josh/Vector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7c0d422228f44192c91637c3ea16128147a8276e
Vector/apps/api/src/controllers/auth.ts
T
josh 7c0d422228
CI / Lint · Typecheck · Test · Build (push) Failing after 5m41s
Details
CI / Playwright (smoke) (push) Has been skipped
Details
chore: initial Vector 2.0 monorepo 
Ground-up TypeScript rewrite of the Vector hardware parts inventory
system. Ships the full roadmap (Phases 0-8) in one initial commit:

- pnpm + Turbo monorepo: apps/{api,web,e2e}, packages/{db,shared,ui,config}
- Express 5 + Prisma 5 + zod validation + JWT w/ refresh-token rotation
- React 19 + Vite + shadcn/ui + TanStack Query/Table + nuqs URL state
- Repair/RMA, tags, bulk ops, saved views, CSV audit export
- Analytics dashboard on Recharts + EOL tracking
- Signed webhook subscriptions (HMAC-SHA256) with in-process emitter
- Vitest unit tests (shared schemas, api services/helpers) + Playwright skeleton
- Gitea Actions CI (lint, typecheck, test+coverage, build) + Renovate

Deferred follow-ups: Postgres cutover (data-migration script ready),
BullMQ worker for webhook delivery, @react-pdf PDF export, CSV import wizard.
2026-04-16 20:52:32 -04:00

84 lines
2.5 KiB
TypeScript
Raw Blame History

import type { CookieOptions, NextFunction, Request, Response } from 'express';
import { prisma } from '@vector/db';
import type { LoginRequest } from '@vector/shared';
import { env } from '../env.js';
import * as authService from '../services/auth.js';
import { issueCsrfToken } from '../middleware/csrf.js';
import { errors } from '../lib/http-error.js';
const accessCookieOpts: CookieOptions = {
httpOnly: true,
sameSite: 'lax',
secure: env.NODE_ENV === 'production',
path: '/',
maxAge: authService.ACCESS_TOKEN_TTL_MS,
};
const refreshCookieOpts: CookieOptions = {
httpOnly: true,
sameSite: 'lax',
secure: env.NODE_ENV === 'production',
path: '/api/auth',
maxAge: authService.REFRESH_TOKEN_TTL_MS,
};
function setAuthCookies(res: Response, tokens: authService.AuthTokens) {
res.cookie('token', tokens.accessToken, accessCookieOpts);
res.cookie('refresh', tokens.refreshToken, refreshCookieOpts);
issueCsrfToken(res);
}
function clearAuthCookies(res: Response) {
res.clearCookie('token', { path: '/' });
res.clearCookie('refresh', { path: '/api/auth' });
res.clearCookie('csrf', { path: '/' });
}
export async function login(req: Request, res: Response, next: NextFunction) {
try {
const { username, password } = req.validated!.body as LoginRequest;
const { user, tokens } = await prisma.$transaction((tx) =>
authService.login(tx, username, password),
);
setAuthCookies(res, tokens);
res.json(user);
} catch (err) {
next(err);
}
}
export async function refresh(req: Request, res: Response, next: NextFunction) {
try {
const presented = req.cookies?.refresh;
if (!presented) throw errors.unauthorized('Missing refresh token');
const { user, tokens } = await prisma.$transaction((tx) =>
authService.rotate(tx, presented),
);
setAuthCookies(res, tokens);
res.json(user);
} catch (err) {
next(err);
}
}
export async function logout(req: Request, res: Response, next: NextFunction) {
try {
const presented = req.cookies?.refresh;
await prisma.$transaction((tx) => authService.revoke(tx, presented));
clearAuthCookies(res);
res.json({ message: 'Logged out' });
} catch (err) {
next(err);
}
}
export async function me(req: Request, res: Response, next: NextFunction) {
try {
const user = await prisma.user.findUnique({ where: { id: req.user!.id } });
if (!user) throw errors.unauthorized();
res.json({ id: user.id, username: user.username, email: user.email, role: user.role });
} catch (err) {
next(err);
}
}
Reference in New Issue View Git Blame Copy Permalink