Merge branch 'feature/fagner/session-login' into development

harena-lab · Oct 18, 2020 · 3c3a196 · 3c3a196
2 parents e3144be + 9f4f506
commit 3c3a196
Show file tree

Hide file tree

Showing 6 changed files with 102 additions and 89 deletions.
diff --git a/src/adonisjs/app/Controllers/Http/AuthController.js b/src/adonisjs/app/Controllers/Http/AuthController.js
@@ -1,47 +1,87 @@
 'use strict'
 
-const Logger = use('Logger')
-
 const User = use('App/Models/v1/User')
+const Token = use('App/Models/v1/Token')
+const Logger = use('Logger')
 
 class AuthController {
-  async login ({ request, auth, response, session }) {
-    console.log('v2/session')
-    Logger.info('login attempt via v2/auth/login (SESSION)')
+  async checkToken ({ request, auth, response }) {
+    try {
+      // console.log('====Checking token...')
+      await auth.check()
+      response.json('token valid')
+      // console.log('====Token valid')
+    } catch (error) {
+      // console.log('====Token invalid')
+    }
+  }
+
+  async login ({ request, auth, response }) {
+    // console.log(request.all())
+    Logger.info('login attempt via v1/auth/login (JWT)')
+
+    let { email, password, refresh_token } = request.all()
+    console.log(password)
+    let user = ''
+    let token = ''
+
     try {
-      const { email, password } = request.all()
-      // if (await auth.remember(true).attempt(email, password)) {
-      if (await auth.remember(true).attempt(email, password)) {
-        console.log('------------------------------- attempt')
-        // console.log(session.all())
-
-        const user = await User.findBy('email', email)
-        // let token = await auth.generate(user)
-
-        // let authenticatedUser = new User()
-        // authenticatedUser.id = user.id
-        // authenticatedUser.email = user.email
-        // authenticatedUser.username = user.username
-
-        Object.assign(user, { adonisAuth: session.get('adonis-auth') })
-        // return response.json('Logged in successfully')
-
-        // let adonis_session = session.get('adonis-auth')
-        console.log(session.all())
-        // console.log(auth)
-        return response.json(user)
+      await auth.check()
+      return response.json('user is signed already')
+    } catch (e) {
+      // token expired
+      if (e.code == 'E_JWT_TOKEN_EXPIRED') {
+        token = await auth.generateForRefreshToken(refresh_token)
+
+        Object.entries(token).forEach(entry => {
+          if (entry[0] == 'refreshToken') {
+            refresh_token = entry[1]
+          }
+        })
+        Logger.info('expired token')
       }
+
+      // unloged user
+      if (e.code == 'E_INVALID_JWT_TOKEN') {
+        try {
+          token = await auth.withRefreshToken().attempt(email, password)
+          Logger.info('newly generated token')
+        } catch (e) {
+          console.log(e)
+        }
+      }
+
+      // generic error
+      if (token == '') { return response.status(e.status).json(e.message) }
+
+      user = await User.findBy('email', email)
+      Object.assign(user, token)
+
+      return response.json(user)
+    }
+  }
+
+  async login2 ({ request, auth, response }) {
+    try {
+      const refresh_token = request.input('access_code')
+
+      const token = await auth.generateForRefreshToken(refresh_token)
+      return response.json(token)
     } catch (e) {
       console.log(e)
-      return response.status(e.status).json({ message: e.message })
+      return response.status(500).json(e.message)
     }
   }
 
   async logout ({ auth, response }) {
     try {
-      await auth.logout()
+      Logger.info('logout attempt via v1/auth/logout (JWT)')
+
+      const refreshToken = auth.getAuthHeader()
+      // console.log(refreshToken);
+      await auth.revokeTokens(refreshToken)
 
-      return response.json('Logged out successfuly')
+      return response.json('successfull logout')
     } catch (e) {
       console.log(e)
       return response.status(500).json(e.message)

diff --git a/src/adonisjs/app/Controllers/Http/v1/AuthController.js b/src/adonisjs/app/Controllers/Http/v1/AuthController.js
@@ -1,87 +1,59 @@
 'use strict'
 
-const User = use('App/Models/v1/User')
-const Token = use('App/Models/v1/Token')
 const Logger = use('Logger')
 
+const User = use('App/Models/v1/User')
+
 class AuthController {
   async checkToken ({ request, auth, response }) {
     try {
-      console.log('====Checking token...')
+      // console.log('====Checking token...')
       await auth.check()
       response.json('token valid')
-      console.log('====Token valid')
+      // console.log('====Token valid')
     } catch (error) {
-      console.log('====Token invalid')
+      // console.log('====Token invalid')
     }
   }
 
-  async login ({ request, auth, response }) {
-    // console.log(request.all())
-    Logger.info('login attempt via v1/auth/login (JWT)')
-
-    let { email, password, refresh_token } = request.all()
-    console.log(password)
-    let user = ''
-    let token = ''
-
+  async login ({ request, auth, response, session }) {
+    console.log('v2/session')
+    Logger.info('login attempt via v2/auth/login (SESSION)')
+    const { email, password } = request.all()
     try {
-      await auth.check()
-      return response.json('user is signed already')
-    } catch (e) {
-      // token expired
-      if (e.code == 'E_JWT_TOKEN_EXPIRED') {
-        token = await auth.generateForRefreshToken(refresh_token)
+      if (await auth.remember(true).attempt(email, password)) {
+        console.log('------------------------------- attempt')
+        // console.log(session.all())
 
-        Object.entries(token).forEach(entry => {
-          if (entry[0] == 'refreshToken') {
-            refresh_token = entry[1]
-          }
-        })
-        Logger.info('expired token')
-      }
+        const user = await User.findBy('email', email)
 
-      // unloged user
-      if (e.code == 'E_INVALID_JWT_TOKEN') {
+        console.log(session.all())
+        return response.json(user)
+      }
+    } catch (e) {
+      if (e.code === 'E_CANNOT_LOGIN') {
         try {
-          token = await auth.withRefreshToken().attempt(email, password)
-          Logger.info('newly generated token')
+          console.log('=============== Another was session found, logging out old session')
+          await auth.logout()
+          if (await auth.remember(true).attempt(email, password)) {
+            console.log('=============== login in to current session')
+            const user = await User.findBy('email', email)
+            return response.json(user)
+          }
         } catch (e) {
           console.log(e)
         }
       }
-
-      // generic error
-      if (token == '') { return response.status(e.status).json(e.message) }
-
-      user = await User.findBy('email', email)
-      Object.assign(user, token)
-
-      return response.json(user)
-    }
-  }
-
-  async login2 ({ request, auth, response }) {
-    try {
-      const refresh_token = request.input('access_code')
-
-      const token = await auth.generateForRefreshToken(refresh_token)
-      return response.json(token)
-    } catch (e) {
       console.log(e)
-      return response.status(500).json(e.message)
+      return response.status(e.status).json({ message: e.message })
     }
   }
 
   async logout ({ auth, response }) {
     try {
-      Logger.info('logout attempt via v1/auth/logout (JWT)')
-
-      const refreshToken = auth.getAuthHeader()
-      // console.log(refreshToken);
-      await auth.revokeTokens(refreshToken)
+      await auth.logout()
 
-      return response.json('successfull logout')
+      return response.json('Logged out successfuly')
     } catch (e) {
       console.log(e)
       return response.status(500).json(e.message)

diff --git a/src/adonisjs/app/Controllers/Http/v1/CaseController.js b/src/adonisjs/app/Controllers/Http/v1/CaseController.js
@@ -49,6 +49,7 @@ class CaseController {
 
         const institution = await Institution.find(c.institution_id)
         c.institution = institution.acronym
+        c.institutionTitle = institution.title
 
         return response.json(c)
       } else return response.status(500).json('case not found')

diff --git a/src/adonisjs/config/auth.js b/src/adonisjs/config/auth.js
@@ -16,7 +16,7 @@ module.exports = {
   | Available Serializers - lucid, database
   |
   */
-  authenticator: 'jwt',
+  authenticator: 'session',
 
   /*
   |--------------------------------------------------------------------------

diff --git a/src/adonisjs/config/cors.js b/src/adonisjs/config/cors.js
@@ -14,9 +14,9 @@ module.exports = {
   | Array - An array of allowed origins
   | String: * - A wildcard to allow current request origin
   | Function - Receives the current origin and should return one of the above values.
-  |
+  |http://localhost:10010, http://localhost:10020
   */
-  origin: '*',
+  origin: true,
 
   /*
   |--------------------------------------------------------------------------

diff --git a/src/adonisjs/config/session.js b/src/adonisjs/config/session.js
@@ -65,7 +65,7 @@ module.exports = {
   */
   cookie: {
     httpOnly: true,
-    sameSite: false,
+    sameSite: true,
     path: '/'
     // domain: 'harena.com'
     // domain: Env.get('COOKIE_DOMAIN', null)