feat: add routes + cookieAuth

saisilinus · Dec 17, 2021 · 58cecb3 · 58cecb3
1 parent 29793dc
commit 58cecb3
Show file tree

Hide file tree

Showing 7 changed files with 65 additions and 12 deletions.
diff --git a/src/Auth/auth.controller.ts b/src/Auth/auth.controller.ts
@@ -37,6 +37,8 @@ export const loginController = catchAsync(async (req: Request, res: Response) =>
 
 export const logoutController = catchAsync(async (req: Request, res: Response) => {
   await logout(req.cookies.refreshToken);
+  res.clearCookie('accessToken');
+  res.clearCookie('refreshToken');
   res.status(httpStatus.NO_CONTENT).send();
 });
 
@@ -54,6 +56,7 @@ export const forgotPasswordController = catchAsync(async (req: Request, res: Res
 
 export const resetPasswordController = catchAsync(async (req: Request, res: Response) => {
   await resetPassword(req.cookies.resetPasswordToken, req.body.password);
+  res.clearCookie('resetPasswordToken');
   res.status(httpStatus.NO_CONTENT).send();
 });
 
@@ -68,5 +71,6 @@ export const verifyEmailController = catchAsync(async (req: Request, res: Respon
   if (user) {
     await sendAccountCreated(user.email, user.name);
   }
+  res.clearCookie('verifyEmailToken');
   res.status(httpStatus.NO_CONTENT).send();
 });
diff --git a/src/Auth/auth.route.v1.ts b/src/Auth/auth.route.v1.ts
@@ -272,7 +272,7 @@ export default router;
  *     description: An email will be sent to verify email.
  *     tags: [Auth]
  *     security:
- *       - bearerAuth: []
+ *       - cookieAuth: []
  *     responses:
  *       "204":
  *         description: No content

diff --git a/src/Users/user.route.v1.ts b/src/Users/user.route.v1.ts
@@ -46,7 +46,7 @@ export default router;
  *     description: Only admins can create other users.
  *     tags: [Users]
  *     security:
- *       - bearerAuth: []
+ *       - cookieAuth: []
  *     requestBody:
  *       required: true
  *       content:
@@ -97,7 +97,7 @@ export default router;
  *     description: Only admins can retrieve all users.
  *     tags: [Users]
  *     security:
- *       - bearerAuth: []
+ *       - cookieAuth: []
  *     parameters:
  *       - in: query
  *         name: name
@@ -166,7 +166,7 @@ export default router;
  *     description: Logged in users can fetch only their own user information. Only admins can fetch other users.
  *     tags: [Users]
  *     security:
- *       - bearerAuth: []
+ *       - cookieAuth: []
  *     parameters:
  *       - in: path
  *         name: id
@@ -193,7 +193,7 @@ export default router;
  *     description: Logged in users can only update their own information. Only admins can update other users.
  *     tags: [Users]
  *     security:
- *       - bearerAuth: []
+ *       - cookieAuth: []
  *     parameters:
  *       - in: path
  *         name: id
@@ -244,7 +244,7 @@ export default router;
  *     description: Logged in users can delete only themselves. Only admins can delete other users.
  *     tags: [Users]
  *     security:
- *       - bearerAuth: []
+ *       - cookieAuth: []
  *     parameters:
  *       - in: path
  *         name: id

diff --git a/src/app.ts b/src/app.ts
@@ -13,6 +13,7 @@ import jwtStrategy from './config/passport';
 import authLimiter from './middlewares/rateLimiter';
 import ApiError from './utils/ApiError';
 import { errorConverter, errorHandler } from './middlewares/error';
+import routes from './routes';
 
 const app: Express = express();
 
@@ -53,6 +54,9 @@ if (config.env === 'production') {
   app.use('/v1/auth', authLimiter);
 }
 
+// v1 api routes
+app.use('/v1', routes);
+
 // send back a 404 error for any unknown api request
 app.use((req, res, next) => {
   next(new ApiError(httpStatus.NOT_FOUND, 'Not found'));

diff --git a/src/routes.ts b/src/routes.ts
@@ -0,0 +1,44 @@
+import express, { Router } from 'express';
+import authRoute from './Auth/auth.route.v1';
+import docsRoute from './swagger/swagger.route';
+import userRoute from './Users/user.route.v1';
+import config from './config/config';
+
+const router = express.Router();
+
+interface IRoute {
+  path: string;
+  route: Router;
+}
+
+const defaultIRoute: IRoute[] = [
+  {
+    path: '/auth',
+    route: authRoute,
+  },
+  {
+    path: '/users',
+    route: userRoute,
+  },
+];
+
+const devIRoute: IRoute[] = [
+  // IRoute available only in development mode
+  {
+    path: '/docs',
+    route: docsRoute,
+  },
+];
+
+defaultIRoute.forEach((route) => {
+  router.use(route.path, route.route);
+});
+
+/* istanbul ignore next */
+if (config.env === 'development') {
+  devIRoute.forEach((route) => {
+    router.use(route.path, route.route);
+  });
+}
+
+export default router;
diff --git a/src/swagger/components.yaml b/src/swagger/components.yaml
@@ -89,4 +89,8 @@ components:
     bearerAuth:
       type: http
       scheme: bearer
-      bearerFormat: JWT
+      bearerFormat: JWT
+    cookieAuth:
+      type: ApiKey
+      in: cookie
+      name: accessToken
diff --git a/src/tsconfig.json b/src/tsconfig.json
@@ -30,10 +30,7 @@
     // "baseUrl": "./",                                  /* Specify the base directory to resolve non-relative module names. */
     // "paths": {},                                      /* Specify a set of entries that re-map imports to additional lookup locations. */
     // "rootDirs": [],                                   /* Allow multiple folders to be treated as one when resolving modules. */
-    "typeRoots": [
-      "@types",
-      "./node_modules/@types",
-    ],                                  /* Specify multiple folders that act like `./node_modules/@types`. */
+    // "typeRoots": [],                                  /* Specify multiple folders that act like `./node_modules/@types`. */
     // "types": [],                                      /* Specify type package names to be included without being referenced in a source file. */
     // "allowUmdGlobalAccess": true,                     /* Allow accessing UMD globals from modules. */
     "resolveJsonModule": true,                        /* Enable importing .json files */
@@ -64,7 +61,7 @@
     // "newLine": "crlf",                                /* Set the newline character for emitting files. */
     // "stripInternal": true,                            /* Disable emitting declarations that have `@internal` in their JSDoc comments. */
     // "noEmitHelpers": true,                            /* Disable generating custom helper functions like `__extends` in compiled output. */
-    // "noEmitOnError": true,                            /* Disable emitting files if any type checking errors are reported. */
+    "noEmitOnError": true,                            /* Disable emitting files if any type checking errors are reported. */
     // "preserveConstEnums": true,                       /* Disable erasing `const enum` declarations in generated code. */
     // "declarationDir": "./",                           /* Specify the output directory for generated declaration files. */
     // "preserveValueImports": true,                     /* Preserve unused imported values in the JavaScript output that would otherwise be removed. */