greatbody
/
freeCodeCamp
mirror of https://github.com/freeCodeCamp/freeCodeCamp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

feat(api): allow client to signin/signout (#51679)

pull/51805/head
Oliver Eyton-Williams 2023-10-04 16:34:23 +02:00 committed by GitHub
parent d226f8634f
commit a23a92fb8a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 42 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
api/src/app.ts
View File

@ -30,7 +30,11 @@ import mailer from './plugins/mailer';
import redirectWithMessage from './plugins/redirect-with-message';
import security from './plugins/security';
import sessionAuth from './plugins/session-auth';
import { auth0Routes, devLoginCallback } from './routes/auth';
import {
auth0Routes,
devLoginCallback,
devLegacyAuthRoutes
} from './routes/auth';
import { challengeRoutes } from './routes/challenge';
import { deprecatedEndpoints } from './routes/deprecated-endpoints';
import { unsubscribeDeprecated } from './routes/deprecated-unsubscribe';
@ -208,6 +212,7 @@ export const build = async (
void fastify.register(auth0Routes, { prefix: '/auth' });
if (FCC_ENABLE_DEV_LOGIN_MODE) {
void fastify.register(devLoginCallback, { prefix: '/auth' });
void fastify.register(devLegacyAuthRoutes);
}
void fastify.register(challengeRoutes);
void fastify.register(settingRoutes);

39
api/src/routes/auth.ts
View File

@ -5,7 +5,7 @@ import {
} from 'fastify';
import { defaultUser } from '../utils/default-user';
import { AUTH0_DOMAIN } from '../utils/env';
import { AUTH0_DOMAIN, HOME_LOCATION } from '../utils/env';
declare module 'fastify' {
interface Session {
@ -53,7 +53,7 @@ const findOrCreateUser = async (fastify: FastifyInstance, email: string) => {
* user.
*
* @param fastify The Fastify instance.
* @param _options Fastify options I guess?
* @param _options Options passed to the plugin via `fastify.register(plugin, options)`.
* @param done Callback to signal that the logic has completed.
*/
// TODO: 1) use POST 2) make sure we prevent login CSRF
@ -78,7 +78,7 @@ export const devLoginCallback: FastifyPluginCallback = (
* Route handler for Auth0 authentication.
*
* @param fastify The Fastify instance.
* @param _options Fastify options I guess?
* @param _options Options passed to the plugin via `fastify.register(plugin, options)`.
* @param done Callback to signal that the logic has completed.
*/
// TODO: 1) use POST 2) make sure we prevent login CSRF
@ -95,3 +95,36 @@ export const auth0Routes: FastifyPluginCallback = (fastify, _options, done) => {
done();
};
/**
* Legacy route handler for development login. This mimics the behaviour of old
* api-server which the client depends on for authentication. The key difference
* is that this uses a different cookie (not jwt_access_token), and, if we want
* to use this for real, we will need to account for that.
*
* @deprecated
* @param fastify The Fastify instance.
* @param _options Options passed to the plugin via `fastify.register(plugin,
* options)`.
* @param done Callback to signal that the logic has completed.
*/
export const devLegacyAuthRoutes: FastifyPluginCallback = (
fastify,
_options,
done
) => {
fastify.get('/signin', async (req, reply) => {
const email = 'foo@bar.com';
const { id } = await findOrCreateUser(fastify, email);
req.session.user = { id };
await req.session.save();
await reply.redirect(HOME_LOCATION + '/learn');
});
fastify.get('/signout', async (req, reply) => {
await req.session.destroy();
await reply.redirect(HOME_LOCATION + '/learn');
});
done();
};