Rebase main

Author: gabrielmachin

.env.example

@@ -26,5 +26,3 @@ OTP_EXPIRATION_MINUTES=15
 ENABLE_RATE_LIMIT='true'
 COOKIE_SECRET="secret"
 COOKIE_EXPIRATION_SECONDS=86400 # 24 hours
-ENABLE_COOKIE="true"
-ENABLE_JWT="true"

.github/workflows/node.js.yml

@@ -33,8 +33,6 @@ env:
   ENABLE_RATE_LIMIT: 'true'
   COOKIE_SECRET: 'secret'
   COOKIE_EXPIRATION_SECONDS: '3600'
-  ENABLE_COOKIE: 'true'
-  ENABLE_JWT: 'true'
 
 jobs:
   build:

.woodpecker/.backend-ci.yml

@@ -25,8 +25,6 @@ x-common: &common
     - ENABLE_RATE_LIMIT=true
     - COOKIE_SECRET=secret
     - COOKIE_EXPIRATION_SECONDS=3600
-    - ENABLE_COOKIE=true
-    - ENABLE_JWT=true
 
 pipeline:
   setup:

package-lock.json

@@ -36,6 +36,7 @@
     "@types/bcryptjs": "^2.4.2",
     "@types/body-parser": "^1.19.2",
     "@types/compression": "^1.7.2",
+    "@types/cookie-parser": "^1.4.6",
     "@types/cors": "^2.8.12",
     "@types/cross-spawn": "^6.0.6",
     "@types/express": "^4.17.13",
@@ -63,7 +64,6 @@
   },
   "dependencies": {
     "@prisma/client": "^5.5.2",
-    "@types/cookie-parser": "^1.4.6",
     "bcryptjs": "^2.4.3",
     "body-parser": "^1.19.2",
     "bullmq": "^4.13.2",

package.json

@@ -63,8 +63,6 @@ const envVarsSchema = z
         (val) => !Number.isNaN(val),
         'COOKIE EXPIRATION SECONDS must be a number',
       ),
-    ENABLE_COOKIE: z.string(),
-    ENABLE_JWT: z.string(),
   })
   .passthrough();
 
@@ -75,8 +73,6 @@ export const isTest = envVars.NODE_ENV === 'test';
 export const isProduction = envVars.NODE_ENV === 'production';
 export const hasToApplyRateLimit =
   envVars.ENABLE_RATE_LIMIT.toLocaleLowerCase() === 'true';
-export const cookieEnabled = envVars.ENABLE_COOKIE === 'true';
-export const JWTEnabled = envVars.ENABLE_JWT === 'true';
 
 export const config: Config = {
   env: envVars.NODE_ENV,

src/config/config.ts

@@ -9,7 +9,6 @@ import {
   AuthenticatedRequest,
   LoginParams,
 } from 'types';
-import { cookieEnabled, JWTEnabled } from 'config/config';
 import { COOKIE_NAME, cookieConfig } from 'utils/auth';
 
 @Route('v1/auth')
@@ -20,13 +19,12 @@ export class AuthControllerV1 extends Controller {
     @Request() req: AuthenticatedRequest,
   ): Promise<ReturnAuth | null> {
     const { sessionId, ...authReturn } = await AuthService.register(user);
+
     const { res } = req;
-    if (cookieEnabled) {
-      res?.cookie(COOKIE_NAME, sessionId, cookieConfig);
-    }
+    res?.cookie(COOKIE_NAME, sessionId, cookieConfig);
+
     this.setStatus(httpStatus.CREATED);
-    if (JWTEnabled) return authReturn;
-    return null;
+    return authReturn;
   }
 
   @Post('/login')
@@ -36,12 +34,9 @@ export class AuthControllerV1 extends Controller {
   ): Promise<ReturnAuth | null> {
     const { sessionId, ...authReturn } = await AuthService.login(loginParams);
     const { res } = req;
-    if (cookieEnabled) {
-      res?.cookie(COOKIE_NAME, sessionId, cookieConfig);
-    }
+    res?.cookie(COOKIE_NAME, sessionId, cookieConfig);
     this.setStatus(httpStatus.OK);
-    if (JWTEnabled) return authReturn;
-    return null;
+    return authReturn;
   }
 
   @Post('/logout')

src/controllers/auth.ts

@@ -19,7 +19,6 @@ import {
   PasswordResetCodeRequest,
   ResetPassword,
 } from 'types';
-import { cookieEnabled } from 'config/config';
 import { COOKIE_NAME } from 'utils/auth';
 
 @Route('v1/users')
@@ -74,7 +73,7 @@ export class UsersControllerV1 extends Controller {
   ): Promise<void> {
     const { user, res } = req;
     await UserService.destroy(id);
-    if (cookieEnabled && user.id === id) res?.clearCookie(COOKIE_NAME);
+    if (user.id === id) res?.clearCookie(COOKIE_NAME);
     this.setStatus(httpStatus.NO_CONTENT);
   }
 

src/controllers/users.ts

@@ -1,6 +1,6 @@
 import { Request } from 'express';
 import jwt from 'jsonwebtoken';
-import { config, JWTEnabled } from 'config/config';
+import { config } from 'config/config';
 import { ApiError } from 'utils/apiError';
 import { errors } from 'config/errors';
 import { verifyCookie } from 'utils/auth';
@@ -15,7 +15,7 @@ export function expressAuthentication(
     const token = request.headers.authorization!;
 
     return new Promise((resolve, reject) => {
-      if (!token || !JWTEnabled) {
+      if (!token) {
         reject(new ApiError(errors.UNAUTHENTICATED));
       }
       jwt.verify(token, config.accessTokenSecret, (err: any, decoded: any) => {

src/middlewares/auth.ts

@@ -2,22 +2,26 @@ import { CookieOptions } from 'express';
 
 import { errors } from 'config/errors';
 import prisma from 'root/prisma/client';
-import { cookieEnabled, config, isProduction } from 'config/config';
+import { config, isProduction } from 'config/config';
 import { ApiError } from './apiError';
 
 export const COOKIE_NAME = 'token';
 
 const SECONDS_TO_MILLISECONDS = 1000;
 
-export const cookieConfig = {
+type SignedCookie = {
+  token: string;
+};
+
+export const cookieConfig: CookieOptions = {
   signed: true,
   httpOnly: true,
   maxAge: config.cookieExpirationSeconds * SECONDS_TO_MILLISECONDS,
   secure: isProduction,
-} as CookieOptions;
+};
 
-export const verifyCookie = async (signedCookies: any) => {
-  if (!cookieEnabled || !signedCookies || !signedCookies.token) {
+export const verifyCookie = async (signedCookies: SignedCookie | null) => {
+  if (!signedCookies || !signedCookies.token) {
     throw new ApiError(errors.UNAUTHENTICATED);
   }