Select Git revision
SessionRoutes.ts
michael.minelli authored
SessionRoutes.ts 9.20 KiB
import { Express } from 'express-serve-static-core';
import express from 'express';
import * as ExpressValidator from 'express-validator';
import { StatusCodes } from 'http-status-codes';
import RoutesManager from '../express/RoutesManager';
import ParamsValidatorMiddleware from '../middlewares/ParamsValidatorMiddleware';
import SecurityMiddleware from '../middlewares/SecurityMiddleware';
import GitlabManager from '../managers/GitlabManager';
import UserManager from '../managers/UserManager';
import DojoStatusCode from '../shared/types/Dojo/DojoStatusCode';
import SharedGitlabManager from '../shared/managers/SharedGitlabManager';
import Config from '../config/Config';
class SessionRoutes implements RoutesManager {
private readonly loginValidator: ExpressValidator.Schema = {
accessToken : {
trim : true,
notEmpty: true
},
refreshToken: {
trim : true,
notEmpty: true
}
};
private readonly refreshTokensValidator: ExpressValidator.Schema = {
refreshToken: {
trim : true,
notEmpty: true
}
};
registerOnBackend(backend: Express) {
backend.post('/login', ParamsValidatorMiddleware.validate(this.loginValidator), this.login);
backend.post('/refresh_tokens', ParamsValidatorMiddleware.validate(this.refreshTokensValidator), this.refreshTokens);
backend.get('/test_session', SecurityMiddleware.check(true), this.testSession);
}
private async login(req: express.Request, res: express.Response) {
/*
#swagger.tags = ['Session']
#swagger.summary = 'Login to Dojo app'
#swagger.description = 'This route can be used to connect the user to the backend and retrieve informations about his access rights.'
#swagger.requestBody = {
content: {
"multipart/form-data": {
schema: {
type: 'object',
properties: {
accessToken: {
type: 'string',
format: 'Gitlab access token'
},
refreshToken: {
type: 'string',
format: 'Gitlab refresh token'
}
},
required: ['accessToken', 'refreshToken']
}
}
}
}
#swagger.responses[200] = {
content: {
"application/json": {
schema:{
$ref: "#/components/schemas/DojoBackendResponse"
} }
}
}
#swagger.responses[404] = {
description: "Can't retrieve user informations from Gitlab with the provided access token.",
content: {
"application/json": {
schema:{
$ref: "#/components/schemas/DojoBackendResponse"
}
}
}
}
*/
try {
const params: {
accessToken: string, refreshToken: string
} = req.body;
const gitlabUser = await GitlabManager.getUserProfile(params.accessToken);
if ( gitlabUser ) {
req.session.profile = await UserManager.getUpdateFromGitlabProfile(gitlabUser);
req.session.sendResponse(res, StatusCodes.OK);
return;
} else {
req.session.sendResponse(res, StatusCodes.NOT_FOUND);
}
} catch ( error ) {
req.session.sendResponse(res, StatusCodes.INTERNAL_SERVER_ERROR, {}, 'Unknown error while logging in', DojoStatusCode.LOGIN_FAILED);
}
}
private async refreshTokens(req: express.Request, res: express.Response) {
/*
#swagger.tags = ['Session']
#swagger.summary = 'Refresh tokens'
#swagger.description = 'This route can be used to refresh the session. Gitlab tokens will be refreshed and a new Dojo backend JWT token will be provided.'
#swagger.requestBody = {
content: {
"multipart/form-data": {
schema: {
type: 'object',
properties: {
refreshToken: {
type: 'string',
format: 'Gitlab refresh token'
}
},
required: ['refreshToken']
}
}
}
}
#swagger.responses[200] = {
description: 'The new Gitlab tokens as returned by Gitlab API.',
content: {
"application/json": {
schema:{
allOf: [
{ $ref: "#/components/schemas/DojoBackendResponse" },
{
type : 'object',
properties : {
data: {
type: 'object',
properties: {
"access_token": { "type": "string",
"example": "de6780bc506a0446309bd9362820ba8aed28aa506c71eedbe1c5c4f9dd350e54"
},
"token_type": {
"type": "string",
"example": "bearer"
},
"expires_in": {
"type": "number",
"example": 7200
},
"refresh_token": {
"type": "string",
"example": "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
},
"scope": {
"type": "array",
"example": [
"api",
"create_runner",
"read_repository",
"write_repository"
],
"items": {
"type": "string"
}
},
"created_at": {
"type": "number",
"example": 1607635748
}
},
"required": [
"access_token",
"token_type",
"expires_in",
"refresh_token",
"scope",
"created_at"
]
}
}
}
]
}
}
}
}
*/
try {
const params: {
refreshToken: string
} = req.body;
const gitlabTokens = await SharedGitlabManager.getTokens(params.refreshToken, true, Config.login.gitlab.client.secret);
req.session.sendResponse(res, StatusCodes.OK, gitlabTokens);
} catch ( error ) {
req.session.sendResponse(res, StatusCodes.INTERNAL_SERVER_ERROR, {}, 'Unknown error while refresh tokens', DojoStatusCode.REFRESH_TOKENS_FAILED);
}
}
private async testSession(req: express.Request, res: express.Response) {
/*
#swagger.tags = ['Session']
#swagger.summary = 'Test of the session'
#swagger.description = 'This route can be used to test the validity of the session token.'
#swagger.responses[200] = {
content: { "application/json": {
schema:{
$ref: "#/components/schemas/DojoBackendResponse"
}
}
}
}
*/
req.session.sendResponse(res, StatusCodes.OK);
}
}
export default new SessionRoutes();