fix(auth): fix social authentication

Fix callback handling after confirmation from third party application

Author: Frantz Kati

examples/blog/app.js

@@ -13,6 +13,7 @@ module.exports = tensei()
     .dashboardPath('tensei')
     .resources([Tag, Post, User, Comment])
     .clientUrl('https://google.com')
+    .serverUrl('http://localhost:5000')
     .defaultStorageDriver('local')
     .routes([
         route('Get products')
@@ -75,18 +76,9 @@ module.exports = tensei()
         }),
     ])
     .databaseConfig({
-        type: 'mysql',
-        dbName: 'mikrotensei',
-        // debug: true,
-        // user: 'mikrotensei',
-        // password: 'password',
-
-        // type: 'sqlite',
-        // dbName: 'mikrotensei',
-
-        // type: 'postgresql',
-        // // debug: true,
-        // dbName: 'bahdcoder',
-        // user: 'bahdcoder',
-        // password: 'bahdcoder'
+        type: process.env.DATABASE_TYPE || 'mysql',
+        dbName: process.env.DATABASE_NAME || 'mikrotensei',
+        debug: process.env.DEBUG || false,
+        user: process.env.DATABASE_USER || 'mikrotensei',
+        password: process.env.DATABASE_PASSWORD || '',
     })

packages/auth/src/config.ts

@@ -25,6 +25,15 @@ export type SupportedSocialProviders =
     | 'twitter'
     | 'linkedin'
 
+export type AuthResources = {
+    user: ResourceContract
+    team: ResourceContract
+    role: ResourceContract
+    oauthIdentity: ResourceContract
+    permission: ResourceContract
+    teamInvite: ResourceContract
+    passwordReset: ResourceContract
+}
 export interface AuthPluginConfig {
     fields: FieldContract[]
     profilePictures: boolean
@@ -56,9 +65,6 @@ export interface AuthPluginConfig {
     providers: {
         [key: string]: GrantConfig
     }
-    resources: {
-        [key: string]: ResourceContract
-    }
 }
 
 export interface UserEntity extends AnyEntity {

packages/auth/src/controllers/SocialAuthCallbackController.ts

@@ -7,12 +7,20 @@ import { RequestHandler } from 'express'
 import purestConfig from '@purest/providers'
 import { TensieContext, PluginSetupConfig } from '@tensei/common'
 import AsyncHandler from 'express-async-handler'
-import { AuthPluginConfig, SupportedSocialProviders } from 'config'
+import {
+    AuthPluginConfig,
+    SupportedSocialProviders,
+    AuthResources
+} from '../config'
 
 const purest = Purest({ request: Request })
 
 class SocialAuthCallbackController {
-    public connect = (authConfig: AuthPluginConfig): RequestHandler =>
+    public connect = (
+        authConfig: AuthPluginConfig & {
+            resources: AuthResources
+        }
+    ): RequestHandler =>
         AsyncHandler(async (request, response) => {
             const { query, params, manager } = request
 

packages/auth/src/index.ts

@@ -31,6 +31,7 @@ import {
 import {
     AuthData,
     GrantConfig,
+    AuthResources,
     AuthPluginConfig,
     SupportedSocialProviders,
     defaultProviderScopes
@@ -59,15 +60,6 @@ type JwtPayload = {
     refresh?: boolean
 }
 
-type AuthResources = {
-    user: ResourceContract
-    team: ResourceContract
-    role: ResourceContract
-    oauthIdentity: ResourceContract
-    permission: ResourceContract
-    teamInvite: ResourceContract
-    passwordReset: ResourceContract
-}
 type AuthSetupFn = (resources: AuthResources) => any
 
 class Auth {
@@ -95,8 +87,7 @@ class Auth {
         verifyEmails: false,
         skipWelcomeEmail: false,
         rolesAndPermissions: false,
-        providers: {},
-        resources: {}
+        providers: {}
     }
 
     private resources: {
@@ -560,7 +551,10 @@ class Auth {
 
                     app.get(
                         `/${this.config.apiPath}/:provider/callback`,
-                        SocialAuthCallbackController.connect(this.config)
+                        SocialAuthCallbackController.connect({
+                            ...this.config,
+                            resources: this.resources
+                        })
                     )
                 }
 
@@ -809,9 +803,11 @@ class Auth {
                 .path(this.getApiPath('me'))
                 .get()
                 .handle(async ({ user }, { formatter: { ok, unauthorized } }) =>
-                    user && ! user.public ? ok(user) : unauthorized({
-                        message: 'Unauthorized.'
-                    })
+                    user && !user.public
+                        ? ok(user)
+                        : unauthorized({
+                              message: 'Unauthorized.'
+                          })
                 ),
             route(`Resend Verification email`)
                 .path(this.getApiPath('verification/resend'))
@@ -840,17 +836,20 @@ class Auth {
             route('Refresh Token')
                 .path(this.getApiPath('refresh-token'))
                 .post()
-                .handle(async (request, { formatter: { ok, unauthorized } }) => {
-                    try {
-                        return ok(
-                            await this.handleRefreshTokens(request as any)
-                        )
-                    } catch (error) {
-                        return unauthorized({
-                            message: error.message || 'Invalid refresh token.'
-                        })
+                .handle(
+                    async (request, { formatter: { ok, unauthorized } }) => {
+                        try {
+                            return ok(
+                                await this.handleRefreshTokens(request as any)
+                            )
+                        } catch (error) {
+                            return unauthorized({
+                                message:
+                                    error.message || 'Invalid refresh token.'
+                            })
+                        }
                     }
-                }),
+                ),
             route('Remove refresh Token')
                 .path(this.getApiPath('refresh-token'))
                 .delete()