-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OV-8: protect routing #33
Merged
nikita-remeslov
merged 30 commits into
task/OV-5-JWT-token
from
task/OV-8-protect-routing
Aug 28, 2024
Merged
Changes from 40 commits
Commits
Show all changes
30 commits
Select commit
Hold shift + click to select a range
8ce8243
OV-8: + empty auth jwt plugin
Sanchousina 44b2532
OV-8: + register plugins
Sanchousina da1397e
OV-8: + dependencies
Sanchousina 5af5016
OV-8: * merging with OV-5
Sanchousina 9721153
OV-8: + findById method to Repository type
Sanchousina 89ec60b
OV-8: + findById method to Service type
Sanchousina b707dc3
OV-8: + findById method to user service and repository
Sanchousina 5e46444
OV-8: * userId to number
Sanchousina 50245d6
OV-8: + http codes to http code enum
Sanchousina ee3a4e5
OV-8: + hook and error messages enums for auth plugin
Sanchousina 508cd31
Merge remote-tracking branch 'origin/task/OV-5-JWT-token' into task/O…
Sanchousina 8eb1aae
OV-8: * export user entity
Sanchousina 3561451
OV-8: * implement auth jwt plugin
Sanchousina f034695
OV-8: + white routes constant
Sanchousina 36a220e
OV-8: * refactor checking for white route
Sanchousina 9e4004b
OV-8: * use white routes constant
Sanchousina 502aad9
OV-8: * extract fastify module augmentation into file
Sanchousina a9e0c53
Merge remote-tracking branch 'origin/next' into task/OV-8-protect-rou…
Sanchousina 218665a
OV-8: * modify find user method instead of adding findById
Sanchousina 2f9f951
OV-8: * move dependencies to backend
Sanchousina 9f17f91
OV-8: * white routes constant to include path method
Sanchousina 3aaf539
OV-8: + route type
Sanchousina dbfec2d
OV-8: * checking if route is in white list with method
Sanchousina 5a24c65
Merge remote-tracking branch 'origin/task/OV-5-JWT-token' into task/O…
Sanchousina b4fbbde
OV-8: + util function for checking route in white routes
Sanchousina a88eca1
OV-8: * modify find method in user repository instead of findById
Sanchousina 1ac2392
OV-8: * use id instead of userId in types for repository and service
Sanchousina 0354932
OV-8: - remove commented code
Sanchousina e9b8425
OV-8: * rename find to findById in service and repository
Sanchousina 9e20e1c
Merge remote-tracking branch origin/task/OV-5-JWT-token into task/OV-…
Sanchousina File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,2 @@ | ||
export { USER_PASSWORD_SALT_ROUNDS } from './user.constants.js'; | ||
export { WHITE_ROUTES } from './white-routes.constants.js'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
import { ApiPath, AuthApiPath } from 'shared'; | ||
|
||
const WHITE_ROUTES = [ | ||
`/api/v1${ApiPath.AUTH}${AuthApiPath.SIGN_IN}`, | ||
`/api/v1${ApiPath.AUTH}${AuthApiPath.SIGN_UP}`, | ||
]; | ||
|
||
export { WHITE_ROUTES }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
import fp from 'fastify-plugin'; | ||
import { HttpCode, HttpError, HttpHeader } from 'shared'; | ||
|
||
import { userService } from '~/bundles/users/users.js'; | ||
import { tokenService } from '~/common/services/services.js'; | ||
|
||
import { ErrorMessage, Hook } from './enums/enums.js'; | ||
|
||
type Options = { | ||
routesWhiteList: string[]; | ||
}; | ||
|
||
const authenticateJWT = fp<Options>((fastify, options, done) => { | ||
fastify.decorateRequest('user', null); | ||
|
||
fastify.addHook(Hook.PRE_HANDLER, async (request) => { | ||
const isRouteInWhiteList = options.routesWhiteList.includes( | ||
request.url, | ||
); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. also check for method in whitelist because each route can have multiple methods There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. done |
||
|
||
if (isRouteInWhiteList) { | ||
return; | ||
} | ||
|
||
const authHeader = request.headers[HttpHeader.AUTHORIZATION]; | ||
|
||
if (!authHeader) { | ||
throw new HttpError({ | ||
message: ErrorMessage.MISSING_TOKEN, | ||
status: HttpCode.UNAUTHORIZED, | ||
}); | ||
} | ||
|
||
const [, token] = authHeader.split(' '); | ||
|
||
const userId = await tokenService.getUserIdFromToken(token as string); | ||
|
||
if (!userId) { | ||
throw new HttpError({ | ||
message: ErrorMessage.INVALID_TOKEN, | ||
status: HttpCode.UNAUTHORIZED, | ||
}); | ||
} | ||
|
||
const user = await userService.findById(userId); | ||
|
||
if (!user) { | ||
throw new HttpError({ | ||
message: ErrorMessage.MISSING_USER, | ||
status: HttpCode.BAD_REQUEST, | ||
}); | ||
} | ||
|
||
request.user = user; | ||
}); | ||
|
||
done(); | ||
}); | ||
|
||
export { authenticateJWT }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
export { ErrorMessage } from './error-message.enum.js'; | ||
export { Hook } from './hook.enum.js'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
const ErrorMessage = { | ||
MISSING_TOKEN: 'You are not logged in', | ||
INVALID_TOKEN: 'Token is no longer valid. Please log in again.', | ||
MISSING_USER: 'User with this id does not exist.', | ||
} as const; | ||
|
||
export { ErrorMessage }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
const Hook = { | ||
PRE_HANDLER: 'preHandler', | ||
} as const; | ||
|
||
export { Hook }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
export { authenticateJWT } from './auth/auth-jwt.plugin.js'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
import 'fastify'; | ||
|
||
import { type UserEntity } from '~/bundles/users/users.js'; | ||
|
||
declare module 'fastify' { | ||
interface FastifyRequest { | ||
user: UserEntity; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 change: 1 addition & 0 deletions
1
frontend/src/bundles/common/components/loader/libs/constants/constants.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
export { SPIN_ANIMATION } from './spin-animation.constant.js'; |
8 changes: 8 additions & 0 deletions
8
frontend/src/bundles/common/components/loader/libs/constants/spin-animation.constant.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
import { keyframes } from '@chakra-ui/react'; | ||
|
||
const SPIN_ANIMATION = keyframes` | ||
0% { transform: rotate(0deg);} | ||
100% { transform: rotate(360deg)} | ||
`; | ||
|
||
export { SPIN_ANIMATION }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
import { Box, Circle, Flex, Text } from '@chakra-ui/react'; | ||
|
||
import { SPIN_ANIMATION } from './libs/constants/constants.js'; | ||
|
||
const Loader = (): JSX.Element => { | ||
return ( | ||
<Flex flexDirection="column" alignItems="center"> | ||
<Box position="relative" width="100px" height="100px"> | ||
<Circle | ||
size="full" | ||
backgroundColor="white" | ||
color="text.default" | ||
> | ||
LOGO | ||
</Circle> | ||
<Circle | ||
position="absolute" | ||
inset="0" | ||
borderWidth="5px" | ||
borderColor="shadow.200" | ||
borderTopColor="brand.secondary.300" | ||
animation={`${SPIN_ANIMATION} 1s linear infinite`} | ||
/> | ||
</Box> | ||
<Text fontSize="lg" marginTop="10px"> | ||
Loading... | ||
</Text> | ||
</Flex> | ||
); | ||
}; | ||
|
||
export { Loader }; |
26 changes: 26 additions & 0 deletions
26
frontend/src/bundles/common/components/overlay/overlay.tsx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
import { Fade, Flex } from '@chakra-ui/react'; | ||
|
||
type Properties = { | ||
isOpen: boolean; | ||
children: React.ReactNode; | ||
}; | ||
|
||
const Overlay = ({ isOpen, children }: Properties): JSX.Element => { | ||
return ( | ||
<Fade in={isOpen}> | ||
<Flex | ||
width="full" | ||
height="full" | ||
position="absolute" | ||
background="shadow.700" | ||
color="white" | ||
justifyContent="center" | ||
alignItems="center" | ||
> | ||
{children} | ||
</Flex> | ||
</Fade> | ||
); | ||
}; | ||
|
||
export { Overlay }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
export { UserCard } from './user-card/user-card.js'; |
32 changes: 32 additions & 0 deletions
32
frontend/src/bundles/users/components/user-card/user-card.tsx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
import { | ||
Button, | ||
Circle, | ||
Flex, | ||
Text, | ||
VStack, | ||
} from '~/bundles/common/components/components.js'; | ||
|
||
const UserCard: React.FC = () => ( | ||
<VStack rounded="lg" bg="background.600" spacing="10px" p="15px 5px 10px"> | ||
<Flex | ||
w="full" | ||
align="center" | ||
color="brand.secondary.900" | ||
gap="15px" | ||
pl="10px" | ||
> | ||
{/* TODO: replace Circle and Text content with dynamic values */} | ||
<Circle | ||
size="40px" | ||
border="2px solid" | ||
borderColor="brand.secondary.900" | ||
> | ||
FN | ||
</Circle> | ||
<Text>Firstname Lastname</Text> | ||
</Flex> | ||
<Button label="Create video" /> | ||
</VStack> | ||
); | ||
|
||
export { UserCard }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Modify method find instead of adding this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Only in user service or in user repository as well?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Modified only in user service for now
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please also modify it in the repository
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done