peter.babic
/
demo-graphql-oauth
mirror of https://github.com/peterbabic/demo-graphql-oauth
0
0
Fork 0
Code Issues Projects Releases Wiki Activity

remove AccessToken object type

Browse Source 
acces token expiration can be calculated from the payload
master
Peter Babič 5 years ago
parent 02ec7d31a8
commit a3d44751f6
Signed by: peter.babic
GPG Key ID: 4BB075BC1884BA40
5 changed files with 8 additions and 31 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 9
      src/server.spec.ts
  2. 11
      src/server/UserResolver.spec.ts
  3. 3
      src/server/UserResolver.ts
  4. 11
      src/server/userResolver/AccessToken.ts
  5. 5
      src/server/userResolver/auth.ts

9
src/server.spec.ts
Unescape View File

@ -5,7 +5,6 @@ import { createConnection } from "typeorm"
import { createServer } from "./server" import { createServer } from "./server"
import { gqlToString } from "./server/schema" import { gqlToString } from "./server/schema"
import { testingConnectionOptions } from "./server/testing" import { testingConnectionOptions } from "./server/testing"
import { AccessToken } from "./server/userResolver/AccessToken"
import { verifiedRefreshTokenPayload } from "./server/userResolver/auth" import { verifiedRefreshTokenPayload } from "./server/userResolver/auth"
import { User } from "./server/userResolver/User" import { User } from "./server/userResolver/User"
import cookie = require("cookie") import cookie = require("cookie")
@ -22,7 +21,7 @@ describe("server should", () => {
const userId = createUserResponse.data.createUser.id const userId = createUserResponse.data.createUser.id
const accessTokenReponse = await rawRequest(gqlUri, gqlToString(accessTokenQuery)) const accessTokenReponse = await rawRequest(gqlUri, gqlToString(accessTokenQuery))
const accessToken: AccessToken = accessTokenReponse.data.accessToken const accessToken: string = accessTokenReponse.data.accessToken
const headers: Headers = accessTokenReponse.headers const headers: Headers = accessTokenReponse.headers
const cookieHeader = headers.get("set-cookie") as string const cookieHeader = headers.get("set-cookie") as string
const parsedCookie = cookie.parse(cookieHeader) const parsedCookie = cookie.parse(cookieHeader)
@ -33,7 +32,7 @@ describe("server should", () => {
const client = new GraphQLClient(gqlUri, { const client = new GraphQLClient(gqlUri, {
headers: { headers: {
Authorization: "Bearer " + accessToken.jwt, Authorization: "Bearer " + accessToken,
}, },
}) })
const meResponse = await client.rawRequest(gqlToString(meQuery)) const meResponse = await client.rawRequest(gqlToString(meQuery))
@ -91,9 +90,7 @@ const createUserMutation = gql`
const accessTokenQuery = gql` const accessTokenQuery = gql`
query { query {
accessToken(email: "auth@server.com", password: "password") { accessToken(email: "auth@server.com", password: "password")
jwt
}
} }
` `

11
src/server/UserResolver.spec.ts
Unescape View File

@ -7,7 +7,6 @@ import {
runInRollbackTransaction, runInRollbackTransaction,
testingConnectionOptions, testingConnectionOptions,
} from "./testing" } from "./testing"
import { AccessToken } from "./userResolver/AccessToken"
import { Context, signAccessToken, verifiedAccessTokenPayload } from "./userResolver/auth" import { Context, signAccessToken, verifiedAccessTokenPayload } from "./userResolver/auth"
import { User } from "./userResolver/User" import { User } from "./userResolver/User"
@ -72,13 +71,12 @@ describe("resolver of user", () => {
}).save() }).save()
const response = await callSchema(accessTokenQuery, contextWithCookie()) const response = await callSchema(accessTokenQuery, contextWithCookie())
const accessToken: AccessToken = response.data!.accessToken const accessToken: string = response.data!.accessToken
const jwtPayload = verifiedAccessTokenPayload(accessToken.jwt) const jwtPayload = verifiedAccessTokenPayload(accessToken)
const jwtLifetime = jwtPayload.exp! - jwtPayload.iat! const jwtLifetime = jwtPayload.exp! - jwtPayload.iat!
expect(jwtLifetime).toBeGreaterThanOrEqual(oneMinute) expect(jwtLifetime).toBeGreaterThanOrEqual(oneMinute)
expect(jwtLifetime).not.toBeGreaterThan(sixteenMinutes) expect(jwtLifetime).not.toBeGreaterThan(sixteenMinutes)
expect(jwtLifetime).toBe(accessToken.jwtExpiry)
expect(jwtPayload.userId).toBe(user.id) expect(jwtPayload.userId).toBe(user.id)
expect(response.errors).toBeUndefined() expect(response.errors).toBeUndefined()
}) })
@ -145,10 +143,7 @@ const usersQuery = gql`
` `
const accessTokenQuery = gql` const accessTokenQuery = gql`
query { query {
accessToken(email: "access-token@user-resolver.com", password: "password") { accessToken(email: "access-token@user-resolver.com", password: "password")
jwt
jwtExpiry
}
} }
` `
const meQuery = gql` const meQuery = gql`

3
src/server/UserResolver.ts
Unescape View File

@ -1,6 +1,5 @@
import "reflect-metadata" import "reflect-metadata"
import { Arg, Authorized, Ctx, Mutation, Query } from "type-graphql" import { Arg, Authorized, Ctx, Mutation, Query } from "type-graphql"
import { AccessToken } from "./userResolver/AccessToken"
import { comparePasswords, Context, accessTokenWithRefreshCookie } from "./userResolver/auth" import { comparePasswords, Context, accessTokenWithRefreshCookie } from "./userResolver/auth"
import { User } from "./userResolver/User" import { User } from "./userResolver/User"
@ -10,7 +9,7 @@ export class UserResolver {
return await User.find() return await User.find()
} }
@Query(() => AccessToken) @Query(() => String)
async accessToken( async accessToken(
@Arg("email") email: string, @Arg("email") email: string,
@Arg("password") password: string, @Arg("password") password: string,

11
src/server/userResolver/AccessToken.ts
Unescape View File

@ -1,11 +0,0 @@
import "reflect-metadata"
import { Field, ObjectType } from "type-graphql"
@ObjectType()
export class AccessToken {
@Field()
jwt: string = ""
@Field()
jwtExpiry: number = 0
}

5
src/server/userResolver/auth.ts
Unescape View File

@ -2,7 +2,6 @@ import { argon2id, hash as argonHash, verify as argonVerify } from "argon2"
import { Request, Response } from "express" import { Request, Response } from "express"
import { sign as jwtSign, verify as jwtVerify } from "jsonwebtoken" import { sign as jwtSign, verify as jwtVerify } from "jsonwebtoken"
import { AuthChecker } from "type-graphql" import { AuthChecker } from "type-graphql"
import { AccessToken } from "./AccessToken"
export const hashPassword = async (password: string) => export const hashPassword = async (password: string) =>
await argonHash(password, { type: argon2id }) await argonHash(password, { type: argon2id })
@ -44,9 +43,7 @@ export const verifiedRefreshTokenPayload = (token: string) => {
} }
export const accessTokenWithRefreshCookie = (userId: number, res: Response) => { export const accessTokenWithRefreshCookie = (userId: number, res: Response) => {
const accessToken = new AccessToken() const accessToken = signAccessToken({ userId })
accessToken.jwt = signAccessToken({ userId })
accessToken.jwtExpiry = parseInt(process.env.ACCESS_EXPIRY as string)
const refreshExpiryMs = parseInt(process.env.REFRESH_EXPIRY as string) * 1000 const refreshExpiryMs = parseInt(process.env.REFRESH_EXPIRY as string) * 1000
res.cookie("rt", signRefreshToken({ userId }), { res.cookie("rt", signRefreshToken({ userId }), {

Write Preview
Loading…
Cancel
Save