login response is JWT as string

backend/src/graphql/resolvers/UserResolver.ts

@@ -2,7 +2,7 @@
 import { Resolver, Query, Args, Arg } from 'type-graphql'
 import CONFIG from '../../config'
 import { CheckUsernameResponse } from '../models/CheckUsernameResponse'
-import { LoginResponse } from '../models/LoginResponse'
+import { User } from '../models/User'
 import { LoginViaVerificationCode } from '../models/LoginViaVerificationCode'
 import { SendPasswordResetEmailResponse } from '../models/SendPasswordResetEmailResponse'
 import { UpdateUserInfosResponse } from '../models/UpdateUserInfosResponse'
@@ -14,11 +14,12 @@ import {
   UpdateUserInfosArgs,
 } from '../inputs/LoginUserInput'
 import { apiPost, apiGet } from '../../apis/loginAPI'
+import encode from '../../jwt/encode'
 
 @Resolver()
 export class UserResolver {
-  @Query(() => LoginResponse)
+  @Query(() => String)
-  async login(@Args() { email, password }: UnsecureLoginArgs): Promise<LoginResponse> {
+  async login(@Args() { email, password }: UnsecureLoginArgs): Promise<string> {
     email = email.trim().toLowerCase()
     const result = await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', { email, password })
 
@@ -28,20 +29,15 @@ export class UserResolver {
     }
 
     // temporary solution until we have JWT implemented
-    return new LoginResponse(result.data)
+    // return new LoginResponse(result.data)
 
     // create and return the json web token
     // The expire doesn't help us here. The client needs to track when the token expires on its own,
     // since every action prolongs the time the session is valid.
-    /*
+    const data = result.data
-    return jwt.sign(
+    const sessionId = data.session_id
-      { result, role: 'todo' },
+    delete data.session_id
-      CONFIG.JWT_SECRET, // * , { expiresIn: CONFIG.JWT_EXPIRES_IN } ,
+    return encode({ sessionId, user: new User(data.user) })
-    )
-    */
-    // return (await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', login)).result.data
-    // const loginResult: LoginResult = await loginAPI.login(data)
-    // return loginResult.user ? loginResult.user : new User()
   }
 
   @Query(() => LoginViaVerificationCode)

backend/src/index.ts

@@ -8,7 +8,6 @@ import connection from './database/connection'
 import CONFIG from './config'
 
 // TODO move to extern
-// import { BookResolver } from './graphql/resolvers/BookResolver'
 import { UserResolver } from './graphql/resolvers/UserResolver'
 import { BalanceResolver } from './graphql/resolvers/BalanceResolver'
 import { GdtResolver } from './graphql/resolvers/GdtResolver'

backend/src/jwt/decode.ts

@@ -0,0 +1,24 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
+/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
+
+import jwt from 'jsonwebtoken'
+import '../config'
+
+export default async (authorizationHeader: string): any => {
+  if (!authorizationHeader) return null
+  const token = authorizationHeader.replace('Bearer ', '')
+  let sessionId = null
+  let email = null
+  try {
+    const decoded = await jwt.verify(token, CONFIG.JWT_SECRET)
+    sessionId = decoded.sub
+    email = decoded.email
+  } catch (err) {
+    return null
+  }
+  return {
+    token,
+    sessionId,
+    email,
+  }
+}

backend/src/jwt/encode.ts

@@ -0,0 +1,18 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
+/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
+
+import jwt from 'jsonwebtoken'
+import CONFIG from '../config/'
+
+// Generate an Access Token
+export default function encode(data: any): string {
+  const { user, sessionId } = data
+  const { email, language, firstName, lastName } = user
+  const token = jwt.sign({ email, language, firstName, lastName, sessionId }, CONFIG.JWT_SECRET, {
+    expiresIn: CONFIG.JWT_EXPIRES_IN,
+    // issuer: CONFIG.GRAPHQL_URI,
+    // audience: CONFIG.CLIENT_URI,
+    subject: sessionId.toString(),
+  })
+  return token
+}