Return redirect url for oauth redirect

pilotpirxie · pilotpirxie · commit 7a48e1583253 · 2023-10-13T22:09:43.000+02:00
diff --git a/.gitignore b/.gitignore
@@ -105,4 +105,4 @@ dist
 .idea
 
 # docker
-.docker
+packages/server/.docker
diff --git a/packages/server/src/modules/auth/controllers/combinedAuthController.ts b/packages/server/src/modules/auth/controllers/combinedAuthController.ts
@@ -39,10 +39,10 @@ export default function initializeCombinedAuthController({
   const router = Router();
 
   router.use(initializeEmailAuthController({
-    jwtInfo,
     prisma,
     emailService,
     emailTemplatesService,
+    callbackUrl,
   }));
 
   router.use(initializeSessionController({
diff --git a/packages/server/src/modules/auth/controllers/emailAuthController.ts b/packages/server/src/modules/auth/controllers/emailAuthController.ts
@@ -10,20 +10,20 @@ import { TypedRequest } from "../../shared/types/express";
 import { getIp } from "../../shared/utils/getIp";
 import { EmailService } from "../../emails/services/emailService";
 import { EmailTemplates } from "../../emails/services/emailTemplates";
-import { JwtInfo } from "../utils/jwtInfo";
 import { getHashedPassword } from "../utils/passwordManager";
-import { createSession } from "../utils/sessionManager";
+import { redirectWithCode } from "../../shared/utils/redirectManager";
 
 export default function initializeEmailAuthController({
-  jwtInfo,
   prisma,
   emailService,
   emailTemplatesService,
+  callbackUrl,
 }: {
-  jwtInfo: JwtInfo;
   prisma: PrismaClient;
   emailService: EmailService;
   emailTemplatesService: EmailTemplates;
+  callbackUrl: string;
+
 }): Router {
   const router = Router();
 
@@ -123,20 +123,19 @@ export default function initializeEmailAuthController({
           }
         }
 
-        const ip = getIp(req);
-
-        const { jwtToken, jwtRefreshToken } = await createSession({
-          prisma,
-          userId: user.id,
-          ip,
-          jwtInfo,
-          userAgent: req.headers["user-agent"] || "",
-          authProviderType: "email",
+        const authorizationCode = await prisma.authorizationCode.create({
+          data: {
+            userId: user.id,
+            authProviderType: "email",
+            expiresAt: dayjs().add(5, "minutes").toDate(),
+          },
         });
 
         return res.json({
-          accessToken: jwtToken,
-          refreshToken: jwtRefreshToken,
+          redirectUrl: redirectWithCode({
+            callbackUrl,
+            code: authorizationCode.id,
+          }),
         });
       } catch (error) {
         return next(error);
diff --git a/packages/server/src/modules/auth/controllers/sessionController.ts b/packages/server/src/modules/auth/controllers/sessionController.ts
@@ -191,5 +191,103 @@ export default function initializeSessionController({
     },
   );
 
+  const exchangeCodeSchema = {
+    body: {
+      code: Joi.string().required(),
+    },
+  };
+
+  router.post(
+    "/exchange",
+    validation(exchangeCodeSchema),
+    async (req: TypedRequest<typeof exchangeCodeSchema>, res, next) => {
+      try {
+        const { code } = req.body;
+
+        const authorizationCode = await prisma.authorizationCode.findFirst({
+          select: {
+            id: true,
+            userId: true,
+            authProviderType: true,
+            expiresAt: true,
+          },
+          where: {
+            id: code,
+          },
+        });
+
+        if (!authorizationCode) {
+          return errorResponse({
+            response: res,
+            message: "Authorization code not found",
+            status: 404,
+            error: "AuthorizationCodeNotFound",
+          });
+        }
+
+        if (dayjs(authorizationCode.expiresAt).isBefore(dayjs())) {
+          return errorResponse({
+            response: res,
+            message: "Authorization code expired",
+            status: 400,
+            error: "AuthorizationCodeExpired",
+          });
+        }
+
+        const user = await prisma.user.findFirst({
+          select: {
+            id: true,
+            authProviderType: true,
+          },
+          where: {
+            id: authorizationCode.userId,
+          },
+        });
+
+        if (!user) {
+          return errorResponse({
+            response: res,
+            message: "User not found",
+            status: 404,
+            error: "UserNotFound",
+          });
+        }
+
+        if (user.authProviderType !== authorizationCode.authProviderType) {
+          return errorResponse({
+            response: res,
+            message: "Invalid provider",
+            status: 400,
+            error: "InvalidProvider",
+          });
+        }
+
+        const ip = getIp(req);
+
+        await prisma.authorizationCode.delete({
+          where: {
+            id: authorizationCode.id,
+          },
+        });
+
+        const { jwtToken, jwtRefreshToken } = await createSession({
+          prisma,
+          userId: user.id,
+          ip,
+          jwtInfo,
+          userAgent: req.headers["user-agent"] || "",
+          authProviderType: user.authProviderType,
+        });
+
+        return res.json({
+          accessToken: jwtToken,
+          refreshToken: jwtRefreshToken,
+        });
+      } catch (error) {
+        return next(error);
+      }
+    },
+  );
+
   return router;
 }
diff --git a/packages/server/src/modules/auth/controllers/socialAuthController.ts b/packages/server/src/modules/auth/controllers/socialAuthController.ts
@@ -3,12 +3,10 @@ import { Router } from "express";
 import Joi from "joi";
 import dayjs from "dayjs";
 import url from "url";
-import errorResponse from "../../shared/utils/errorResponse";
 import validation from "../../shared/middlewares/validation";
 import { TypedRequest } from "../../shared/types/express";
 import { getIp } from "../../shared/utils/getIp";
 import { JwtInfo } from "../utils/jwtInfo";
-import { createSession } from "../utils/sessionManager";
 import { redirectWithCode, redirectWithError } from "../../shared/utils/redirectManager";
 
 async function authenticate({
@@ -295,103 +293,5 @@ export default function initializeSocialAuthController({
     },
   );
 
-  const exchangeCodeSchema = {
-    body: {
-      code: Joi.string().required(),
-    },
-  };
-
-  router.post(
-    "/exchange",
-    validation(exchangeCodeSchema),
-    async (req: TypedRequest<typeof exchangeCodeSchema>, res, next) => {
-      try {
-        const { code } = req.body;
-
-        const authorizationCode = await prisma.authorizationCode.findFirst({
-          select: {
-            id: true,
-            userId: true,
-            authProviderType: true,
-            expiresAt: true,
-          },
-          where: {
-            id: code,
-          },
-        });
-
-        if (!authorizationCode) {
-          return errorResponse({
-            response: res,
-            message: "Authorization code not found",
-            status: 404,
-            error: "AuthorizationCodeNotFound",
-          });
-        }
-
-        if (dayjs(authorizationCode.expiresAt).isBefore(dayjs())) {
-          return errorResponse({
-            response: res,
-            message: "Authorization code expired",
-            status: 400,
-            error: "AuthorizationCodeExpired",
-          });
-        }
-
-        const user = await prisma.user.findFirst({
-          select: {
-            id: true,
-            authProviderType: true,
-          },
-          where: {
-            id: authorizationCode.userId,
-          },
-        });
-
-        if (!user) {
-          return errorResponse({
-            response: res,
-            message: "User not found",
-            status: 404,
-            error: "UserNotFound",
-          });
-        }
-
-        if (user.authProviderType !== authorizationCode.authProviderType) {
-          return errorResponse({
-            response: res,
-            message: "Invalid provider",
-            status: 400,
-            error: "InvalidProvider",
-          });
-        }
-
-        const ip = getIp(req);
-
-        await prisma.authorizationCode.delete({
-          where: {
-            id: authorizationCode.id,
-          },
-        });
-
-        const { jwtToken, jwtRefreshToken } = await createSession({
-          prisma,
-          userId: user.id,
-          ip,
-          jwtInfo,
-          userAgent: req.headers["user-agent"] || "",
-          authProviderType: user.authProviderType,
-        });
-
-        return res.json({
-          accessToken: jwtToken,
-          refreshToken: jwtRefreshToken,
-        });
-      } catch (error) {
-        return next(error);
-      }
-    },
-  );
-
   return router;
 }
