Skip to content
Snippets Groups Projects
Select Git revision
  • main default protected
  • sprint-1/75-issue
  • feat/histograms
  • feat/exareme2-viz-integrations
  • docs
  • fix/datashield-token-issue
  • feat/logistic-reg-cv
  • feat/datashield-integration
  • feat/datashield-algorithms
  • feat/remove-matomo-config
  • feat/auth-refresh-token
  • feat/integration-logistic-regression
  • feat/exareme2-integration
  • feat/exareme2-t-test-paired-integration
  • feat/linear-regression-cv
  • fix/cache-reset-logout
  • feat/datashield-connector
  • feat/connector-cache
  • feat/datashield-cohorts-filter
  • feat/logger-levels
  • 1.4.1
  • 1.4.0
  • 1.4.0-rc.7
  • 1.4.0-rc.6
  • 1.4.0-beta.10
  • 1.4.0-beta.9
  • 1.4.0-beta.8
  • 1.4.0-rc.5
  • 1.4.0-rc.4
  • 1.4.0-beta.7
  • 1.4.0-beta.6
  • 1.4.0-rc.3
  • 1.4.0-rc.2
  • 1.4.0-rc.1
  • 1.4.0-beta.5
  • 1.4.0-beta.4
  • 1.4.0-beta.3
  • 1.4.0-beta.2
  • 1.4.0-beta.1
  • 1.3.1
40 results
Blame History Permalink
auth.resolver.ts 3.04 KiB 
import {
  Inject,
  InternalServerErrorException,
  Logger,
  UseGuards,
} from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { Args, Mutation, Resolver } from '@nestjs/graphql';
import { Response, Request } from 'express';
import { GQLRequest } from 'src/common/decorators/gql-request.decoractor';
import { GQLResponse } from '../common/decorators/gql-response.decoractor';
import { parseToBoolean } from '../common/utilities';
import {
  ENGINE_MODULE_OPTIONS,
  ENGINE_SERVICE,
} from '../engine/engine.constants';
import { IEngineOptions, IEngineService } from '../engine/engine.interfaces';
import { User } from '../users/models/user.model';
import { authConstants } from './auth-constants';
import { AuthService } from './auth.service';
import { CurrentUser } from './decorators/user.decorator';
import { JwtAuthGuard } from './guards/jwt-auth.guard';
import { LocalAuthGuard } from './guards/local-auth.guard';
import { AuthenticationInput } from './inputs/authentication.input';
import { AuthenticationOutput } from './outputs/authentication.output';

//Custom defined type because Pick<CookieOptions, 'sameSite'> does not work
type SameSiteType = boolean | 'lax' | 'strict' | 'none' | undefined;

@Resolver()
export class AuthResolver {
  private readonly logger = new Logger(AuthResolver.name);

  constructor(
    @Inject(ENGINE_SERVICE) private readonly engineService: IEngineService,
    @Inject(ENGINE_MODULE_OPTIONS)
    private readonly engineOptions: IEngineOptions,
    private readonly authService: AuthService,
    private readonly configService: ConfigService,
  ) {}

  @Mutation(() => AuthenticationOutput)
  @UseGuards(LocalAuthGuard)
  async login(
    @GQLResponse() res: Response,
    @CurrentUser() user: User,
    @Args('variables') inputs: AuthenticationInput,
  ): Promise<AuthenticationOutput> {
    this.logger.verbose(`${inputs.username} logged in`);

    const data = await this.authService.login(user);
    if (!data)
      throw new InternalServerErrorException(
        `Error during the authentication process`,
      );

    res.cookie(authConstants.cookie.name, data.accessToken, {
      httpOnly: parseToBoolean(
        this.configService.get(authConstants.cookie.httpOnly, 'true'),
      ),
      sameSite: this.configService.get<SameSiteType>(
        authConstants.cookie.sameSite,
        'strict',
      ),
      secure: parseToBoolean(
        this.configService.get(authConstants.cookie.secure, 'true'),
      ),
    });

    return {
      accessToken: data.accessToken,
    };
  }

  @Mutation(() => Boolean)
  @UseGuards(JwtAuthGuard)
  logout(
    @GQLRequest() req: Request,
    @GQLResponse() res: Response,
    @CurrentUser() user: User,
  ): boolean {
    if (user) {
      this.logger.verbose(`${user.username} logged out`);
      try {
        this.engineService.logout?.(req);
      } catch (e) {
        this.logger.debug(
          `Service ${this.engineOptions.type} produce an error when logging out ${user.username}`,
        );
      }
    }

    res.clearCookie(authConstants.cookie.name);

    return true;
  }
}