mirror of
https://github.com/Unleash/unleash.git
synced 2025-02-09 00:18:00 +01:00
0b18491237
## What This adds openapi documentation for the Auth tagged operations and connected schemas. ## Discussion points Our user schema seems to be exposing quite a bit of internal fields, I flagged the isApi field as deprecated, I can imagine quite a few of these fields also being deprecated to prepare for removal in next major version, but I was unsure which ones were safe to do so with. ## Observation We have some technical debt around the shape of the schema we're claiming we're returning and what we actually are returning. I believe @gastonfournier also observed this when we turned on validation for our endpoints. --------- Co-authored-by: Thomas Heartman <thomas@getunleash.ai>
74 lines
2.5 KiB
TypeScript
74 lines
2.5 KiB
TypeScript
import { Response } from 'express';
|
|
import { OpenApiService } from '../../services/openapi-service';
|
|
import { Logger } from '../../logger';
|
|
import { IUnleashConfig } from '../../server-impl';
|
|
import UserService from '../../services/user-service';
|
|
import { IUnleashServices } from '../../types';
|
|
import { NONE } from '../../types/permissions';
|
|
import Controller from '../controller';
|
|
import { IAuthRequest } from '../unleash-types';
|
|
import { createRequestSchema } from '../../openapi/util/create-request-schema';
|
|
import { createResponseSchema } from '../../openapi/util/create-response-schema';
|
|
import { userSchema, UserSchema } from '../../openapi/spec/user-schema';
|
|
import { LoginSchema } from '../../openapi/spec/login-schema';
|
|
import { serializeDates } from '../../types/serialize-dates';
|
|
import { getStandardResponses } from '../../openapi';
|
|
|
|
export class SimplePasswordProvider extends Controller {
|
|
private logger: Logger;
|
|
|
|
private openApiService: OpenApiService;
|
|
|
|
private userService: UserService;
|
|
|
|
constructor(
|
|
config: IUnleashConfig,
|
|
{
|
|
userService,
|
|
openApiService,
|
|
}: Pick<IUnleashServices, 'userService' | 'openApiService'>,
|
|
) {
|
|
super(config);
|
|
this.logger = config.getLogger('/auth/password-provider.js');
|
|
this.openApiService = openApiService;
|
|
this.userService = userService;
|
|
|
|
this.route({
|
|
method: 'post',
|
|
path: '/login',
|
|
handler: this.login,
|
|
permission: NONE,
|
|
middleware: [
|
|
openApiService.validPath({
|
|
tags: ['Auth'],
|
|
summary: 'Log in',
|
|
description:
|
|
'Logs in the user and creates an active session',
|
|
operationId: 'login',
|
|
requestBody: createRequestSchema('loginSchema'),
|
|
responses: {
|
|
200: createResponseSchema('userSchema'),
|
|
...getStandardResponses(401),
|
|
},
|
|
}),
|
|
],
|
|
});
|
|
}
|
|
|
|
async login(
|
|
req: IAuthRequest<void, void, LoginSchema>,
|
|
res: Response<UserSchema>,
|
|
): Promise<void> {
|
|
const { username, password } = req.body;
|
|
|
|
const user = await this.userService.loginUser(username, password);
|
|
req.session.user = user;
|
|
this.openApiService.respondWithValidation(
|
|
200,
|
|
res,
|
|
userSchema.$id,
|
|
serializeDates(user),
|
|
);
|
|
}
|
|
}
|