Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(authentication)!: major code cleanup #354

Merged
merged 26 commits into from
Sep 30, 2022
Merged

refactor(authentication)!: major code cleanup #354

merged 26 commits into from
Sep 30, 2022

Conversation

kkopanidis
Copy link
Contributor

@kkopanidis kkopanidis commented Sep 28, 2022
edited by kon14

This PR provides a major cleanup in Authentication:

  • Streamline token creation
  • align sign-in/logout operations
  • expand JWT usage
  • fixes various unimplemented features in some providers
  • support for accessToken cookies
  • header/cookie-based token renewal

BREAKING CHANGE:

  • User token renewal route now accepts refresh token through a bearer-formatted 'Authorization' header (eg: 'Bearer some-token-str') or refreshToken cookie.
  • Authentication schemas: userId (string) -> user (relation)
  • Authentication config schema has been modified

What kind of change does this PR introduce?

  • Bugfix
  • Feature
  • Code style update
  • Refactor
  • Build-related changes
  • Other (please describe)

Does this PR introduce a breaking change?

  • Yes
  • No

The PR fulfills these requirements:

  • It's submitted to the main branch
  • When resolving a specific issue, it's referenced in the PR's description (e.g. fix #xxx, where "xxx" is the issue number)

If adding a new feature, the PR's description includes:

  • A convincing reason for adding this feature

Other information:

@kkopanidis
refactor(authentication): split configs to a more manageable structure
2b0be33 
refactor(authentication)!: split cookie options to global and token-specific
refactor(authentication)!: merge token expire in access and refresh tokens
refactor(authentication)!: expand refresh token availability
refactor(authentication)!: allow access/refresh tokens to be set as cookies separately
refactor(authentication): centralized token provisioning to cleanup code
@kkopanidis
refactor(authentication): cleanup in TokenProvider
ae4ed78 
fix(authentication): multi-session checks now applied in all providers
@kkopanidis
refactor(authentication): cleanup in TokenProvider
1fa6e46 
fix(authentication): multi-session checks now applied in all providers
chore(authentication): cleanup imports
@kkopanidis
feat(authentication): create new var in JWT to specify if user has 2fa
c775f32
@kkopanidis
refactor(authentication)!: rename userId in schemas to user to reflec…
0201a76 
…t actual model

refactor(authentication)!: re-work 2fa mechanics to utilize JWT
feat(authentication)!: add sudo mode to JWT to protect sensitive operations
@kkopanidis
chore: reformat code
be897ce
@kkopanidis kkopanidis marked this pull request as ready for review September 28, 2022 18:52
@kon14
Copy link
Contributor

kon14 commented Sep 30, 2022

Rebased against main.

@kkopanidis kkopanidis merged commit 1136a0f into main Sep 30, 2022
@kkopanidis kkopanidis deleted the auth-refactor branch September 30, 2022 14:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kon14 kon14 kon14 approved these changes

@ChrisPdgn ChrisPdgn Awaiting requested review from ChrisPdgn

@SotiriaSte SotiriaSte Awaiting requested review from SotiriaSte

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@kkopanidis @kon14 @code-factor @ChrisPdgn @SotiriaSte