec 13, 2022
01caad9
cleanup
adrien2p Dec 13, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions packages/medusa-plugin-auth/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
/services
/loaders
/auth-strategies
index.*

node_modules
.DS_store
Expand Down
51 changes: 1 addition & 50 deletions packages/medusa-plugin-auth/src/api/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,11 @@
import { Router } from 'express';
import { ConfigModule } from '@medusajs/medusa/dist/types/global';
import wrapHandler from '@medusajs/medusa/dist/api/middlewares/await-middleware';
import loadConfig from '@medusajs/medusa/dist/loaders/config';
import cors from 'cors';
import GoogleStrategy from '../auth-strategies/google';
import FacebookStrategy from '../auth-strategies/facebook';
import LinkedinStrategy from '../auth-strategies/linkedin';

import { ADMIN_AUTH_TOKEN_COOKIE_NAME, AuthOptions, STORE_AUTH_TOKEN_COOKIE_NAME } from '../types';
import { AuthOptions } from '../types';

export default function (rootDirectory, pluginOptions: AuthOptions): Router[] {
const configModule = loadConfig(rootDirectory) as ConfigModule;
Expand All @@ -20,53 +18,6 @@ function loadRouters(configModule: ConfigModule, options: AuthOptions): Router[]
routers.push(...GoogleStrategy.getRouter(configModule, options));
routers.push(...FacebookStrategy.getRouter(configModule, options));
routers.push(...LinkedinStrategy.getRouter(configModule, options));
routers.push(getLogoutRouter(configModule));

return routers;
}

function getLogoutRouter(configModule: ConfigModule): Router {
const router = Router();

const adminCorsOptions = {
origin: configModule.projectConfig.admin_cors.split(','),
credentials: true,
};

router.use('/admin/auth', cors(adminCorsOptions));
router.delete(
'/admin/auth',
wrapHandler(async (req, res) => {
if ((req as unknown as Request & { session: unknown }).session) {
(req as unknown as Request & { session: { jwt: string } }).session.jwt = null;
(req as unknown as Request & { session: { destroy: () => void } }).session.destroy();
}

res.clearCookie(ADMIN_AUTH_TOKEN_COOKIE_NAME);

res.status(200).json({});
})
);

const storeCorsOptions = {
origin: configModule.projectConfig.store_cors.split(','),
credentials: true,
};

router.use('/store/auth', cors(storeCorsOptions));
router.delete(
'/store/auth',
wrapHandler(async (req, res) => {
if ((req as unknown as Request & { session: unknown }).session) {
(req as unknown as Request & { session: { jwt_store: string } }).session.jwt_store = null;
(req as unknown as Request & { session: { destroy: () => void } }).session.destroy();
}

res.clearCookie(STORE_AUTH_TOKEN_COOKIE_NAME);

res.status(200).json({});
})
);

return router;
}
5 changes: 2 additions & 3 deletions packages/medusa-plugin-auth/src/auth-strategies/facebook/admin.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import passport from 'passport';
import { Strategy as FacebookStrategy } from 'passport-facebook';
import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global';
import { ADMIN_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { UserService } from '@medusajs/medusa';
import { MedusaError } from 'medusa-core-utils';
import { Router } from 'express';
Expand Down Expand Up @@ -92,8 +92,7 @@ export function getFacebookAdminAuthRouter(facebook: FacebookAuthOptions, config

const expiresIn = facebook.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
const callbackHandler = buildCallbackHandler(
"admin",
ADMIN_AUTH_TOKEN_COOKIE_NAME,
'admin',
configModule.projectConfig.jwt_secret,
expiresIn,
facebook.admin.successRedirect
Expand Down
5 changes: 2 additions & 3 deletions packages/medusa-plugin-auth/src/auth-strategies/facebook/store.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import { CustomerService } from '@medusajs/medusa';
import { MedusaError } from 'medusa-core-utils';
import { EntityManager } from 'typeorm';

import { CUSTOMER_METADATA_KEY, STORE_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { CUSTOMER_METADATA_KEY, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { FACEBOOK_STORE_STRATEGY_NAME, FacebookAuthOptions, Profile } from './types';
import { PassportStrategy } from '../../core/Strategy';
import { buildCallbackHandler } from '../../core/utils/build-callback-handler';
Expand Down Expand Up @@ -118,8 +118,7 @@ export function getFacebookStoreAuthRouter(facebook: FacebookAuthOptions, config

const expiresIn = facebook.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
const callbackHandler = buildCallbackHandler(
"store",
STORE_AUTH_TOKEN_COOKIE_NAME,
'store',
configModule.projectConfig.jwt_secret,
expiresIn,
facebook.store.successRedirect
Expand Down
5 changes: 2 additions & 3 deletions packages/medusa-plugin-auth/src/auth-strategies/google/admin.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import passport from 'passport';
import { Strategy as GoogleStrategy } from 'passport-google-oauth2';
import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global';
import { ADMIN_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { UserService } from '@medusajs/medusa';
import { MedusaError } from 'medusa-core-utils';
import { Router } from 'express';
Expand Down Expand Up @@ -94,8 +94,7 @@ export function getGoogleAdminAuthRouter(google: GoogleAuthOptions, configModule

const expiresIn = google.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
const callbackHandler = buildCallbackHandler(
"admin",
ADMIN_AUTH_TOKEN_COOKIE_NAME,
'admin',
configModule.projectConfig.jwt_secret,
expiresIn,
google.admin.successRedirect
Expand Down
5 changes: 2 additions & 3 deletions packages/medusa-plugin-auth/src/auth-strategies/google/store.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import { CustomerService } from '@medusajs/medusa';
import { MedusaError } from 'medusa-core-utils';
import { EntityManager } from 'typeorm';

import { CUSTOMER_METADATA_KEY, STORE_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { CUSTOMER_METADATA_KEY, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { PassportStrategy } from '../../core/Strategy';
import { GOOGLE_STORE_STRATEGY_NAME, GoogleAuthOptions, Profile } from './types';
import { buildCallbackHandler } from '../../core/utils/build-callback-handler';
Expand Down Expand Up @@ -120,8 +120,7 @@ export function getGoogleStoreAuthRouter(google: GoogleAuthOptions, configModule

const expiresIn = google.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
const callbackHandler = buildCallbackHandler(
"store",
STORE_AUTH_TOKEN_COOKIE_NAME,
'store',
configModule.projectConfig.jwt_secret,
expiresIn,
google.store.successRedirect
Expand Down
21 changes: 0 additions & 21 deletions packages/medusa-plugin-auth/src/auth-strategies/jwt/admin.ts
View file
Open in desktop

This file was deleted.

11 changes: 0 additions & 11 deletions packages/medusa-plugin-auth/src/auth-strategies/jwt/index.ts
View file
Open in desktop

This file was deleted.

21 changes: 0 additions & 21 deletions packages/medusa-plugin-auth/src/auth-strategies/jwt/store.ts
View file
Open in desktop

This file was deleted.

2 changes: 0 additions & 2 deletions packages/medusa-plugin-auth/src/auth-strategies/jwt/types.ts
View file
Open in desktop

This file was deleted.

5 changes: 2 additions & 3 deletions packages/medusa-plugin-auth/src/auth-strategies/linkedin/admin.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import passport from 'passport';
import { Strategy as LinkedinStrategy } from 'passport-linkedin-oauth2';
import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global';
import { ADMIN_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { UserService } from '@medusajs/medusa';
import { MedusaError } from 'medusa-core-utils';
import { Router } from 'express';
Expand Down Expand Up @@ -97,8 +97,7 @@ export function getLinkedinAdminAuthRouter(linkedin: LinkedinAuthOptions, config
const expiresIn = linkedin.admin.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;

const callbackHandler = buildCallbackHandler(
"admin",
ADMIN_AUTH_TOKEN_COOKIE_NAME,
'admin',
configModule.projectConfig.jwt_secret,
expiresIn,
linkedin.admin.successRedirect
Expand Down
5 changes: 2 additions & 3 deletions packages/medusa-plugin-auth/src/auth-strategies/linkedin/store.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import { CustomerService } from '@medusajs/medusa';
import { MedusaError } from 'medusa-core-utils';
import { EntityManager } from 'typeorm';

import { CUSTOMER_METADATA_KEY, STORE_AUTH_TOKEN_COOKIE_NAME, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { CUSTOMER_METADATA_KEY, TWENTY_FOUR_HOURS_IN_MS } from '../../types';
import { PassportStrategy } from '../../core/Strategy';
import { LINKEDIN_STORE_STRATEGY_NAME, LinkedinAuthOptions, Profile } from './types';
import { buildCallbackHandler } from '../../core/utils/build-callback-handler';
Expand Down Expand Up @@ -122,8 +122,7 @@ export function getLinkedinStoreAuthRouter(linkedin: LinkedinAuthOptions, config

const expiresIn = linkedin.store.expiresIn ?? TWENTY_FOUR_HOURS_IN_MS;
const callbackHandler = buildCallbackHandler(
"store",
STORE_AUTH_TOKEN_COOKIE_NAME,
'store',
configModule.projectConfig.jwt_secret,
expiresIn,
linkedin.store.successRedirect
Expand Down
14 changes: 10 additions & 4 deletions packages/medusa-plugin-auth/src/core/utils/build-callback-handler.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,16 @@
import jwt from 'jsonwebtoken';
import { getCookieOptions } from './get-cookie-options';

export function buildCallbackHandler(domain: "admin" | "store", cookieName: string, secret: string, expiresIn: number, successRedirect: string) {
export function buildCallbackHandler(
domain: 'admin' | 'store',
secret: string,
expiresIn: number,
successRedirect: string
) {
return (req, res) => {
const tokenData = domain === "admin" ? { userId: req.user.id } : { customer_id: req.user.id }
const tokenData = domain === 'admin' ? { userId: req.user.id } : { customer_id: req.user.id };
const token = jwt.sign(tokenData, secret, { expiresIn });
res.cookie(cookieName, token, getCookieOptions(expiresIn)).redirect(successRedirect);
const sessionKey = domain === 'admin' ? 'jwt' : 'jwt_store';
req.session[sessionKey] = token;
res.redirect(successRedirect);
};
}
18 changes: 0 additions & 18 deletions packages/medusa-plugin-auth/src/core/utils/get-cookie-options.ts
View file
Open in desktop

This file was deleted.

2 changes: 0 additions & 2 deletions packages/medusa-plugin-auth/src/loaders/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,13 @@
import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global';

import { AuthOptions } from '../types';
import JwtStrategy from '../auth-strategies/jwt';
import GoogleStrategy from '../auth-strategies/google';
import FacebookStrategy from '../auth-strategies/facebook';
import LinkedinStrategy from '../auth-strategies/linkedin';

export default async function authStrategiesLoader(container: MedusaContainer, authOptions: AuthOptions) {
const configModule = container.resolve('configModule') as ConfigModule;

JwtStrategy.load(container, configModule);
GoogleStrategy.load(container, configModule, authOptions);
FacebookStrategy.load(container, configModule, authOptions);
LinkedinStrategy.load(container, configModule, authOptions);
Expand Down
3 changes: 0 additions & 3 deletions packages/medusa-plugin-auth/src/types/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,6 @@ import { LinkedinAuthOptions } from '../auth-strategies/linkedin';
import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global';
import { Router } from 'express';

export const STORE_AUTH_TOKEN_COOKIE_NAME = 'store_auth_token';
export const ADMIN_AUTH_TOKEN_COOKIE_NAME = 'admin_auth_token';

export const CUSTOMER_METADATA_KEY = 'useSocialAuth';

export const TWENTY_FOUR_HOURS_IN_MS = 24 * 60 * 60 * 1000;
Expand Down