fix(nocohub): Moved auth related api from user controller to auth controller

1 year ago · 22b9d0efe3
14 changed files with 296 additions and 286 deletions
--- a/packages/nocodb/src/app.module.ts
+++ b/packages/nocodb/src/app.module.ts
@ -24,11 +24,13 @@ import { ExtractIdsMiddleware } from '~/middlewares/extract-ids/extract-ids.midd
 import { HookHandlerService } from '~/services/hook-handler.service';
 import { BasicStrategy } from '~/strategies/basic.strategy/basic.strategy';
 import { UsersModule } from '~/modules/users/users.module';
+import { AuthModule } from '~/modules/auth/auth.module';

 export const ceModuleConfig = {
  imports: [
    GlobalModule,
    UsersModule,
+    AuthModule,
    ...(process.env['PLAYWRIGHT_TEST'] === 'true' ? [TestModule] : []),
    MetasModule,
    DatasModule,
--- a/packages/nocodb/src/controllers/auth.controller.spec.ts
+++ b/packages/nocodb/src/controllers/auth.controller.spec.ts
@ -1,6 +1,6 @@
 import { Test } from '@nestjs/testing';
 import { AuthService } from '../services/auth.service';
-import { AuthController } from './auth.controller';
+import { AuthController } from './auth/auth.controller';
 import type { TestingModule } from '@nestjs/testing';

 describe('AuthController', () => {
--- a/packages/nocodb/src/controllers/auth.controller.ts
+++ b/packages/nocodb/src/controllers/auth.controller.ts
@ -1,46 +0,0 @@
-import {
-  Body,
-  Controller,
-  HttpCode,
-  Post,
-  Request,
-  UseGuards,
-} from '@nestjs/common';
-import { AuthGuard } from '@nestjs/passport';
-import { ConfigService } from '@nestjs/config';
-import type { AppConfig } from '~/interface/config';
-import { AuthService } from '~/services/auth.service';
-import { NcError } from '~/helpers/catchError';
-
-export class CreateUserDto {
-  readonly username: string;
-  readonly email: string;
-  readonly password: string;
-}
-
-@Controller()
-export class AuthController {
-  constructor(
-    private readonly authService: AuthService,
-    private readonly config: ConfigService<AppConfig>,
-  ) {}
-
-  @UseGuards(AuthGuard('local'))
-  @Post('/api/v1/auth/user/signin')
-  @HttpCode(200)
-  async signin(@Request() req) {
-    if (this.config.get('auth', { infer: true }).disableEmailAuth) {
-      NcError.forbidden('Email authentication is disabled');
-    }
-    return await this.authService.login(req.user);
-  }
-
-  @Post('/api/v1/auth/user/signup')
-  @HttpCode(200)
-  async signup(@Body() createUserDto: CreateUserDto) {
-    if (this.config.get('auth', { infer: true }).disableEmailAuth) {
-      NcError.forbidden('Email authentication is disabled');
-    }
-    return await this.authService.signup(createUserDto);
-  }
-}
--- a/packages/nocodb/src/controllers/auth/auth.controller.ts
+++ b/packages/nocodb/src/controllers/auth/auth.controller.ts
@ -0,0 +1,266 @@
+import {
+  Body,
+  Controller,
+  Get,
+  HttpCode,
+  Param,
+  Post,
+  Request,
+  Response,
+  UseGuards,
+} from '@nestjs/common';
+import { AuthGuard } from '@nestjs/passport';
+import { ConfigService } from '@nestjs/config';
+import { extractRolesObj } from 'nocodb-sdk';
+import * as ejs from 'ejs';
+import type { AppConfig } from '~/interface/config';
+
+import { UsersService } from '~/services/users/users.service';
+import { AppHooksService } from '~/services/app-hooks/app-hooks.service';
+import { randomTokenString, setTokenCookie } from '~/services/users/helpers';
+
+import { GlobalGuard } from '~/guards/global/global.guard';
+import { NcError } from '~/helpers/catchError';
+import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
+import { User } from '~/models';
+
+export class CreateUserDto {
+  readonly username: string;
+  readonly email: string;
+  readonly password: string;
+}
+
+@Controller()
+export class AuthController {
+  constructor(
+    protected readonly usersService: UsersService,
+    protected readonly appHooksService: AppHooksService,
+    protected readonly config: ConfigService<AppConfig>,
+  ) {}
+
+  @Post([
+    '/auth/user/signup',
+    '/api/v1/db/auth/user/signup',
+    '/api/v1/auth/user/signup',
+  ])
+  @HttpCode(200)
+  async signup(@Request() req: any, @Response() res: any): Promise<any> {
+    if (this.config.get('auth', { infer: true }).disableEmailAuth) {
+      NcError.forbidden('Email authentication is disabled');
+    }
+    res.json(
+      await this.usersService.signup({
+        body: req.body,
+        req,
+        res,
+      }),
+    );
+  }
+
+  @Post([
+    '/auth/token/refresh',
+    '/api/v1/db/auth/token/refresh',
+    '/api/v1/auth/token/refresh',
+  ])
+  @HttpCode(200)
+  async refreshToken(@Request() req: any, @Response() res: any): Promise<any> {
+    res.json(
+      await this.usersService.refreshToken({
+        body: req.body,
+        req,
+        res,
+      }),
+    );
+  }
+
+  @Post([
+    '/auth/user/signin',
+    '/api/v1/db/auth/user/signin',
+    '/api/v1/auth/user/signin',
+  ])
+  @UseGuards(AuthGuard('local'))
+  @HttpCode(200)
+  async signin(@Request() req, @Response() res) {
+    if (this.config.get('auth', { infer: true }).disableEmailAuth) {
+      NcError.forbidden('Email authentication is disabled');
+    }
+    await this.setRefreshToken({ req, res });
+    res.json(await this.usersService.login(req.user));
+  }
+
+  @UseGuards(GlobalGuard)
+  @Post('/api/v1/auth/user/signout')
+  @HttpCode(200)
+  async signOut(@Request() req, @Response() res): Promise<any> {
+    if (!(req as any).isAuthenticated()) {
+      NcError.forbidden('Not allowed');
+    }
+    res.json(
+      await this.usersService.signOut({
+        req,
+        res,
+      }),
+    );
+  }
+
+  @Post(`/auth/google/genTokenByCode`)
+  @HttpCode(200)
+  @UseGuards(AuthGuard('google'))
+  async googleSignin(@Request() req, @Response() res) {
+    await this.setRefreshToken({ req, res });
+    res.json(await this.usersService.login(req.user));
+  }
+
+  @Get('/auth/google')
+  @UseGuards(AuthGuard('google'))
+  googleAuthenticate() {
+    // google strategy will take care the request
+  }
+
+  @Get(['/auth/user/me', '/api/v1/db/auth/user/me', '/api/v1/auth/user/me'])
+  @UseGuards(GlobalGuard)
+  async me(@Request() req) {
+    const user = {
+      ...req.user,
+      roles: extractRolesObj(req.user.roles),
+      workspace_roles: extractRolesObj(req.user.workspace_roles),
+      project_roles: extractRolesObj(req.user.project_roles),
+    };
+    return user;
+  }
+
+  @Post([
+    '/user/password/change',
+    '/api/v1/db/auth/password/change',
+    '/api/v1/auth/password/change',
+  ])
+  @UseGuards(GlobalGuard)
+  @Acl('passwordChange', {
+    scope: 'org',
+  })
+  @HttpCode(200)
+  async passwordChange(@Request() req: any): Promise<any> {
+    if (!(req as any).isAuthenticated()) {
+      NcError.forbidden('Not allowed');
+    }
+
+    await this.usersService.passwordChange({
+      user: req['user'],
+      req,
+      body: req.body,
+    });
+
+    return { msg: 'Password has been updated successfully' };
+  }
+
+  @Post([
+    '/auth/password/forgot',
+    '/api/v1/db/auth/password/forgot',
+    '/api/v1/auth/password/forgot',
+  ])
+  @HttpCode(200)
+  async passwordForgot(@Request() req: any): Promise<any> {
+    await this.usersService.passwordForgot({
+      siteUrl: (req as any).ncSiteUrl,
+      body: req.body,
+      req,
+    });
+
+    return { msg: 'Please check your email to reset the password' };
+  }
+
+  @Post([
+    '/auth/token/validate/:tokenId',
+    '/api/v1/db/auth/token/validate/:tokenId',
+    '/api/v1/auth/token/validate/:tokenId',
+  ])
+  @HttpCode(200)
+  async tokenValidate(@Param('tokenId') tokenId: string): Promise<any> {
+    await this.usersService.tokenValidate({
+      token: tokenId,
+    });
+    return { msg: 'Token has been validated successfully' };
+  }
+
+  @Post([
+    '/auth/password/reset/:tokenId',
+    '/api/v1/db/auth/password/reset/:tokenId',
+    '/api/v1/auth/password/reset/:tokenId',
+  ])
+  @HttpCode(200)
+  async passwordReset(
+    @Request() req: any,
+    @Param('tokenId') tokenId: string,
+    @Body() body: any,
+  ): Promise<any> {
+    await this.usersService.passwordReset({
+      token: tokenId,
+      body: body,
+      req,
+    });
+
+    return { msg: 'Password has been reset successfully' };
+  }
+
+  @Post([
+    '/api/v1/db/auth/email/validate/:tokenId',
+    '/api/v1/auth/email/validate/:tokenId',
+  ])
+  @HttpCode(200)
+  async emailVerification(
+    @Request() req: any,
+    @Param('tokenId') tokenId: string,
+  ): Promise<any> {
+    await this.usersService.emailVerification({
+      token: tokenId,
+      req,
+    });
+
+    return { msg: 'Email has been verified successfully' };
+  }
+
+  @Get([
+    '/api/v1/db/auth/password/reset/:tokenId',
+    '/auth/password/reset/:tokenId',
+  ])
+  async renderPasswordReset(
+    @Request() req: any,
+    @Response() res: any,
+    @Param('tokenId') tokenId: string,
+  ): Promise<any> {
+    try {
+      res.send(
+        ejs.render((await import('./ui/auth/resetPassword')).default, {
+          ncPublicUrl: process.env.NC_PUBLIC_URL || '',
+          token: JSON.stringify(tokenId),
+          baseUrl: `/`,
+        }),
+      );
+    } catch (e) {
+      return res.status(400).json({ msg: e.message });
+    }
+  }
+
+  async setRefreshToken({ res, req }) {
+    const userId = req.user?.id;
+
+    if (!userId) return;
+
+    const user = await User.get(userId);
+
+    if (!user) return;
+
+    const refreshToken = randomTokenString();
+
+    if (!user['token_version']) {
+      user['token_version'] = randomTokenString();
+    }
+
+    await User.update(user.id, {
+      refresh_token: refreshToken,
+      email: user.email,
+      token_version: user['token_version'],
+    });
+    setTokenCookie(res, refreshToken);
+  }
+}
--- a/packages/nocodb/src/controllers/users/ui/auth/emailVerify.ts
+++ b/packages/nocodb/src/controllers/users/ui/auth/emailVerify.ts
--- a/packages/nocodb/src/controllers/users/ui/auth/resetPassword.ts
+++ b/packages/nocodb/src/controllers/users/ui/auth/resetPassword.ts
--- a/packages/nocodb/src/controllers/users/ui/emailTemplates/forgotPassword.ts
+++ b/packages/nocodb/src/controllers/users/ui/emailTemplates/forgotPassword.ts
--- a/packages/nocodb/src/controllers/users/ui/emailTemplates/invite.ts
+++ b/packages/nocodb/src/controllers/users/ui/emailTemplates/invite.ts
--- a/packages/nocodb/src/controllers/users/ui/emailTemplates/verify.ts
+++ b/packages/nocodb/src/controllers/users/ui/emailTemplates/verify.ts
--- a/packages/nocodb/src/controllers/users/users.controller.ts
+++ b/packages/nocodb/src/controllers/users/users.controller.ts
@ -9,17 +9,11 @@ import {
  Response,
  UseGuards,
 } from '@nestjs/common';
-import { AuthGuard } from '@nestjs/passport';
-import * as ejs from 'ejs';
+
 import { ConfigService } from '@nestjs/config';
-import { extractRolesObj } from 'nocodb-sdk';
 import type { AppConfig } from '~/interface/config';
-import { GlobalGuard } from '~/guards/global/global.guard';
-import { NcError } from '~/helpers/catchError';
-import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
-import { User } from '~/models';
+
 import { AppHooksService } from '~/services/app-hooks/app-hooks.service';
-import { randomTokenString, setTokenCookie } from '~/services/users/helpers';
 import { UsersService } from '~/services/users/users.service';

@Controller()
@ -29,230 +23,4 @@ export class UsersController {
    protected readonly appHooksService: AppHooksService,
    protected readonly config: ConfigService<AppConfig>,
  ) {}
-
-  @Post([
-    '/auth/user/signup',
-    '/api/v1/db/auth/user/signup',
-    '/api/v1/auth/user/signup',
-  ])
-  @HttpCode(200)
-  async signup(@Request() req: any, @Response() res: any): Promise<any> {
-    if (this.config.get('auth', { infer: true }).disableEmailAuth) {
-      NcError.forbidden('Email authentication is disabled');
-    }
-    res.json(
-      await this.usersService.signup({
-        body: req.body,
-        req,
-        res,
-      }),
-    );
-  }
-
-  @Post([
-    '/auth/token/refresh',
-    '/api/v1/db/auth/token/refresh',
-    '/api/v1/auth/token/refresh',
-  ])
-  @HttpCode(200)
-  async refreshToken(@Request() req: any, @Response() res: any): Promise<any> {
-    res.json(
-      await this.usersService.refreshToken({
-        body: req.body,
-        req,
-        res,
-      }),
-    );
-  }
-
-  @Post([
-    '/auth/user/signin',
-    '/api/v1/db/auth/user/signin',
-    '/api/v1/auth/user/signin',
-  ])
-  @UseGuards(AuthGuard('local'))
-  @HttpCode(200)
-  async signin(@Request() req, @Response() res) {
-    if (this.config.get('auth', { infer: true }).disableEmailAuth) {
-      NcError.forbidden('Email authentication is disabled');
-    }
-    await this.setRefreshToken({ req, res });
-    res.json(await this.usersService.login(req.user));
-  }
-
-  @UseGuards(GlobalGuard)
-  @Post('/api/v1/auth/user/signout')
-  @HttpCode(200)
-  async signOut(@Request() req, @Response() res): Promise<any> {
-    if (!(req as any).isAuthenticated()) {
-      NcError.forbidden('Not allowed');
-    }
-    res.json(
-      await this.usersService.signOut({
-        req,
-        res,
-      }),
-    );
-  }
-
-  @Post(`/auth/google/genTokenByCode`)
-  @HttpCode(200)
-  @UseGuards(AuthGuard('google'))
-  async googleSignin(@Request() req, @Response() res) {
-    await this.setRefreshToken({ req, res });
-    res.json(await this.usersService.login(req.user));
-  }
-
-  @Get('/auth/google')
-  @UseGuards(AuthGuard('google'))
-  googleAuthenticate() {
-    // google strategy will take care the request
-  }
-
-  @Get(['/auth/user/me', '/api/v1/db/auth/user/me', '/api/v1/auth/user/me'])
-  @UseGuards(GlobalGuard)
-  async me(@Request() req) {
-    const user = {
-      ...req.user,
-      roles: extractRolesObj(req.user.roles),
-      workspace_roles: extractRolesObj(req.user.workspace_roles),
-      project_roles: extractRolesObj(req.user.project_roles),
-    };
-    return user;
-  }
-
-  @Post([
-    '/user/password/change',
-    '/api/v1/db/auth/password/change',
-    '/api/v1/auth/password/change',
-  ])
-  @UseGuards(GlobalGuard)
-  @Acl('passwordChange', {
-    scope: 'org',
-  })
-  @HttpCode(200)
-  async passwordChange(@Request() req: any): Promise<any> {
-    if (!(req as any).isAuthenticated()) {
-      NcError.forbidden('Not allowed');
-    }
-
-    await this.usersService.passwordChange({
-      user: req['user'],
-      req,
-      body: req.body,
-    });
-
-    return { msg: 'Password has been updated successfully' };
-  }
-
-  @Post([
-    '/auth/password/forgot',
-    '/api/v1/db/auth/password/forgot',
-    '/api/v1/auth/password/forgot',
-  ])
-  @HttpCode(200)
-  async passwordForgot(@Request() req: any): Promise<any> {
-    await this.usersService.passwordForgot({
-      siteUrl: (req as any).ncSiteUrl,
-      body: req.body,
-      req,
-    });
-
-    return { msg: 'Please check your email to reset the password' };
-  }
-
-  @Post([
-    '/auth/token/validate/:tokenId',
-    '/api/v1/db/auth/token/validate/:tokenId',
-    '/api/v1/auth/token/validate/:tokenId',
-  ])
-  @HttpCode(200)
-  async tokenValidate(@Param('tokenId') tokenId: string): Promise<any> {
-    await this.usersService.tokenValidate({
-      token: tokenId,
-    });
-    return { msg: 'Token has been validated successfully' };
-  }
-
-  @Post([
-    '/auth/password/reset/:tokenId',
-    '/api/v1/db/auth/password/reset/:tokenId',
-    '/api/v1/auth/password/reset/:tokenId',
-  ])
-  @HttpCode(200)
-  async passwordReset(
-    @Request() req: any,
-    @Param('tokenId') tokenId: string,
-    @Body() body: any,
-  ): Promise<any> {
-    await this.usersService.passwordReset({
-      token: tokenId,
-      body: body,
-      req,
-    });
-
-    return { msg: 'Password has been reset successfully' };
-  }
-
-  @Post([
-    '/api/v1/db/auth/email/validate/:tokenId',
-    '/api/v1/auth/email/validate/:tokenId',
-  ])
-  @HttpCode(200)
-  async emailVerification(
-    @Request() req: any,
-    @Param('tokenId') tokenId: string,
-  ): Promise<any> {
-    await this.usersService.emailVerification({
-      token: tokenId,
-      req,
-    });
-
-    return { msg: 'Email has been verified successfully' };
-  }
-
-  @Get([
-    '/api/v1/db/auth/password/reset/:tokenId',
-    '/auth/password/reset/:tokenId',
-  ])
-  async renderPasswordReset(
-    @Request() req: any,
-    @Response() res: any,
-    @Param('tokenId') tokenId: string,
-  ): Promise<any> {
-    try {
-      res.send(
-        ejs.render((await import('./ui/auth/resetPassword')).default, {
-          ncPublicUrl: process.env.NC_PUBLIC_URL || '',
-          token: JSON.stringify(tokenId),
-          baseUrl: `/`,
-        }),
-      );
-    } catch (e) {
-      return res.status(400).json({ msg: e.message });
-    }
-  }
-
-  async setRefreshToken({ res, req }) {
-    const userId = req.user?.id;
-
-    if (!userId) return;
-
-    const user = await User.get(userId);
-
-    if (!user) return;
-
-    const refreshToken = randomTokenString();
-
-    if (!user['token_version']) {
-      user['token_version'] = randomTokenString();
-    }
-
-    await User.update(user.id, {
-      refresh_token: refreshToken,
-      email: user.email,
-      token_version: user['token_version'],
-    });
-    setTokenCookie(res, refreshToken);
-  }
 }
--- a/packages/nocodb/src/modules/auth/auth.module.ts
+++ b/packages/nocodb/src/modules/auth/auth.module.ts
@ -0,0 +1,21 @@
+import { forwardRef, Module } from '@nestjs/common';
+import { PassportModule } from '@nestjs/passport';
+import { GoogleStrategyProvider } from '~/strategies/google.strategy/google.strategy';
+import { GlobalModule } from '~/modules/global/global.module';
+import { UsersService } from '~/services/users/users.service';
+import { AuthController } from '~/controllers/auth/auth.controller';
+import { MetasModule } from '~/modules/metas/metas.module';
+
+@Module({
+  imports: [
+    forwardRef(() => GlobalModule),
+    PassportModule,
+    forwardRef(() => MetasModule),
+  ],
+  controllers: [
+    ...(process.env.NC_WORKER_CONTAINER !== 'true' ? [AuthController] : []),
+  ],
+  providers: [UsersService, GoogleStrategyProvider],
+  exports: [UsersService],
+})
+export class AuthModule {}
--- a/packages/nocodb/src/modules/users/users.module.ts
+++ b/packages/nocodb/src/modules/users/users.module.ts
@ -1,6 +1,5 @@
 import { forwardRef, Module } from '@nestjs/common';
 import { PassportModule } from '@nestjs/passport';
-import { GoogleStrategyProvider } from '~/strategies/google.strategy/google.strategy';
 import { GlobalModule } from '~/modules/global/global.module';
 import { UsersService } from '~/services/users/users.service';
 import { UsersController } from '~/controllers/users/users.controller';
@ -15,7 +14,7 @@ import { MetasModule } from '~/modules/metas/metas.module';
  controllers: [
    ...(process.env.NC_WORKER_CONTAINER !== 'true' ? [UsersController] : []),
  ],
-  providers: [UsersService, GoogleStrategyProvider],
+  providers: [UsersService],
  exports: [UsersService],
 })
 export class UsersModule {}
--- a/packages/nocodb/src/services/auth.service.ts
+++ b/packages/nocodb/src/services/auth.service.ts
@ -4,7 +4,7 @@ import { Injectable } from '@nestjs/common';
 import * as bcrypt from 'bcryptjs';

 import { v4 as uuidv4 } from 'uuid';
-import type { CreateUserDto } from '~/controllers/auth.controller';
+import type { CreateUserDto } from 'src/controllers/auth/auth.controller';
 import Noco from '~/Noco';
 import { genJwt } from '~/services/users/helpers';
 import { UsersService } from '~/services/users/users.service';
--- a/packages/nocodb/src/services/users/users.service.ts
+++ b/packages/nocodb/src/services/users/users.service.ts
@ -209,7 +209,7 @@ export class UsersService {
      });
      try {
        const template = (
-          await import('~/controllers/users/ui/emailTemplates/forgotPassword')
+          await import('~/controllers/auth/ui/emailTemplates/forgotPassword')
        ).default;
        await NcPluginMgrv2.emailAdapter().then((adapter) =>
          adapter.mailSend({
@ -451,7 +451,7 @@ export class UsersService {

    try {
      const template = (
-        await import('~/controllers/users/ui/emailTemplates/verify')
+        await import('~/controllers/auth/ui/emailTemplates/verify')
      ).default;
      await (
        await NcPluginMgrv2.emailAdapter()