akhilmeka/permit-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated login flow

Browse Source
This commit is contained in:
Akhil Meka
2025-07-25 15:38:04 +05:30
parent ee74963058
commit fa1a34372b
7 changed files with 166 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

135
src/auth/auth.route.ts
View File

@@ -1,61 +1,106 @@
import { FastifyInstance, FastifyReply, FastifyRequest } from "fastify";
import { getUserByEmail, updateUserInternal } from "../user/user.service";
import { getUserByEmail, getUserByToken } from "../user/user.service";
import { createSession, deleteSession } from "./auth.service";
import { hash, verify } from "argon2";
import { validatePassword } from "../utils/password";
export async function authRoutes(fastify: FastifyInstance) {
fastify.get(
"/microsoft/token",
{},
fastify.post(
"/register",
{
schema: {
body: {
type: "object",
required: ["password", "token"],
properties: {
password: { type: "string" },
token: { type: "string" },
},
},
},
},
async (req: FastifyRequest, res: FastifyReply) => {
const { password, token } = req.body as {
password: string;
token: string;
};
try {
const { token } =
await fastify.microsoftOauth.getAccessTokenFromAuthorizationCodeFlow(
req
);
const userInDB = await getUserByToken(token);
if (!userInDB) return res.code(404).send({ error: "not found" });
if (new Date() > userInDB.token.expiry)
return res.code(400).send({ error: "link expired" });
const user = (await fastify.microsoftOauth.userinfo(token)) as {
givenname: string;
familyname: string;
email: string;
picture: string;
};
if (!validatePassword(password))
return res.code(400).send({
error:
"weak password. Make sure the password has atleast 2 uppercase, 2 lowercase, 2 numeric and 2 special characters",
});
const userInDb = await getUserByEmail(user.email);
if (userInDb == null)
return res.code(401).send({ error: "not_allowed" });
const hashedPassword = await hash(password);
userInDB.passwordHash = hashedPassword;
await updateUserInternal(userInDb.pid, {
firstName: user.givenname,
lastName: user.familyname,
email: user.email,
avatar: user.picture,
});
const session = await createSession(
userInDb.id,
req.ip,
req.headers["user-agent"]
);
return res.code(201).send({ session_token: session.sid });
await userInDB.save();
} catch (err) {
//@ts-ignore
if (err.data) {
//@ts-ignore
fastify.log.warn(err.data.payload);
return res.code(400).send();
} else {
return err;
}
return err;
}
}
);
fastify.delete("/logout", {}, async (req, res) => {
if (!req.headers.authorization) return res.code(200).send();
fastify.post(
"/login",
{
schema: {
body: {
type: "object",
required: ["email", "password"],
properties: {
email: { type: "string" },
password: { type: "string" },
},
},
},
},
async (req: FastifyRequest, res: FastifyReply) => {
const { email, password } = req.body as {
email: string;
password: string;
};
const auth = req.headers.authorization.split(" ")[1];
await deleteSession(auth);
return res.code(200).send();
});
try {
const userInDB = await getUserByEmail(email);
if (!userInDB)
return res.code(401).send({ error: "invalid email or password" });
const match = await verify(userInDB.passwordHash, password);
if (!match)
return res.code(401).send({ error: "invalid email or password" });
const newSession = await createSession(
userInDB.id,
req.ip,
req.headers["user-agent"]
);
userInDB.lastLogin = new Date();
await userInDB.save();
res.send({ session_token: newSession.sid });
} catch (err) {
return err;
}
}
);
fastify.delete(
"/logout",
{},
async (req: FastifyRequest, res: FastifyReply) => {
if (!req.headers.authorization) return res.code(200).send();
const auth = req.headers.authorization.split(" ")[1];
await deleteSession(auth);
return res.code(200).send();
}
);
}