OV-8: protect routing #33

Sanchousina · 2024-08-20T18:22:51Z

In this pr:

Merged OV-5: Add jwt token
Add authorization plugin to protect endpoints
Check jwt token from the header
Inject signed user to requests
Exclude sign-up and sign-in as white-routes

…V-8-protect-routing

…ting

anton-otroshchenko · 2024-08-21T07:20:41Z

backend/src/bundles/users/user.service.ts

+    public async findById(userId: number): Promise<UserEntity | null> {
+        return await this.userRepository.findById(userId);
+    }
+


Modify method find instead of adding this

Only in user service or in user repository as well?

Modified only in user service for now

please also modify it in the repository

anton-otroshchenko · 2024-08-21T07:21:10Z

backend/src/common/plugins/auth/auth-jwt.plugin.ts

+        const isRouteInWhiteList = options.routesWhiteList.includes(
+            request.url,
+        );


also check for method in whitelist because each route can have multiple methods

anton-otroshchenko · 2024-08-21T07:22:27Z

package.json

@@ -50,6 +50,7 @@
        "commit-msg": "npx commitlint --edit $1"
    },
    "dependencies": {
+        "fastify-plugin": "4.5.1",


add it as backend dependency

…V-8-protect-routing

anton-otroshchenko · 2024-08-21T16:34:02Z

backend/src/common/types/repository.type.ts

@@ -1,5 +1,5 @@
 type Repository<T = unknown> = {
-    find(): Promise<T>;
+    find(userId: number): Promise<T | null>;


Suggested change

find(userId: number): Promise<T | null>;

find(id: number): Promise<T | null>;

we would use this method not only in user repo if we want to find something by id

anton-otroshchenko · 2024-08-21T16:34:37Z

backend/src/common/types/service.type.ts

@@ -1,5 +1,5 @@
 type Service<T = unknown> = {
-    find(): Promise<T>;
+    find(userId: number): Promise<T | null>;


nikita-remeslov · 2024-08-23T09:42:07Z

backend/src/bundles/users/user.repository.ts

@@ -20,6 +22,12 @@ class UserRepository implements Repository {
        return user ? UserEntity.initialize(user) : null;
    }

+    // public async findById(userId: number): Promise<UserEntity | null> {


Sorry, I thought I deleted that already

nikita-remeslov · 2024-08-27T12:48:38Z

backend/src/common/types/repository.type.ts

@@ -1,5 +1,5 @@
 type Repository<T = unknown> = {
-    find(): Promise<T>;
+    find(id: number): Promise<T | null>;


we should accept any params here, or we should rename it to findById

Renamed it to findById

nikita-remeslov

check comment

…8-protect-routing

Sanchousina added 17 commits August 20, 2024 15:25

OV-8: + empty auth jwt plugin

8ce8243

OV-8: + register plugins

44b2532

OV-8: + dependencies

da1397e

OV-8: * merging with OV-5

5af5016

OV-8: + findById method to Repository type

9721153

OV-8: + findById method to Service type

89ec60b

OV-8: + findById method to user service and repository

b707dc3

OV-8: * userId to number

5e46444

OV-8: + http codes to http code enum

50245d6

OV-8: + hook and error messages enums for auth plugin

ee3a4e5

Merge remote-tracking branch 'origin/task/OV-5-JWT-token' into task/O…

508cd31

…V-8-protect-routing

OV-8: * export user entity

8eb1aae

OV-8: * implement auth jwt plugin

3561451

OV-8: + white routes constant

f034695

OV-8: * refactor checking for white route

36a220e

OV-8: * use white routes constant

9e4004b

OV-8: * extract fastify module augmentation into file

502aad9

Sanchousina added the BE Backend feature label Aug 20, 2024

Sanchousina added this to the Release 1.0 milestone Aug 20, 2024

Sanchousina self-assigned this Aug 20, 2024

Sanchousina requested review from nikita-remeslov, anton-otroshchenko and sofiia-trokhymchuk as code owners August 20, 2024 18:22

Sanchousina linked an issue Aug 20, 2024 that may be closed by this pull request

FEAT: Protect routing #8

Closed

3 tasks

Sanchousina changed the base branch from next to task/OV-5-JWT-token August 20, 2024 18:48

Merge remote-tracking branch 'origin/next' into task/OV-8-protect-rou…

a9e0c53

…ting

anton-otroshchenko requested changes Aug 21, 2024

View reviewed changes

Sanchousina added 3 commits August 21, 2024 15:47

OV-8: * modify find user method instead of adding findById

218665a

OV-8: * move dependencies to backend

2f9f951

OV-8: * white routes constant to include path method

9f17f91

Sanchousina added 5 commits August 21, 2024 16:35

OV-8: + route type

3aaf539

OV-8: * checking if route is in white list with method

dbfec2d

Merge remote-tracking branch 'origin/task/OV-5-JWT-token' into task/O…

5a24c65

…V-8-protect-routing

OV-8: + util function for checking route in white routes

b4fbbde

OV-8: * modify find method in user repository instead of findById

a88eca1

Sanchousina requested a review from anton-otroshchenko August 21, 2024 15:44

anton-otroshchenko requested changes Aug 21, 2024

View reviewed changes

OV-8: * use id instead of userId in types for repository and service

1ac2392

anton-otroshchenko approved these changes Aug 21, 2024

View reviewed changes

nikita-remeslov requested changes Aug 23, 2024

View reviewed changes

stefano-lacorazza force-pushed the task/OV-5-JWT-token branch from b44cde0 to 145f206 Compare August 23, 2024 12:26

OV-8: - remove commented code

0354932

Sanchousina requested a review from nikita-remeslov August 23, 2024 13:09

stefano-lacorazza force-pushed the task/OV-5-JWT-token branch 2 times, most recently from 080bcb2 to 1ce3a2e Compare August 25, 2024 21:41

sergiy4 approved these changes Aug 26, 2024

View reviewed changes

o-nedashkivska approved these changes Aug 26, 2024

View reviewed changes

nikita-remeslov approved these changes Aug 27, 2024

View reviewed changes

nikita-remeslov reviewed Aug 27, 2024

View reviewed changes

nikita-remeslov requested changes Aug 27, 2024

View reviewed changes

Sanchousina added 2 commits August 27, 2024 15:21

OV-8: * rename find to findById in service and repository

e9b8425

Merge remote-tracking branch origin/task/OV-5-JWT-token into task/OV-…

9e20e1c

…8-protect-routing

Sanchousina requested a review from nikita-remeslov August 27, 2024 16:11

nikita-remeslov merged commit f826db6 into task/OV-5-JWT-token Aug 28, 2024
1 check passed

nikita-remeslov deleted the task/OV-8-protect-routing branch August 28, 2024 10:05

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OV-8: protect routing #33

OV-8: protect routing #33

Sanchousina commented Aug 20, 2024 •

edited

Loading

anton-otroshchenko Aug 21, 2024

Sanchousina Aug 21, 2024

Sanchousina Aug 21, 2024

anton-otroshchenko Aug 21, 2024

Sanchousina Aug 21, 2024

anton-otroshchenko Aug 21, 2024

Sanchousina Aug 21, 2024

anton-otroshchenko Aug 21, 2024

Sanchousina Aug 21, 2024

anton-otroshchenko Aug 21, 2024 •

edited

Loading

anton-otroshchenko Aug 21, 2024

nikita-remeslov Aug 23, 2024

Sanchousina Aug 23, 2024

nikita-remeslov Aug 27, 2024

Sanchousina Aug 27, 2024

nikita-remeslov left a comment

	find(userId: number): Promise<T \| null>;
	find(id: number): Promise<T \| null>;

OV-8: protect routing #33

OV-8: protect routing #33

Conversation

Sanchousina commented Aug 20, 2024 • edited Loading

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

anton-otroshchenko Aug 21, 2024 • edited Loading

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

nikita-remeslov left a comment

Choose a reason for hiding this comment

Sanchousina commented Aug 20, 2024 •

edited

Loading

anton-otroshchenko Aug 21, 2024 •

edited

Loading