Makespace
diff --git a/‎src/authentication/auth-routes.ts‎
Lines changed: 6 additions & 31 deletions b/‎src/authentication/auth-routes.ts‎
Lines changed: 6 additions & 31 deletions
diff --git a/‎src/authentication/create-signed-token.ts‎
Lines changed: 7 additions & 0 deletions b/‎src/authentication/create-signed-token.ts‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎src/authentication/handlers.ts‎
Lines changed: 0 additions & 156 deletions b/‎src/authentication/handlers.ts‎
Lines changed: 0 additions & 156 deletions
diff --git a/‎src/authentication/index.ts‎
Lines changed: 3 additions & 3 deletions b/‎src/authentication/index.ts‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/authentication/check-your-mail.ts‎ ‎…/authentication/login/check-your-mail.ts‎src/authentication/check-your-mail.ts renamed to src/authentication/login/check-your-mail.ts
Lines changed: 4 additions & 4 deletions b/‎src/authentication/check-your-mail.ts‎ ‎…/authentication/login/check-your-mail.ts‎src/authentication/check-your-mail.ts renamed to src/authentication/login/check-your-mail.ts
Lines changed: 4 additions & 4 deletions
diff --git a/‎…/authentication/get-user-from-session.ts‎ ‎…ntication/login/get-user-from-session.ts‎src/authentication/get-user-from-session.ts renamed to src/authentication/login/get-user-from-session.ts
Lines changed: 2 additions & 2 deletions b/‎…/authentication/get-user-from-session.ts‎ ‎…ntication/login/get-user-from-session.ts‎src/authentication/get-user-from-session.ts renamed to src/authentication/login/get-user-from-session.ts
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/authentication/login/handlers.ts‎
Lines changed: 81 additions & 0 deletions b/‎src/authentication/login/handlers.ts‎
Lines changed: 81 additions & 0 deletions
diff --git a/‎src/authentication/login/invalid-link.ts‎
Lines changed: 22 additions & 0 deletions b/‎src/authentication/login/invalid-link.ts‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎src/authentication/log-in-page.ts‎ ‎src/authentication/login/log-in-page.ts‎src/authentication/log-in-page.ts renamed to src/authentication/login/log-in-page.ts
Lines changed: 2 additions & 2 deletions b/‎src/authentication/log-in-page.ts‎ ‎src/authentication/login/log-in-page.ts‎src/authentication/log-in-page.ts renamed to src/authentication/login/log-in-page.ts
Lines changed: 2 additions & 2 deletions
@@ -1,16 +1,9 @@
 import {Dependencies} from '../dependencies';
 import {Config} from '../configuration';
-import {html, Safe, safe} from '../types/html';
-import {Route, get, post} from '../types/route';
-import {
-  auth,
-  landing,
-  callback,
-  invalidLink,
-  logIn,
-  logOut,
-  verifyEmailCallback,
-} from './handlers';
+import {Safe, safe} from '../types/html';
+import {Route} from '../types/route';
+import { routes as verifyEmailRoutes } from './verify-email/routes';
+import { loginRoutes } from './login/routes';
 
 export const logInPath: Safe = safe('/log-in');
 const invalidLinkPath = '/auth/invalid-magic-link';
@@ -21,25 +14,7 @@ export const authRoutes = (
   conf: Config
 ): ReadonlyArray<Route> => {
   return [
-    get(logInPath, logIn(deps)),
-    get('/log-out', logOut),
-    post('/auth', auth),
-    get('/auth', (_req, res) => res.redirect(logInPath)),
-    get('/auth/landing', landing('/auth/callback')),
-    get('/auth/callback', callback(invalidLinkPath)),
-    get(invalidLinkPath, invalidLink(logInPath)),
-    get('/auth/verify-email/landing', landing('/auth/verify-email/callback')),
-    get(
-      '/auth/verify-email/callback',
-      verifyEmailCallback(deps, conf, invalidVerificationLinkPath)
-    ),
-    get(
-      invalidVerificationLinkPath,
-      invalidLink(
-        logInPath,
-        html`The verification link you have used is (no longer) valid. Go
-          back to the <a href=${logInPath}>log in</a> page.`
-      )
-    ),
+    ...loginRoutes(deps, conf),
+    ...verifyEmailRoutes(deps, conf),
   ];
 };
@@ -0,0 +1,7 @@
+import jwt from 'jsonwebtoken';
+import {Config} from '../configuration';
+
+export const createSignedToken =
+  (conf: Config) =>
+  (payload: object): string =>
+    jwt.sign(payload, conf.TOKEN_SECRET, {expiresIn: '10m'});
@@ -1,6 +1,6 @@
-export {magicLink} from './magic-link';
+export {magicLink} from './login/magic-link';
 export {authRoutes} from './auth-routes';
-export {getUserFromSession} from './get-user-from-session';
-export {startMagicLinkEmailPubSub} from './start-magic-link-email-pub-sub';
+export {getUserFromSession} from './login/get-user-from-session';
+export {startMagicLinkEmailPubSub} from './login/start-magic-link-email-pub-sub';
 export {sessionOptions as sessionConfig} from './session-config';
 export {cookieSessionPassportWorkaround} from './cookie-session-passport-workaround';
@@ -1,8 +1,8 @@
 import {pipe} from 'fp-ts/lib/function';
-import {isolatedPageTemplate} from '../templates/page-template';
-import {html, safe, sanitizeString} from '../types/html';
-import {EmailAddress} from '../types';
-import {normaliseEmailAddress} from '../read-models/shared-state/normalise-email-address';
+import {isolatedPageTemplate} from '../../templates/page-template';
+import {html, safe, sanitizeString} from '../../types/html';
+import {EmailAddress} from '../../types';
+import {normaliseEmailAddress} from '../../read-models/shared-state/normalise-email-address';
 
 export const checkYourMailPage = (submittedEmailAddress: EmailAddress) =>
   pipe(
 
@@ -1,9 +1,9 @@
 import {flow, pipe} from 'fp-ts/lib/function';
 import * as t from 'io-ts';
-import {User} from '../types';
+import {User} from '../../types';
 import * as E from 'fp-ts/Either';
 import * as O from 'fp-ts/Option';
-import {Dependencies} from '../dependencies';
+import {Dependencies} from '../../dependencies';
 import {formatValidationErrors} from 'io-ts-reporters';
 
 const SessionCodec = t.strict({
 
@@ -0,0 +1,81 @@
+import {RequestHandler} from 'express';
+import {Request, Response} from 'express';
+import {pipe} from 'fp-ts/lib/function';
+import {parseEmailAddressFromBody} from './parse-email-address-from-body';
+import * as E from 'fp-ts/Either';
+import * as O from 'fp-ts/Option';
+import {publish} from 'pubsub-js';
+import passport from 'passport';
+import {magicLink} from './magic-link';
+import {logInPage} from './log-in-page';
+import {checkYourMailPage} from './check-your-mail';
+import {oopsPage, isolatedPageTemplate} from '../../templates';
+import {StatusCodes} from 'http-status-codes';
+import {getUserFromSession} from './get-user-from-session';
+import {Dependencies} from '../../dependencies';
+import {
+  html,
+  HtmlSubstitution,
+  CompleteHtmlDocument,
+  sanitizeString,
+  safe,
+} from '../../types/html';
+
+export const logIn =
+  (deps: Dependencies) =>
+  (req: Request, res: Response<CompleteHtmlDocument>) => {
+    pipe(
+      req.session,
+      getUserFromSession(deps),
+      O.match(
+        () => {
+          res.status(StatusCodes.OK).send(logInPage);
+        },
+        _user => res.redirect('/')
+      )
+    );
+  };
+
+export const logOut = (req: Request, res: Response<CompleteHtmlDocument>) => {
+  req.session = null;
+  res.redirect('/');
+};
+
+export const auth = (req: Request, res: Response<CompleteHtmlDocument>) => {
+  pipe(
+    req.body,
+    parseEmailAddressFromBody,
+    E.mapLeft(() => "You entered something that isn't a valid email address"),
+    E.matchW(
+      msg =>
+        res.status(StatusCodes.BAD_REQUEST).send(oopsPage(sanitizeString(msg))),
+      email => {
+        publish('send-log-in-link', email);
+        res.status(StatusCodes.ACCEPTED).send(checkYourMailPage(email));
+      }
+    )
+  );
+};
+
+export const landing = (req: Request, res: Response<CompleteHtmlDocument>) => {
+  const index = req.originalUrl.indexOf('?');
+  const suffix = index === -1 ? '' : req.originalUrl.slice(index);
+  const url = '/auth/callback' + suffix;
+  res.status(StatusCodes.OK).send(
+    isolatedPageTemplate(sanitizeString('Redirecting...'))(html`
+      <!doctype html>
+      <html>
+        <head>
+          <meta http-equiv="refresh" content="0; url='${safe(url)}'" />
+        </head>
+        <body></body>
+      </html>
+    `)
+  );
+};
+
+export const callback = (invalidLinkPath: string) =>
+  passport.authenticate(magicLink.name, {
+    failureRedirect: invalidLinkPath,
+    successRedirect: '/',
+  }) as RequestHandler;
@@ -0,0 +1,22 @@
+import {Request, Response} from 'express';
+import {oopsPage} from '../../templates';
+import {StatusCodes} from 'http-status-codes';
+import {
+  html,
+  HtmlSubstitution,
+  CompleteHtmlDocument,
+} from '../../types/html';
+
+
+export const invalidLink =
+  (logInPath: HtmlSubstitution) =>
+  (req: Request, res: Response<CompleteHtmlDocument>) => {
+    res
+      .status(StatusCodes.UNAUTHORIZED)
+      .send(
+        oopsPage(
+          html`The link you have used is (no longer) valid. Go back to the
+            <a href=${logInPath}>log in</a> page.`
+        )
+      );
+  };
@@ -1,6 +1,6 @@
 import {pipe} from 'fp-ts/lib/function';
-import {html, safe} from '../types/html';
-import {isolatedPageTemplate} from '../templates/page-template';
+import {html, safe} from '../../types/html';
+import {isolatedPageTemplate} from '../../templates/page-template';
 
 export const logInPage = pipe(
   html`