move authUrl fetch to backend

Co-authored-by: atu816 <[email protected]>
Co-authored-by: Yufa  <[email protected]>
Co-authored-by: Steven Geiger <[email protected]>

Author: 4 people

server/controllers/auth.controller.ts

@@ -1,68 +1,93 @@
-import jwt, { JwtPayload } from 'jsonwebtoken'
-import { RequestHandler } from "express"
-import log from "../logger/index"
-import { getGoogleAuthToken } from "../utils/getGoogleAuthToken"
-import { createUser, findUser } from "./user.controller"
-declare module "express-session" {
-    interface SessionData {
-        user: string;
-    }
+import jwt, { JwtPayload } from 'jsonwebtoken';
+import { RequestHandler } from 'express';
+import log from '../logger/index';
+import { getGoogleAuthToken } from '../utils/getGoogleAuthToken';
+import { createUser, findUser } from './user.controller';
+declare module 'express-session' {
+  interface SessionData {
+    user: string;
+  }
 }
 
-const client_url = process.env.NODE_ENV === 'development' ? process.env.DEV_CLIENT_ENDPOINT : process.env.CLIENT_ENDPOINT
+const client_url =
+  process.env.NODE_ENV === 'development'
+    ? process.env.DEV_CLIENT_ENDPOINT
+    : process.env.CLIENT_ENDPOINT;
 
 export const handleGoogleAuth: RequestHandler = async (req, res) => {
-    // get code from qs
-    const code = req.query.code as string
+  // get code from qs
+  const code = req.query.code as string;
 
-    try {
-        // get the id and access token w/ the code
-        const { id_token, access_token } = await getGoogleAuthToken({ code })
+  try {
+    // get the id and access token w/ the code
+    const { id_token, access_token } = await getGoogleAuthToken({ code });
 
-        //get user with tokens
-        const decodedUser = jwt.decode(id_token) as JwtPayload;
+    //get user with tokens
+    const decodedUser = jwt.decode(id_token) as JwtPayload;
 
-        if (!decodedUser.email_verified) {
-            req.session.destroy((err) => {
-                // res.redirect('localhost:8080/')
-                return res.status(403).send("Unable to authorize, google account is not verified.")
-            })
-        }
+    if (!decodedUser.email_verified) {
+      req.session.destroy((err) => {
+        // res.redirect('localhost:8080/')
+        return res
+          .status(403)
+          .send('Unable to authorize, google account is not verified.');
+      });
+    }
 
-        //insert or retrieve the user
-        const foundUser: any = await findUser(decodedUser.email)
-        // // if we did not find the user, create one
-        if (!foundUser) {
-            createUser([
-                decodedUser.sub,
-                decodedUser.name,
-                decodedUser.email,
-                decodedUser.picture
-            ])
-        }
-        const newUser = await findUser(decodedUser.email)
+    //insert or retrieve the user
+    const foundUser: any = await findUser(decodedUser.email);
+    // // if we did not find the user, create one
+    if (!foundUser) {
+      createUser([
+        decodedUser.sub,
+        decodedUser.name,
+        decodedUser.email,
+        decodedUser.picture,
+      ]);
+    }
+    const newUser = await findUser(decodedUser.email);
 
-        const user = await foundUser || newUser
+    const user = (await foundUser) || newUser;
 
-        // create an access token to be provided on every call user makes to backend
-        // expires in 1 day
-        const obj = { user: user[0], session: 'session' }
+    // create an access token to be provided on every call user makes to backend
+    // expires in 1 day
+    const obj = { user: user[0], session: 'session' };
 
-        // create a session
-        // refresh token expires in 1 day
-        const accessToken = jwt.sign(obj, process.env.TOKEN_KEY as string, { algorithm: 'HS256', expiresIn: '1d' })
+    // create a session
+    // refresh token expires in 1 day
+    const accessToken = jwt.sign(obj, process.env.TOKEN_KEY as string, {
+      algorithm: 'HS256',
+      expiresIn: '1d',
+    });
 
-        req.session.user = accessToken;
-        
-        log.info('Login successful, redirecting...')
-        
-        const queryStr = 'true'
-        
-        console.log(client_url)
-        res.redirect(301, `${client_url}/?success=` + queryStr)
+    req.session.user = accessToken;
 
-    } catch (error) {
-        log.error(error, "User authorization failed")
-        return res.redirect(301, `${client_url}/login`)
-    }
-}
+    log.info('Login successful, redirecting...');
+
+    const queryStr = 'true';
+
+    console.log(client_url);
+    res.redirect(301, `${client_url}/?success=` + queryStr);
+  } catch (error) {
+    log.error(error, 'User authorization failed');
+    return res.redirect(301, `${client_url}/login`);
+  }
+};
+
+export const getGoogleAuthUrl: RequestHandler = (req, res) => {
+  const base = 'https://accounts.google.com/o/oauth2/v2/auth';
+
+  const options = {
+    redirect_uri: process.env.GOOGLE_AUTH_CALLBACK as string,
+    client_id: '373965291205-utb8ih1hoeuf1g90okil5ju43tfdl3vs.apps.googleusercontent.com',
+    access_type: 'offline',
+    response_type: 'code',
+    prompt: 'consent',
+    scope: [
+      'https://www.googleapis.com/auth/userinfo.profile',
+      'https://www.googleapis.com/auth/userinfo.email',
+    ].join(' '),
+  };
+  const queryStr = new URLSearchParams(options);
+  return res.status(200).json(JSON.stringify(`${base}?${queryStr.toString()}`));
+};

server/routes/index.ts

@@ -1,5 +1,5 @@
 import { Express, Request, Response, NextFunction } from 'express';
-import { handleGoogleAuth } from '../controllers/auth.controller';
+import { handleGoogleAuth, getGoogleAuthUrl } from '../controllers/auth.controller';
 import {
   retrieveSchema,
   saveSchema,
@@ -53,6 +53,8 @@ const routes = async (app: Express) => {
 
   app.get('/api/oauth/google', handleGoogleAuth);
 
+  app.get('/api/googleAuthUrl', getGoogleAuthUrl);
+
   app.use('/api/sql/postgres', postgresRouter);
 
   app.use('/api/sql/mysql', mysqlRouter);

src/utils/getGoogleUrl.ts

@@ -1,23 +1,8 @@
-const getGoogleAuthUrl = () => {
-  const base = 'https://accounts.google.com/o/oauth2/v2/auth';
+import axios from 'axios';
 
-  const options = {
-    redirect_uri: 'http://dbspy-env-1.eba-jf24jfwb.us-west-2.elasticbeanstalk.com/',
-    client_id: '373965291205-utb8ih1hoeuf1g90okil5ju43tfdl3vs.apps.googleusercontent.com',
-    access_type: 'offline',
-    response_type: 'code',
-    prompt: 'consent',
-    scope: [
-      'https://www.googleapis.com/auth/userinfo.profile',
-      'https://www.googleapis.com/auth/userinfo.email',
-    ].join(' '),
-  };
-  const queryStr = new URLSearchParams(options);
-  return `${base}?${queryStr.toString()}`;
-};
-
-export const handleOAuthLogin = () => {
-  const url = getGoogleAuthUrl();
+export const handleOAuthLogin = async () => {
+  const res = await axios.get('/api/googleAuthUrl');
+  const url = JSON.parse(res.data);
   const strWindowFeatures =
     'toolbar=no, menubar=no, width=600, height=700, top=100, left=100';
   window.open(url, '_self', strWindowFeatures);