diff --git a/backend/src/graphql/resolvers/UserResolver.ts b/backend/src/graphql/resolvers/UserResolver.ts index cad1642f1..8e3dbf841 100644 --- a/backend/src/graphql/resolvers/UserResolver.ts +++ b/backend/src/graphql/resolvers/UserResolver.ts @@ -2,7 +2,7 @@ import { Resolver, Query, Args, Arg } from 'type-graphql' import CONFIG from '../../config' import { CheckUsernameResponse } from '../models/CheckUsernameResponse' -import { LoginResponse } from '../models/LoginResponse' +import { User } from '../models/User' import { LoginViaVerificationCode } from '../models/LoginViaVerificationCode' import { SendPasswordResetEmailResponse } from '../models/SendPasswordResetEmailResponse' import { UpdateUserInfosResponse } from '../models/UpdateUserInfosResponse' @@ -14,11 +14,12 @@ import { UpdateUserInfosArgs, } from '../inputs/LoginUserInput' import { apiPost, apiGet } from '../../apis/loginAPI' +import encode from '../../jwt/encode' @Resolver() export class UserResolver { - @Query(() => LoginResponse) - async login(@Args() { email, password }: UnsecureLoginArgs): Promise { + @Query(() => String) + async login(@Args() { email, password }: UnsecureLoginArgs): Promise { email = email.trim().toLowerCase() const result = await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', { email, password }) @@ -28,20 +29,15 @@ export class UserResolver { } // temporary solution until we have JWT implemented - return new LoginResponse(result.data) + // return new LoginResponse(result.data) // create and return the json web token // The expire doesn't help us here. The client needs to track when the token expires on its own, // since every action prolongs the time the session is valid. - /* - return jwt.sign( - { result, role: 'todo' }, - CONFIG.JWT_SECRET, // * , { expiresIn: CONFIG.JWT_EXPIRES_IN } , - ) - */ - // return (await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', login)).result.data - // const loginResult: LoginResult = await loginAPI.login(data) - // return loginResult.user ? loginResult.user : new User() + const data = result.data + const sessionId = data.session_id + delete data.session_id + return encode({ sessionId, user: new User(data.user) }) } @Query(() => LoginViaVerificationCode) diff --git a/backend/src/index.ts b/backend/src/index.ts index 981731c67..6cac3279d 100644 --- a/backend/src/index.ts +++ b/backend/src/index.ts @@ -8,7 +8,6 @@ import connection from './database/connection' import CONFIG from './config' // TODO move to extern -// import { BookResolver } from './graphql/resolvers/BookResolver' import { UserResolver } from './graphql/resolvers/UserResolver' import { BalanceResolver } from './graphql/resolvers/BalanceResolver' import { GdtResolver } from './graphql/resolvers/GdtResolver' diff --git a/backend/src/jwt/decode.ts b/backend/src/jwt/decode.ts new file mode 100644 index 000000000..3c0b33dbe --- /dev/null +++ b/backend/src/jwt/decode.ts @@ -0,0 +1,24 @@ +/* eslint-disable @typescript-eslint/no-explicit-any */ +/* eslint-disable @typescript-eslint/explicit-module-boundary-types */ + +import jwt from 'jsonwebtoken' +import '../config' + +export default async (authorizationHeader: string): any => { + if (!authorizationHeader) return null + const token = authorizationHeader.replace('Bearer ', '') + let sessionId = null + let email = null + try { + const decoded = await jwt.verify(token, CONFIG.JWT_SECRET) + sessionId = decoded.sub + email = decoded.email + } catch (err) { + return null + } + return { + token, + sessionId, + email, + } +} diff --git a/backend/src/jwt/encode.ts b/backend/src/jwt/encode.ts new file mode 100644 index 000000000..477644dc7 --- /dev/null +++ b/backend/src/jwt/encode.ts @@ -0,0 +1,18 @@ +/* eslint-disable @typescript-eslint/no-explicit-any */ +/* eslint-disable @typescript-eslint/explicit-module-boundary-types */ + +import jwt from 'jsonwebtoken' +import CONFIG from '../config/' + +// Generate an Access Token +export default function encode(data: any): string { + const { user, sessionId } = data + const { email, language, firstName, lastName } = user + const token = jwt.sign({ email, language, firstName, lastName, sessionId }, CONFIG.JWT_SECRET, { + expiresIn: CONFIG.JWT_EXPIRES_IN, + // issuer: CONFIG.GRAPHQL_URI, + // audience: CONFIG.CLIENT_URI, + subject: sessionId.toString(), + }) + return token +}