Merge pull request #42 from tenseijs/csrf-tokens-for-auth

feat(auth): add access tokens / refresh tokens and session based authentication to auth package
tenseijs · Dec 4, 2020 · ef3c86c · ef3c86c
2 parents be93552 + c9a58da
commit ef3c86c
Show file tree

Hide file tree

Showing 10 changed files with 621 additions and 393 deletions.
diff --git a/examples/blog/app.js b/examples/blog/app.js
@@ -16,6 +16,7 @@ module.exports = tensei()
     .dashboardPath('tensei')
     .resources([Tag, Post, User, Comment])
     .clientUrl('https://google.com')
+    .serverUrl('http://localhost:5000')
     .defaultStorageDriver('local')
     .routes([
         route('Get products')
@@ -39,7 +40,7 @@ module.exports = tensei()
             .verifyEmails()
             .teams()
             .apiPath('auth')
-            .noCookies()
+            // .noCookies()
             .rolesAndPermissions()
             .social('github', {
                 key: process.env.GITHUB_KEY,
@@ -60,27 +61,9 @@ module.exports = tensei()
             })
             .plugin(),
         media().plugin(),
-        graphql()
-            .subscriptions(new RedisPubSub())
-            .middlewareOptions({
-                cors: {
-                    credentials: true,
-                    origin: ['http://localhost:3001'],
-                },
-            })
-            .plugin(),
+        graphql().plugin(),
         rest().plugin(),
         docs().plugin(),
-        plugin('Custom Slug Validation').register(({ indicative }) => {
-            indicative.validator.extend('slug', {
-                async: false,
-                validate(data, field) {
-                    return data.original[field].match(
-                        /^[a-z0-9]+(?:-[a-z0-9]+)*$/
-                    )
-                },
-            })
-        }),
     ])
     .databaseConfig({
         type: process.env.DATABASE_TYPE || 'mysql',

diff --git a/examples/blog/app.ts b/examples/blog/app.ts
@@ -39,8 +39,8 @@ module.exports = tensei()
             .teams()
             .apiPath('auth')
             .rolesAndPermissions()
-            .jwt({
-                expiresIn: 60,
+            .configureTokens({
+                accessTokenExpiresIn: 60,
                 refreshTokenExpiresIn: 60 * 2,
             })
             .social('github', {

diff --git a/media-library.md b/media-library.md
diff --git a/packages/auth/auth.d.ts b/packages/auth/auth.d.ts
@@ -1,6 +1,7 @@
 import { Mail } from '@tensei/mail'
 import { UserEntity } from './src/config'
 import { AnyEntity } from '@mikro-orm/core'
+import { SessionData } from 'express-session'
 import * as Formatter from 'express-response-formatter'
 
 declare global {
@@ -10,3 +11,11 @@ declare global {
         }
     }
 }
+
+declare module 'express-session' {
+    interface SessionData {
+        user: {
+            id: number
+        }
+    }
+}
diff --git a/packages/auth/package.json b/packages/auth/package.json
@@ -40,7 +40,7 @@
         "@purest/providers": "^1.0.1",
         "@tensei/common": "^0.4.1",
         "@types/bcryptjs": "^2.4.2",
-        "@types/express-session": "^1.17.0",
+        "@types/express-session": "^1.17.3",
         "@types/jsonwebtoken": "^8.5.0",
         "@types/qrcode": "^1.3.5",
         "@types/randomstring": "^1.1.6",