Merge pull request #18 from CS3219-AY2425S1/PEER-251-Link-Auth-Endpoints

SeeuSim · web-flow · commit cb19e694a89b · 2024-09-26T13:20:01.000+08:00
PEER-251 Add ExpiresAt claim
diff --git a/backend/user/src/controllers/auth-check/index.ts b/backend/user/src/controllers/auth-check/index.ts
@@ -1,12 +1,21 @@
 import { StatusCodes } from 'http-status-codes';
 
-import { COOKIE_NAME, isCookieValid } from '@/lib/cookies';
+import { COOKIE_NAME, decodeCookie, isCookieValid } from '@/lib/cookies';
 import { IRouteHandler } from '@/types';
+import { logger } from '@/lib/utils';
 
 export const checkIsAuthed: IRouteHandler = async (req, res) => {
   const cookie: string | undefined = req.cookies[COOKIE_NAME];
   if (cookie && isCookieValid(cookie)) {
-    return res.status(StatusCodes.OK).json('OK');
+    const decoded = decodeCookie(cookie);
+    const expireTimeInMillis = decoded.exp * 1000;
+    logger.info(
+      '[/auth-check/check-is-authed]: Expires At ' + new Date(expireTimeInMillis).toLocaleString()
+    );
+    return res.status(StatusCodes.OK).json({
+      message: 'OK',
+      expiresAt: expireTimeInMillis,
+    });
   }
   return res.status(StatusCodes.UNAUTHORIZED).json('Unauthorised');
 };
diff --git a/backend/user/src/lib/cookies/index.ts b/backend/user/src/lib/cookies/index.ts
@@ -15,8 +15,19 @@ export const isCookieValid = (cookie: string) => {
   });
 };
 
+export type CookiePayload = {
+  id: string;
+};
+
+type CookieType<T> = T & {
+  iat: number;
+  exp: number;
+};
+
 export const decodeCookie = (cookie: string) => {
-  return jwt.decode(cookie);
+  const decoded = jwt.decode(cookie) as CookieType<CookiePayload>;
+
+  return decoded;
 };
 
 // TODO: Insert proper cookie validity logic and middleware
diff --git a/backend/user/src/services/auth/login.ts b/backend/user/src/services/auth/login.ts
@@ -3,7 +3,7 @@ import { StatusCodes } from 'http-status-codes';
 
 import { db, users } from '@/lib/db';
 import type { ILoginPayload, ILoginResponse } from './types';
-import { generateCookie } from '@/lib/cookies';
+import { CookiePayload, generateCookie } from '@/lib/cookies';
 import { getIsPasswordValid } from '@/lib/passwords';
 
 const _FAILED_ATTEMPTS_ALLOWED = 3;
@@ -74,7 +74,7 @@ export const loginService = async (payload: ILoginPayload): Promise<ILoginRespon
       unlockTime: null,
     });
   }
-  const jwtToken = generateCookie({ id: user.id });
+  const jwtToken = generateCookie<CookiePayload>({ id: user.id });
   return {
     code: StatusCodes.OK,
     data: {
diff --git a/frontend/src/components/blocks/route-guard.tsx b/frontend/src/components/blocks/route-guard.tsx
@@ -27,8 +27,10 @@ export const loader =
         queryFn: async () => {
           return await checkIsAuthed();
         },
-        staleTime: (_query) => {
-          return 1000 * 60 * 30;
+        staleTime: ({ state: { data } }) => {
+          const now = new Date();
+          const expiresAt = data?.expiresAt ?? now;
+          return Math.max(expiresAt.getTime() - now.getTime(), 0);
         },
       }),
       authedRoute: authedRoutes.includes(path),
@@ -43,7 +45,7 @@ export const RouteGuard = () => {
       <Await resolve={data}>
         {({ isAuthed, authedRoute, path }) => {
           usePageTitle(path);
-          return isAuthed ? (
+          return isAuthed.isAuthed ? (
             authedRoute ? (
               // Route is authed and user is authed - proceed
               <Outlet />
diff --git a/frontend/src/lib/query-client.ts b/frontend/src/lib/query-client.ts
@@ -1,10 +1,10 @@
 import { QueryClient } from '@tanstack/react-query';
 
-const ONE_SECOND_IN_MILLIS = 1000;
+// const ONE_SECOND_IN_MILLIS = 1000;
 export const queryClient = new QueryClient({
-  defaultOptions: {
-    queries: {
-      staleTime: 10 * ONE_SECOND_IN_MILLIS,
-    },
-  },
+  // defaultOptions: {
+  //   queries: {
+  //     staleTime: 10 * ONE_SECOND_IN_MILLIS,
+  //   },
+  // },
 });
diff --git a/frontend/src/services/user-service.ts b/frontend/src/services/user-service.ts
@@ -33,9 +33,18 @@ export const checkIsAuthed = (param?: { signal: AbortSignal }) => {
     .catch((err) => {
       if (err !== null) {
         console.error(err);
+        return { status: HttpStatusCode.Unauthorized, data: undefined };
       }
     })
-    .then((response) => {
-      return response?.status === HttpStatusCode.Ok;
+    .then(async (response) => {
+      if (response && response.status < 400) {
+        return {
+          isAuthed: true,
+          expiresAt: response.data ? new Date(response.data.expiresAt) : new Date(),
+        };
+      }
+      return {
+        isAuthed: false,
+      };
     });
 };
