Skip to content

Commit 3867050

Browse files
pradelpradel
authored
Merge pull request #156 from accounts-js/feature/token-session
use random tokens instead of sessionId inside sessions
2 parents 8cd6265 + 3393a01 commit 3867050

File tree

8 files changed

+105
-78
lines changed

8 files changed

+105
-78
lines changed

.gitignore

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,8 @@ lib/
22
node_modules/
33
coverage/
44
npm-debug.log
5-
.idea
65
lerna-debug.log
6+
yarn-error.log
7+
.idea
78
.vscode
89
packages/*/package-lock.json

packages/common/src/types.ts

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,8 +49,9 @@ export interface ImpersonateReturnType {
4949
}
5050

5151
export interface SessionType {
52-
sessionId: string;
52+
id: string;
5353
userId: string;
54+
token: string;
5455
valid: boolean;
5556
userAgent?: string;
5657
createdAt: string;

packages/server/__tests__/accounts-server.ts

Lines changed: 40 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
import * as jwtDecode from 'jwt-decode';
2-
import { AccountsServer } from '../src/accounts-server';
2+
import { AccountsServer, JwtData } from '../src/accounts-server';
33
import {
44
bcryptPassword,
55
hashPassword,
@@ -100,10 +100,9 @@ describe('AccountsServer', () => {
100100
);
101101

102102
const res = await accountsServer.loginWithUser(user, {});
103-
expect(res.user).toEqual(user);
104103
const { accessToken, refreshToken } = res.tokens;
105-
const decodedAccessToken: any = jwtDecode(accessToken);
106-
expect(decodedAccessToken.data.sessionId).toEqual('sessionId');
104+
const decodedAccessToken: { data: JwtData } = jwtDecode(accessToken);
105+
expect(decodedAccessToken.data.token).toBeTruthy();
107106
expect(accessToken).toBeTruthy();
108107
expect(refreshToken).toBeTruthy();
109108
});
@@ -114,9 +113,9 @@ describe('AccountsServer', () => {
114113
const accountsServer = new AccountsServer(
115114
{
116115
db: {
117-
findSessionById: () =>
116+
findSessionByToken: () =>
118117
Promise.resolve({
119-
sessionId: '456',
118+
id: '456',
120119
valid: true,
121120
userId: '123',
122121
}),
@@ -146,9 +145,9 @@ describe('AccountsServer', () => {
146145
const accountsServer = new AccountsServer(
147146
{
148147
db: {
149-
findSessionById: () =>
148+
findSessionByToken: () =>
150149
Promise.resolve({
151-
sessionId: '456',
150+
id: '456',
152151
valid: true,
153152
userId: '123',
154153
}),
@@ -218,9 +217,9 @@ describe('AccountsServer', () => {
218217
const accountsServer = new AccountsServer(
219218
{
220219
db: {
221-
findSessionById: () =>
220+
findSessionByToken: () =>
222221
Promise.resolve({
223-
sessionId: '456',
222+
id: '456',
224223
valid: true,
225224
userId: '123',
226225
}),
@@ -243,9 +242,9 @@ describe('AccountsServer', () => {
243242
const accountsServer = new AccountsServer(
244243
{
245244
db: {
246-
findSessionById: () =>
245+
findSessionByToken: () =>
247246
Promise.resolve({
248-
sessionId: '456',
247+
id: '456',
249248
valid: true,
250249
userId: '123',
251250
}),
@@ -276,9 +275,9 @@ describe('AccountsServer', () => {
276275
const accountsServer = new AccountsServer(
277276
{
278277
db: {
279-
findSessionById: () =>
278+
findSessionByToken: () =>
280279
Promise.resolve({
281-
sessionId: '456',
280+
id: '456',
282281
valid: true,
283282
userId: '123',
284283
}),
@@ -306,9 +305,9 @@ describe('AccountsServer', () => {
306305
const accountsServer = new AccountsServer(
307306
{
308307
db: {
309-
findSessionById: () =>
308+
findSessionByToken: () =>
310309
Promise.resolve({
311-
sessionId: '456',
310+
id: '456',
312311
valid: false,
313312
userId: '123',
314313
}),
@@ -341,7 +340,7 @@ describe('AccountsServer', () => {
341340
const accountsServer = new AccountsServer(
342341
{
343342
db: {
344-
findSessionById: () => Promise.reject(''),
343+
findSessionByToken: () => Promise.reject(''),
345344
findUserById: () => Promise.resolve(user),
346345
} as any,
347346
tokenSecret: 'secret',
@@ -367,7 +366,7 @@ describe('AccountsServer', () => {
367366
const accountsServer = new AccountsServer(
368367
{
369368
db: {
370-
findSessionById: () =>
369+
findSessionByToken: () =>
371370
Promise.resolve({
372371
valid: false,
373372
}),
@@ -402,9 +401,9 @@ describe('AccountsServer', () => {
402401
const accountsServer = new AccountsServer(
403402
{
404403
db: {
405-
findSessionById: () =>
404+
findSessionByToken: () =>
406405
Promise.resolve({
407-
sessionId: '456',
406+
id: '456',
408407
valid: true,
409408
userId: '123',
410409
}),
@@ -504,9 +503,9 @@ describe('AccountsServer', () => {
504503
const accountsServer = new AccountsServer(
505504
{
506505
db: {
507-
findSessionById: () =>
506+
findSessionByToken: () =>
508507
Promise.resolve({
509-
sessionId: '456',
508+
id: '456',
510509
valid: true,
511510
userId: '123',
512511
}),
@@ -528,7 +527,10 @@ describe('AccountsServer', () => {
528527
'ip',
529528
'user agent'
530529
);
531-
expect(updateSession.mock.calls[0]).toEqual(['456', 'ip', 'user agent']);
530+
expect(updateSession.mock.calls[0]).toEqual([
531+
'456',
532+
{ ip: 'ip', userAgent: 'user agent' },
533+
]);
532534
expect(res.user).toEqual({
533535
userId: '123',
534536
username: 'username',
@@ -577,7 +579,7 @@ describe('AccountsServer', () => {
577579
const accountsServer = new AccountsServer(
578580
{
579581
db: {
580-
findSessionById: () => Promise.resolve(null),
582+
findSessionByToken: () => Promise.resolve(null),
581583
} as any,
582584
tokenSecret: 'secret',
583585
},
@@ -601,7 +603,7 @@ describe('AccountsServer', () => {
601603
const accountsServer = new AccountsServer(
602604
{
603605
db: {
604-
findSessionById: () =>
606+
findSessionByToken: () =>
605607
Promise.resolve({
606608
valid: false,
607609
}),
@@ -628,9 +630,9 @@ describe('AccountsServer', () => {
628630
const accountsServer = new AccountsServer(
629631
{
630632
db: {
631-
findSessionById: () =>
633+
findSessionByToken: () =>
632634
Promise.resolve({
633-
sessionId: '456',
635+
id: '456',
634636
valid: true,
635637
userId: '123',
636638
}),
@@ -690,7 +692,7 @@ describe('AccountsServer', () => {
690692
const accountsServer = new AccountsServer(
691693
{
692694
db: {
693-
findSessionById: () => Promise.resolve(null),
695+
findSessionByToken: () => Promise.resolve(null),
694696
} as any,
695697
tokenSecret: 'secret',
696698
},
@@ -708,7 +710,7 @@ describe('AccountsServer', () => {
708710
const accountsServer = new AccountsServer(
709711
{
710712
db: {
711-
findSessionById: () =>
713+
findSessionByToken: () =>
712714
Promise.resolve({
713715
valid: false,
714716
}),
@@ -748,9 +750,9 @@ describe('AccountsServer', () => {
748750
const accountsServer = new AccountsServer(
749751
{
750752
db: {
751-
findSessionById: () =>
753+
findSessionByToken: () =>
752754
Promise.resolve({
753-
sessionId: '456',
755+
id: '456',
754756
valid: true,
755757
userId: '123',
756758
}),
@@ -779,9 +781,9 @@ describe('AccountsServer', () => {
779781
const accountsServer = new AccountsServer(
780782
{
781783
db: {
782-
findSessionById: () =>
784+
findSessionByToken: () =>
783785
Promise.resolve({
784-
sessionId: '456',
786+
id: '456',
785787
valid: false,
786788
userId: '123',
787789
}),
@@ -804,9 +806,9 @@ describe('AccountsServer', () => {
804806
const accountsServer = new AccountsServer(
805807
{
806808
db: {
807-
findSessionById: () =>
809+
findSessionByToken: () =>
808810
Promise.resolve({
809-
sessionId: '456',
811+
id: '456',
810812
valid: true,
811813
userId: '123',
812814
}),
@@ -1148,14 +1150,9 @@ describe('AccountsServer', () => {
11481150
tokens: { sessionId: '001', isImpersonated: true },
11491151
user: impersonatedUser,
11501152
});
1151-
expect(createSession).toHaveBeenCalledWith(
1152-
impersonatedUser.id,
1153-
null,
1154-
null,
1155-
{
1156-
impersonatorUserId: user.id,
1157-
}
1158-
);
1153+
expect(createSession.mock.calls[0][3]).toEqual({
1154+
impersonatorUserId: user.id,
1155+
});
11591156
});
11601157
});
11611158

packages/server/package.json

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,7 @@
2727
"moduleFileExtensions": [
2828
"ts",
2929
"js"
30-
],
31-
"mapCoverage": true
30+
]
3231
},
3332
"repository": {
3433
"type": "git",

0 commit comments

Comments
 (0)