From 215dea81c6ad808a8f1af0b2b9cad614c538b1c0 Mon Sep 17 00:00:00 2001 From: Pranav C Date: Tue, 30 May 2023 15:47:17 +0530 Subject: [PATCH 1/5] fix: set refresh-token on login and correction in refresh-token based api Signed-off-by: Pranav C --- .../src/controllers/users/users.controller.ts | 118 +++++++----------- 1 file changed, 43 insertions(+), 75 deletions(-) diff --git a/packages/nocodb/src/controllers/users/users.controller.ts b/packages/nocodb/src/controllers/users/users.controller.ts index 8ffb6dbf6a..c68c06a4cd 100644 --- a/packages/nocodb/src/controllers/users/users.controller.ts +++ b/packages/nocodb/src/controllers/users/users.controller.ts @@ -1,5 +1,3 @@ -import { promisify } from 'util'; -import { AuditOperationSubTypes, AuditOperationTypes } from 'nocodb-sdk'; import { Body, Controller, @@ -15,27 +13,18 @@ import * as ejs from 'ejs'; import { AuthGuard } from '@nestjs/passport'; import { GlobalGuard } from '../../guards/global/global.guard'; import { NcError } from '../../helpers/catchError'; +import { Acl } from '../../middlewares/extract-project-id/extract-project-id.middleware'; +import { User } from '../../models'; import { - Acl, - ExtractProjectIdMiddleware, -} from '../../middlewares/extract-project-id/extract-project-id.middleware'; -import Noco from '../../Noco'; -import { GoogleStrategy } from '../../strategies/google.strategy/google.strategy'; -import extractRolesObj from '../../utils/extractRolesObj'; -import { Audit, User } from '../../models'; -import { - genJwt, randomTokenString, setTokenCookie, } from '../../services/users/helpers'; import { UsersService } from '../../services/users/users.service'; +import extractRolesObj from '../../utils/extractRolesObj'; @Controller() export class UsersController { - constructor( - private readonly usersService: UsersService, - private googleStrategy: GoogleStrategy, - ) {} + constructor(private readonly usersService: UsersService) {} @Post([ '/auth/user/signup', @@ -59,56 +48,14 @@ export class UsersController { '/api/v1/auth/token/refresh', ]) @HttpCode(200) - async refreshToken(@Request() req: any, @Request() res: any): Promise { - return await this.usersService.refreshToken({ - body: req.body, - req, - res, - }); - } - - async successfulSignIn({ user, err, info, req, res, auditDescription }) { - try { - if (!user || !user.email) { - if (err) { - return res.status(400).send(err); - } - if (info) { - return res.status(400).send(info); - } - return res.status(400).send({ msg: 'Your signin has failed' }); - } - - await promisify((req as any).login.bind(req))(user); - - const refreshToken = randomTokenString(); - - if (!user.token_version) { - user.token_version = randomTokenString(); - } - - await User.update(user.id, { - refresh_token: refreshToken, - email: user.email, - token_version: user.token_version, - }); - setTokenCookie(res, refreshToken); - - await Audit.insert({ - op_type: AuditOperationTypes.AUTHENTICATION, - op_sub_type: AuditOperationSubTypes.SIGNIN, - user: user.email, - ip: req.clientIp, - description: auditDescription, - }); - - res.json({ - token: genJwt(user, Noco.getConfig()), - } as any); - } catch (e) { - console.log(e); - throw e; - } + async refreshToken(@Request() req: any, @Response() res: any): Promise { + res.json( + await this.usersService.refreshToken({ + body: req.body, + req, + res, + }), + ); } @Post([ @@ -118,8 +65,9 @@ export class UsersController { ]) @UseGuards(AuthGuard('local')) @HttpCode(200) - async signin(@Request() req) { - return this.usersService.login(req.user); + async signin(@Request() req, @Response() res) { + await this.setRefreshToken({ req, res }); + res.json(this.usersService.login(req.user)); } @Post('/api/v1/auth/user/signout') @@ -136,22 +84,19 @@ export class UsersController { @Post(`/auth/google/genTokenByCode`) @HttpCode(200) @UseGuards(AuthGuard('google')) - async googleSignin(@Request() req) { - return this.usersService.login(req.user); + async googleSignin(@Request() req, @Response() res) { + await this.setRefreshToken({ req, res }); + res.json(this.usersService.login(req.user)); } @Get('/auth/google') @UseGuards(AuthGuard('google')) googleAuthenticate(@Request() req) { - // this.googleStrategy.authenticate(req, { - // scope: ['profile', 'email'], - // state: req.query.state, - // callbackURL: req.ncSiteUrl + Noco.getConfig().dashboardPath, - // }); + // google strategy will take care the request } @Get(['/auth/user/me', '/api/v1/db/auth/user/me', '/api/v1/auth/user/me']) - @UseGuards(ExtractProjectIdMiddleware, GlobalGuard) + @UseGuards(GlobalGuard) async me(@Request() req) { const user = { ...req.user, @@ -269,4 +214,27 @@ export class UsersController { return res.status(400).json({ msg: e.message }); } } + + async setRefreshToken({ res, req }) { + const userId = req.user?.id; + + if (!userId) return; + + const user: any = await User.get(userId); + + if (!user) return; + + const refreshToken = randomTokenString(); + + if (!user.token_version) { + user.token_version = randomTokenString(); + } + + await User.update(user.id, { + refresh_token: refreshToken, + email: user.email, + token_version: user.token_version, + }); + setTokenCookie(res, refreshToken); + } } From 66ad98761c63ecc22f5292cc87be52a70cc3491a Mon Sep 17 00:00:00 2001 From: Pranav C Date: Wed, 31 May 2023 01:41:12 +0530 Subject: [PATCH 2/5] fix: remove unnecessary async Signed-off-by: Pranav C --- packages/nocodb/src/services/users/users.service.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/nocodb/src/services/users/users.service.ts b/packages/nocodb/src/services/users/users.service.ts index 6d60b76336..48a3f4928a 100644 --- a/packages/nocodb/src/services/users/users.service.ts +++ b/packages/nocodb/src/services/users/users.service.ts @@ -486,9 +486,9 @@ export class UsersService { return this.login(user); } - async login(user: any) { + login(user: any) { return { - token: genJwt(user, Noco.getConfig()), //this.jwtService.sign(payload), + token: genJwt(user, Noco.getConfig()), }; } From 268d8367b7a4f864a9067b320e09cf81139a57fc Mon Sep 17 00:00:00 2001 From: Pranav C Date: Wed, 31 May 2023 11:02:24 +0530 Subject: [PATCH 3/5] refactor: type correction Signed-off-by: Pranav C --- packages/nocodb-sdk/src/lib/Api.ts | 2 ++ packages/nocodb/src/controllers/users/users.controller.ts | 2 +- packages/nocodb/src/schema/swagger.json | 4 ++++ packages/nocodb/src/services/users/users.service.ts | 2 +- 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/packages/nocodb-sdk/src/lib/Api.ts b/packages/nocodb-sdk/src/lib/Api.ts index 06493d405c..5a3fa5ebe1 100644 --- a/packages/nocodb-sdk/src/lib/Api.ts +++ b/packages/nocodb-sdk/src/lib/Api.ts @@ -2255,6 +2255,8 @@ export interface UserType { * @example org-level-viewer */ roles?: string; + /** Access token version */ + token_version?: string; } /** diff --git a/packages/nocodb/src/controllers/users/users.controller.ts b/packages/nocodb/src/controllers/users/users.controller.ts index c68c06a4cd..02f4bf13c2 100644 --- a/packages/nocodb/src/controllers/users/users.controller.ts +++ b/packages/nocodb/src/controllers/users/users.controller.ts @@ -220,7 +220,7 @@ export class UsersController { if (!userId) return; - const user: any = await User.get(userId); + const user = await User.get(userId); if (!user) return; diff --git a/packages/nocodb/src/schema/swagger.json b/packages/nocodb/src/schema/swagger.json index b7d5a6e102..34fae1d3d8 100644 --- a/packages/nocodb/src/schema/swagger.json +++ b/packages/nocodb/src/schema/swagger.json @@ -20000,6 +20000,10 @@ "description": "The roles of the user", "example": "org-level-viewer", "type": "string" + }, + "token_version": { + "description": "Access token version", + "type": "string" } }, "required": ["email", "email_verified", "firstname", "id", "lastname"], diff --git a/packages/nocodb/src/services/users/users.service.ts b/packages/nocodb/src/services/users/users.service.ts index 48a3f4928a..0753329060 100644 --- a/packages/nocodb/src/services/users/users.service.ts +++ b/packages/nocodb/src/services/users/users.service.ts @@ -486,7 +486,7 @@ export class UsersService { return this.login(user); } - login(user: any) { + login(user: UserType) { return { token: genJwt(user, Noco.getConfig()), }; From 78fdabfde76fe3dc311ad64c9de58b24bc785fd3 Mon Sep 17 00:00:00 2001 From: Pranav C Date: Wed, 31 May 2023 11:58:37 +0530 Subject: [PATCH 4/5] fix: add extractProjectId middleware to /me endpoint Signed-off-by: Pranav C --- packages/nc-gui/composables/useApi/interceptors.ts | 1 + packages/nocodb/src/controllers/users/users.controller.ts | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/packages/nc-gui/composables/useApi/interceptors.ts b/packages/nc-gui/composables/useApi/interceptors.ts index 4c12bc083c..c09c8c3b2e 100644 --- a/packages/nc-gui/composables/useApi/interceptors.ts +++ b/packages/nc-gui/composables/useApi/interceptors.ts @@ -69,6 +69,7 @@ export function addAxiosInterceptors(api: Api) { await state.signOut() // todo: handle new user + debugger navigateTo('/signIn') return Promise.reject(error) diff --git a/packages/nocodb/src/controllers/users/users.controller.ts b/packages/nocodb/src/controllers/users/users.controller.ts index 02f4bf13c2..e618890e7a 100644 --- a/packages/nocodb/src/controllers/users/users.controller.ts +++ b/packages/nocodb/src/controllers/users/users.controller.ts @@ -13,7 +13,10 @@ import * as ejs from 'ejs'; import { AuthGuard } from '@nestjs/passport'; import { GlobalGuard } from '../../guards/global/global.guard'; import { NcError } from '../../helpers/catchError'; -import { Acl } from '../../middlewares/extract-project-id/extract-project-id.middleware'; +import { + Acl, + ExtractProjectIdMiddleware, +} from '../../middlewares/extract-project-id/extract-project-id.middleware'; import { User } from '../../models'; import { randomTokenString, @@ -96,7 +99,7 @@ export class UsersController { } @Get(['/auth/user/me', '/api/v1/db/auth/user/me', '/api/v1/auth/user/me']) - @UseGuards(GlobalGuard) + @UseGuards(ExtractProjectIdMiddleware, GlobalGuard) async me(@Request() req) { const user = { ...req.user, From 8e7cee8330f57ada532c985693f67fd85bf3845a Mon Sep 17 00:00:00 2001 From: Pranav C Date: Wed, 31 May 2023 14:22:55 +0530 Subject: [PATCH 5/5] fix: remove unnecessary debugger statement Signed-off-by: Pranav C --- packages/nc-gui/composables/useApi/interceptors.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/nc-gui/composables/useApi/interceptors.ts b/packages/nc-gui/composables/useApi/interceptors.ts index c09c8c3b2e..8e2609b3ab 100644 --- a/packages/nc-gui/composables/useApi/interceptors.ts +++ b/packages/nc-gui/composables/useApi/interceptors.ts @@ -67,9 +67,8 @@ export function addAxiosInterceptors(api: Api) { }) .catch(async (error) => { await state.signOut() - // todo: handle new user - debugger + // todo: handle new user navigateTo('/signIn') return Promise.reject(error)