Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: store only user ID in session #1849

Merged
merged 5 commits into from
Jun 9, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/app/modules/auth/__tests__/auth.controller.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,7 @@ describe('auth.controller', () => {

// Assert
expect(mockRes.status).toBeCalledWith(200)
expect(mockRes.json).toBeCalledWith(mockUser.toObject())
expect(mockRes.json).toBeCalledWith(mockUser)
})

it('should return 401 when retrieving agency returns InvalidDomainError', async () => {
Expand Down
9 changes: 4 additions & 5 deletions src/app/modules/auth/auth.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -159,16 +159,15 @@ export const handleLoginVerifyOtp: RequestHandler<
.json(coreErrorMessage)
}

// TODO(#212): Should store only userId in session.
// Add user info to session.
const userObj = user.toObject() as SessionUser
req.session.user = userObj
const { _id } = user.toObject() as SessionUser
req.session.user = { _id }
logger.info({
message: `Successfully logged in user ${user.email}`,
message: `Successfully logged in user ${user._id}`,
meta: logMeta,
})

return res.status(StatusCodes.OK).json(userObj)
return res.status(StatusCodes.OK).json(user)
})
// Step 3b: Error occured in one of the steps.
.mapErr((error) => {
Expand Down
1 change: 0 additions & 1 deletion src/app/modules/auth/auth.utils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,6 @@ export const isUserInSession = (
return !!session?.user?._id
}

// TODO(#212): Save userId instead of entire user collection in session.
export const getUserIdFromSession = (
session?: Express.Session,
): string | undefined => {
Expand Down
2 changes: 1 addition & 1 deletion src/app/modules/billing/billing.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ export const handleGetBillInfo: RequestHandler<

// Retrieved login stats successfully.
logger.info({
message: `Billing search for ${esrvcId} by ${authedUser.email}`,
message: `Billing search for ${esrvcId} by ${authedUser._id}`,
meta: {
action: 'handleGetBillInfo',
...createReqMeta(req),
Expand Down
8 changes: 6 additions & 2 deletions src/types/vendor/express.d.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,15 @@ declare global {
}

export interface Session {
user?: IUserSchema
user?: {
_id: IUserSchema['_id']
}
}

export interface AuthedSession extends Session {
user: IUserSchema
user: {
_id: IUserSchema['_id']
}
}
}
}