auth-service/lib/controllers/auth.ts

import { StatusCodes } from 'http-status-codes';
import Koa from 'koa';
import Router from 'koa-router';
import { StringSchemaDefinition } from 'mongoose';

import { Auth } from '@mifi/auth-db/lib';
import { deleteStrategy } from '@mifi/auth-db/lib/api/deleteStrategy';
import { resetPasswordGet } from '@mifi/auth-db/lib/api/resetPasswordGet';
import { resetPasswordPost } from '@mifi/auth-db/lib/api/resetPasswordPost';
import { create } from '@mifi/auth-db/lib/dao/create';
import { deleteById } from '@mifi/auth-db/lib/dao/deleteById';
import { AuthDocument } from '@mifi/auth-db/lib/schema/auth';

import { ROUTE_PREFIX as prefix, RESET_ROUTE } from '../constants/env';
import passport from '../passport';
import { ErrorCodes, getErrorBody } from '../constants/errors';
import { authenticated } from '../middleware/authenication';

const routerOpts: Router.IRouterOptions = { prefix };
const router: Router = new Router(routerOpts);

router.get('/info', (ctx) => {
    ctx.body = {
        service: process.env.SERVICE_NAME,
    };
});

router.post('/', async (ctx) => {
    console.log('POST: /auth [ctx]', ctx);
    const data = await create(<AuthDocument & { password: string }>ctx.request.body).catch((err) =>
        console.error('POST: /auth [err]', err),
    );
    console.log('POST: /auth [data]', data);
    ctx.body = { success: !!data, data };
});

router.delete('/strategy/:id', async (ctx) => {
    ctx.body = { success: await deleteStrategy(ctx.params.id as StringSchemaDefinition) };
});

router.delete('/:id', async (ctx) => {
    ctx.body = { success: await deleteById(ctx.params.id as StringSchemaDefinition) };
});

router.post('/login', async (ctx, next) => {
    return passport.authenticate('local', (err, user) => {
        ctx.body = user;
        return user ? ctx.login(user) : ctx.throw(StatusCodes.UNAUTHORIZED);
    })(ctx, next);
});

router.post(process.env.RESET_ROUTE || RESET_ROUTE, async (ctx) => {
    const { password, token, username } = ctx.request.body as { token?: string; password?: string; username?: string };
    let response: false | { record: StringSchemaDefinition; token: string } = false;

    if (username) {
        response = await resetPasswordGet(username);
    } else if (token && password) {
        response = await resetPasswordPost(token, password);
    }

    ctx.body = { success: !!response, ...(response || getErrorBody(ErrorCodes.RESET_REQUEST_DATA)) };

    if (!response) {
        ctx.throw(StatusCodes.BAD_REQUEST);
    }
});

router.patch('/:record', authenticated(), (ctx: Koa.Context) => {
    if (ctx.user !== ctx.param.record) {
        ctx.throw(StatusCodes.UNAUTHORIZED);
    }
    const data = Auth.findOneAndUpdate({ record: ctx.params.record });
    if (!data) {
        ctx.throw(StatusCodes.NOT_FOUND);
    }
    ctx.body = { success: true, data };
});

export { router as authRouter };