Listory/src/auth/auth.controller.ts

import {
  Controller,
  Get,
  Post,
  Res,
  UseFilters,
  UseGuards,
} from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import type { Response } from "express";
import { User } from "../users/user.entity";
import { AuthSession } from "./auth-session.entity";
import { AuthService } from "./auth.service";
import { COOKIE_REFRESH_TOKEN } from "./constants";
import { ReqUser } from "./decorators/req-user.decorator";
import { RefreshAccessTokenResponseDto } from "./dto/refresh-access-token-response.dto";
import {
  RefreshTokenAuthGuard,
  SpotifyAuthGuard,
} from "./guards/auth-strategies.guard";
import { SpotifyAuthFilter } from "./spotify.filter";

@Controller("api/v1/auth")
export class AuthController {
  constructor(
    private readonly authService: AuthService,
    private readonly config: ConfigService
  ) {}

  @Get("spotify")
  @UseGuards(SpotifyAuthGuard)
  spotifyRedirect() {
    // User is redirected by AuthGuard
  }

  @Get("spotify/callback")
  @UseFilters(SpotifyAuthFilter)
  @UseGuards(SpotifyAuthGuard)
  async spotifyCallback(@ReqUser() user: User, @Res() res: Response) {
    const { refreshToken } = await this.authService.createSession(user);

    // Refresh token should not be accessible to frontend to reduce risk
    // of XSS attacks.
    res.cookie(COOKIE_REFRESH_TOKEN, refreshToken, { httpOnly: true });

    // Redirect User to SPA
    res.redirect("/login/success?source=spotify");
  }

  @Post("token/refresh")
  @UseGuards(RefreshTokenAuthGuard)
  async refreshAccessToken(
    // With RefreshTokenAuthGuard the session is available instead of user
    @ReqUser() session: AuthSession
  ): Promise<RefreshAccessTokenResponseDto> {
    const { accessToken } = await this.authService.createAccessToken(session);

    return { accessToken };
  }
}
feat: implement long-lived sessions 2020-09-05 23:35:53 +02:00			`import {`
			`Controller,`
			`Get,`
			`Post,`
			`Res,`
			`UseFilters,`
			`UseGuards,`
			`} from "@nestjs/common";`
fix(api): redirect to frontend on spotify auth error 2020-05-02 20:04:33 +02:00			`import { ConfigService } from "@nestjs/config";`
chore(lint): switch to eslint 2021-05-25 18:12:42 +02:00			`import type { Response } from "express";`
feat(api): user authentication 2020-02-01 16:11:48 +01:00			`import { User } from "../users/user.entity";`
feat: implement long-lived sessions 2020-09-05 23:35:53 +02:00			`import { AuthSession } from "./auth-session.entity";`
feat(api): user authentication 2020-02-01 16:11:48 +01:00			`import { AuthService } from "./auth.service";`
feat: implement long-lived sessions 2020-09-05 23:35:53 +02:00			`import { COOKIE_REFRESH_TOKEN } from "./constants";`
fix(api): redirect to frontend on spotify auth error 2020-05-02 20:04:33 +02:00			`import { ReqUser } from "./decorators/req-user.decorator";`
feat: implement long-lived sessions 2020-09-05 23:35:53 +02:00			`import { RefreshAccessTokenResponseDto } from "./dto/refresh-access-token-response.dto";`
			`import {`
			`RefreshTokenAuthGuard,`
			`SpotifyAuthGuard,`
			`} from "./guards/auth-strategies.guard";`
fix(api): redirect to frontend on spotify auth error 2020-05-02 20:04:33 +02:00			`import { SpotifyAuthFilter } from "./spotify.filter";`
feat(api): user authentication 2020-02-01 16:11:48 +01:00
			`@Controller("api/v1/auth")`
			`export class AuthController {`
			`constructor(`
			`private readonly authService: AuthService,`
			`private readonly config: ConfigService`
			`) {}`

			`@Get("spotify")`
feat: implement long-lived sessions 2020-09-05 23:35:53 +02:00			`@UseGuards(SpotifyAuthGuard)`
feat(api): user authentication 2020-02-01 16:11:48 +01:00			`spotifyRedirect() {`
			`// User is redirected by AuthGuard`
			`}`

			`@Get("spotify/callback")`
fix(api): redirect to frontend on spotify auth error 2020-05-02 20:04:33 +02:00			`@UseFilters(SpotifyAuthFilter)`
feat: implement long-lived sessions 2020-09-05 23:35:53 +02:00			`@UseGuards(SpotifyAuthGuard)`
feat(api): user authentication 2020-02-01 16:11:48 +01:00			`async spotifyCallback(@ReqUser() user: User, @Res() res: Response) {`
feat: implement long-lived sessions 2020-09-05 23:35:53 +02:00			`const { refreshToken } = await this.authService.createSession(user);`
feat(api): user authentication 2020-02-01 16:11:48 +01:00
feat: implement long-lived sessions 2020-09-05 23:35:53 +02:00			`// Refresh token should not be accessible to frontend to reduce risk`
			`// of XSS attacks.`
			`res.cookie(COOKIE_REFRESH_TOKEN, refreshToken, { httpOnly: true });`
feat(api): user authentication 2020-02-01 16:11:48 +01:00
			`// Redirect User to SPA`
feat(frontend): show page when login fails 2020-05-02 21:46:05 +02:00			`res.redirect("/login/success?source=spotify");`
feat(api): user authentication 2020-02-01 16:11:48 +01:00			`}`
feat: implement long-lived sessions 2020-09-05 23:35:53 +02:00
			`@Post("token/refresh")`
			`@UseGuards(RefreshTokenAuthGuard)`
			`async refreshAccessToken(`
			`// With RefreshTokenAuthGuard the session is available instead of user`
			`@ReqUser() session: AuthSession`
			`): Promise<RefreshAccessTokenResponseDto> {`
			`const { accessToken } = await this.authService.createAccessToken(session);`

			`return { accessToken };`
			`}`
feat(api): user authentication 2020-02-01 16:11:48 +01:00			`}`