Skip to content

Commit b7d32fd

Browse files
masb0ymasmasb0ymas
committed
fix: login with session
1 parent 0e49db9 commit b7d32fd

File tree

3 files changed

+94
-29
lines changed

3 files changed

+94
-29
lines changed

docs/swagger/routes/auth.js

+34-17
Original file line numberDiff line numberDiff line change
@@ -110,6 +110,40 @@ module.exports = {
110110
},
111111
},
112112
},
113+
'/auth/verify-session': {
114+
get: {
115+
tags: ['Auth'],
116+
summary: 'Verify Session',
117+
produces: ['application/json'],
118+
security: [
119+
{
120+
auth_token: [],
121+
},
122+
],
123+
responses: {
124+
200: {
125+
description: 'Verify Session',
126+
},
127+
},
128+
},
129+
},
130+
'/profile': {
131+
get: {
132+
tags: ['Auth'],
133+
summary: 'Get Profile',
134+
produces: ['application/json'],
135+
security: [
136+
{
137+
auth_token: [],
138+
},
139+
],
140+
responses: {
141+
200: {
142+
description: 'Get Profile',
143+
},
144+
},
145+
},
146+
},
113147
'/logout': {
114148
post: {
115149
tags: ['Auth'],
@@ -143,21 +177,4 @@ module.exports = {
143177
},
144178
},
145179
},
146-
'/profile': {
147-
get: {
148-
tags: ['Auth'],
149-
summary: 'Get Profile',
150-
produces: ['application/json'],
151-
security: [
152-
{
153-
auth_token: [],
154-
},
155-
],
156-
responses: {
157-
200: {
158-
description: 'Get Profile',
159-
},
160-
},
161-
},
162-
},
163180
}

src/controllers/Auth/controller.ts

+18-4
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,12 @@ import Authorization from 'middlewares/Authorization'
55
import BuildResponse from 'modules/Response/BuildResponse'
66
import RefreshTokenService from 'controllers/RefreshToken/service'
77
import AuthService from 'controllers/Auth/service'
8+
import { currentToken } from 'helpers/Token'
89

910
routes.post(
1011
'/auth/sign-up',
1112
asyncHandler(async function signUp(req: Request, res: Response) {
1213
const formData = req.getBody()
13-
1414
const data = await AuthService.signUp(formData)
1515
const buildResponse = BuildResponse.get(data)
1616

@@ -22,7 +22,7 @@ routes.post(
2222
'/auth/sign-in',
2323
asyncHandler(async function signIn(req: Request, res: Response) {
2424
const formData = req.getBody()
25-
const data = await AuthService.signIn(formData)
25+
const data = await AuthService.signIn(req, formData)
2626
const buildResponse = BuildResponse.get(data)
2727

2828
return res
@@ -55,22 +55,36 @@ routes.get(
5555
asyncHandler(async function getProfile(req: Request, res: Response) {
5656
const userData = req.getState('userLogin')
5757

58-
// @ts-ignore
5958
const data = await AuthService.profile(userData)
6059
const buildResponse = BuildResponse.get({ data })
6160

6261
return res.status(200).json(buildResponse)
6362
})
6463
)
6564

65+
routes.get(
66+
'/auth/verify-session',
67+
Authorization,
68+
asyncHandler(async function getProfile(req: Request, res: Response) {
69+
const userData = req.getState('userLogin')
70+
const getToken = currentToken(req)
71+
72+
const data = await AuthService.verifySession(userData.id, getToken)
73+
const buildResponse = BuildResponse.get({ data })
74+
75+
return res.status(200).json(buildResponse)
76+
})
77+
)
78+
6679
routes.post(
6780
'/logout',
6881
Authorization,
6982
asyncHandler(async function logout(req: Request, res: Response) {
7083
const { UserId } = req.getBody()
7184
const userData = req.getState('userLogin')
85+
const getToken = currentToken(req)
7286

73-
const message = await AuthService.logout(UserId, userData)
87+
const message = await AuthService.logout(UserId, userData, getToken)
7488
const buildResponse = BuildResponse.deleted({ message })
7589

7690
return res.clearCookie('token', { path: '/v1' }).json(buildResponse)

src/controllers/Auth/service.ts

+42-8
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,14 @@ import { UserAttributes, LoginAttributes } from 'models/user'
1010
import SendMail from 'helpers/SendEmail'
1111
import RefreshTokenService from 'controllers/RefreshToken/service'
1212
import UserService from 'controllers/User/service'
13+
import SessionService from 'controllers/Session/service'
14+
import { Request } from 'express'
15+
import userAgentHelper from 'helpers/userAgent'
16+
import { verifyAccessToken } from 'helpers/Token'
17+
import { isEmpty } from 'lodash'
1318

1419
const { User, Role } = models
20+
const including = [{ model: Role }]
1521

1622
const { JWT_SECRET_ACCESS_TOKEN, JWT_SECRET_REFRESH_TOKEN }: any = process.env
1723

@@ -42,6 +48,9 @@ class AuthService {
4248
* @param formData
4349
*/
4450
public static async signUp(formData: UserAttributes) {
51+
// check duplicate email
52+
await UserService.validateUserEmail(formData.email)
53+
4554
const generateToken = {
4655
code: getUniqueCodev2(),
4756
}
@@ -72,7 +81,9 @@ class AuthService {
7281
*
7382
* @param formData
7483
*/
75-
public static async signIn(formData: LoginAttributes) {
84+
public static async signIn(req: Request, formData: LoginAttributes) {
85+
const { clientIp, useragent } = req
86+
7687
const value = useValidation(schemaAuth.login, formData)
7788

7889
const userData = await User.scope('withPassword').findOne({
@@ -115,12 +126,20 @@ class AuthService {
115126
}
116127
)
117128

118-
const formDataRefreshToken = {
129+
// create refresh token
130+
await RefreshTokenService.create({
119131
UserId: userData.id,
120132
token: refreshToken,
121-
}
133+
})
122134

123-
await RefreshTokenService.create(formDataRefreshToken)
135+
// create session
136+
await SessionService.create({
137+
UserId: userData.id,
138+
token: accessToken,
139+
ipAddress: clientIp?.replace('::ffff:', ''),
140+
device: userAgentHelper.currentDevice(req),
141+
platform: useragent?.platform,
142+
})
124143

125144
// create directory
126145
await createDirectory(userData.id)
@@ -144,13 +163,26 @@ class AuthService {
144163
)
145164
}
146165

166+
public static async verifySession(UserId: string, token: string) {
167+
const sessionUser = await SessionService.findByTokenUser(UserId, token)
168+
const verifyToken = verifyAccessToken(sessionUser.token)
169+
170+
if (!isEmpty(verifyToken?.data)) {
171+
// @ts-ignore
172+
const data = await User.findByPk(verifyToken?.data?.id, {
173+
include: including,
174+
})
175+
return data
176+
}
177+
178+
return null
179+
}
180+
147181
/**
148182
*
149183
* @param token
150184
*/
151185
public static async profile(userData: UserAttributes) {
152-
const including = [{ model: Role }]
153-
154186
const data = await User.findByPk(userData.id, { include: including })
155187
return data
156188
}
@@ -159,15 +191,17 @@ class AuthService {
159191
*
160192
* @param UserId
161193
*/
162-
public static async logout(UserId: string, userData: any) {
194+
public static async logout(UserId: string, userData: any, token: string) {
163195
if (userData?.id !== UserId) {
164196
throw new ResponseError.Unauthorized('Invalid user login!')
165197
}
166198

167199
const data = await UserService.getOne(UserId)
168200

169-
// remove refresh token by user id
201+
// clean refresh token & session
170202
await RefreshTokenService.delete(data.id)
203+
await SessionService.deleteByTokenUser(data.id, token)
204+
171205
const message = 'You have logged out of the application'
172206

173207
return message

0 commit comments

Comments
 (0)