User Authentication Flow Works

2026-01-25 15:03:17 -06:00
parent 1bf0acdf39
commit e76caa68f1
22 changed files with 275 additions and 248 deletions
@@ -38,7 +38,7 @@ export const roles = {
    if (checkMoniker)
      throw new RoleError(
        "Moniker is already taken.",
-        "Another role with this moniker already exists in the databse."
+        "Another role with this moniker already exists in the databse.",
      );

    const id = cuid();
@@ -76,7 +76,7 @@ export const roles = {
   * @param identifier - Options for fetching a role.
   * @returns {RoleController} - Role Controller
   */
-  async fetch(identifier:string, opt?: { requestingUser?: UserController }) {
+  async fetch(identifier: string, opt?: { requestingUser?: UserController }) {
    const roleData = await prisma.role.findFirst({
      where: { OR: [{ id: identifier }, { moniker: identifier }] },
      include: {
@@ -98,11 +98,11 @@ export const roles = {
    if (
      opt?.requestingUser &&
      !(await opt.requestingUser.hasPermission(
-        this._buildPermissionNode(roleData.id, "read")
+        this._buildPermissionNode(roleData.id, "read"),
      ))
    )
      throw new InsufficientPermission(
-        "You do not have permission to access this role."
+        "You do not have permission to access this role.",
      );
    const controller = new RoleController(roleData);

@@ -123,20 +123,20 @@ export const roles = {
      include: { users: { include: { roles: true } } },
    });

-    roles. map((v:any) => collection.set(v.id, new RoleController(v)));
+    roles.map((v: any) => collection.set(v.id, new RoleController(v)));

    if (opt?.requestingUser) {
      const permittedRoles = await Promise.all(
        collection.map(async (v) =>
          (await opt.requestingUser?.hasPermission(
-            this._buildPermissionNode(v.id, "read")
+            this._buildPermissionNode(v.id, "read"),
          ))
            ? v.id
-            : null
-        )
+            : null,
+        ),
      );
      collection = collection.filter((v) =>
-        permittedRoles.filter((x) => x !== null).includes(v.id)
+        permittedRoles.filter((x) => x !== null).includes(v.id),
      );
    }

@@ -1,8 +1,6 @@
 import {
  prisma,
-  refreshTokenDuration,
  sessionDuration,
-  accessTokenDuration,
  accessTokenPrivateKey,
  refreshTokenPrivateKey,
 } from "../constants";
@@ -1,7 +1,12 @@
+import { ms } from "zod/locales";
 import { User } from "../../generated/prisma/client";
 import { prisma } from "../constants";
 import { SessionTokensObject } from "../controllers/SessionController";
 import UserController from "../controllers/UserController";
+import { fetchMicrosoftUser } from "../modules/fetchMicrosoftUser";
+import { events } from "../modules/globalEvents";
+import { sessions } from "./sessions";
+import * as msal from "@azure/msal-node";

 export const users = {
  /**
@@ -13,25 +18,22 @@ export const users = {
   * @summary It creates a user if one doesn't exist and will supply a session id
   *
   * @async
-   * @param ghCode - The code supplied in the callback url of a GitHub oAuth transaction
+   * @param authRequest - The code supplied in the callback url of the Microsoft oAuth transaction
   */
-/*   async authenticate(ghCode: string): Promise<SessionTokensObject> {
-    const token = await ghApp.oauth.createToken({ code: ghCode }).catch((e) => {
-      throw new AuthenticationError("Invalid OAuth code...");
-    });
-    const userOK = await ghApp.oauth.getUserOctokit({
-      token: token.authentication.token,
-    });
-    const ghUser = await userOK.request("GET /user");
+  async authenticate(
+    authRequest: msal.AuthenticationResult,
+  ): Promise<SessionTokensObject> {
+    let id = authRequest.uniqueId as string;
+
    let user =
-      (await this.fetchUser({ userId: ghUser.data.id })) ??
-      (await this.createUser(token.authentication.token));
+      (await this.fetchUser({ userId: id })) ??
+      (await this.createUser(authRequest.accessToken));

    const tokens = await sessions.create({ user });
    events.emit("user:authenticated", { user, tokens });

    return tokens;
-  }, */
+  },

  /**
   * Check to see if the user exists
@@ -59,8 +61,8 @@ export const users = {
      id: string;
      email: string;
      login: string;
-      userId: number;
-    }>
+      userId: string;
+    }>,
  ) {
    if (Object.keys(identifier).length == 0) return null;
    const userData = await prisma.user.findFirst({
@@ -79,28 +81,21 @@ export const users = {
  /**
   * Create a new user
   *
-   * This method will poll GitHub and get all the information on the user to then create the
+   * This method will poll Microsoft and get all the information on the user to then create the
   * record in our database. On top of that it also pushes it into the user cache.
   *
-   * @param token - The Github token provided by the auth method
+   * @param token - The Microsoft token provided by the auth method
   * @returns {Promise<UserController>} The new user controller for the user
   */
  async createUser(token: string): Promise<UserController> {
-    const ghUser = await (
-      await ghApp.oauth.getUserOctokit({ token })
-    ).request("GET /user");
-
-    const emails = await (
-      await ghApp.oauth.getUserOctokit({ token })
-    ).request("GET /user/emails");
+    const msData = await fetchMicrosoftUser(token);

    const newUser = await prisma.user.create({
      data: {
-        userId: ghUser.data.id,
-        email: emails.data[0].email,
-        image: ghUser.data.avatar_url,
-        name: ghUser.data.name,
-        login: ghUser.data.login,
+        userId: msData.id,
+        email: msData.mail,
+        name: `${msData.givenName} ${msData.surname}`,
+        login: msData.userPrincipalName,
        token,
      },
      include: { roles: true },