fix: update google auth and swagger

Author: chertik77

.env.example

@@ -8,6 +8,7 @@ REDIS_HOST=
 REDIS_PORT=
 GOOGLE_CLIENT_ID=
 GOOGLE_CLIENT_SECRET=
+GOOGLE_REDIRECT_URI=
 PORT=
 API_PREFIX=
 NODE_ENV=

app/config/env.config.ts

@@ -11,6 +11,7 @@ const envSchema = z.object({
   DATABASE_URL: z.string(),
   GOOGLE_CLIENT_ID: z.string(),
   GOOGLE_CLIENT_SECRET: z.string(),
+  GOOGLE_REDIRECT_URI: z.string().url(),
   REDIS_USERNAME: z.string(),
   REDIS_PASSWORD: z.string(),
   REDIS_HOST: z.string(),

app/controllers/auth.controller.ts

@@ -1,11 +1,15 @@
 import type {
-  GoogleAuthSchema,
+  GoogleCodeSchema,
   RefreshTokenSchema,
   SigninSchema,
   SignupSchema
 } from '@/schemas'
-import type { GoogleUserResponse, JwtPayload, TypedRequestBody } from '@/types'
+import type { JwtPayload } from '@/types'
 import type { NextFunction, Request, Response } from 'express'
+import type {
+  TypedRequestBody,
+  TypedRequestQuery
+} from 'zod-express-middleware'
 
 import { prisma } from '@/prisma'
 import { hash, verify } from 'argon2'
@@ -24,10 +28,17 @@ const {
   ACCESS_JWT_ALGORITHM,
   REFRESH_JWT_ALGORITHM,
   GOOGLE_CLIENT_ID,
-  GOOGLE_CLIENT_SECRET
+  GOOGLE_CLIENT_SECRET,
+  GOOGLE_REDIRECT_URI
 } = env
 
 class AuthController {
+  googleClient = new OAuth2Client(
+    GOOGLE_CLIENT_ID,
+    GOOGLE_CLIENT_SECRET,
+    GOOGLE_REDIRECT_URI
+  )
+
   signup = async (
     { body }: TypedRequestBody<typeof SignupSchema>,
     res: Response,
@@ -84,23 +95,40 @@ class AuthController {
     res.json({ user: userWithoutPassword, ...tokens })
   }
 
-  google = async (
-    { body }: TypedRequestBody<typeof GoogleAuthSchema>,
-    res: Response
+  googleRedirect = async (_: Request, res: Response) => {
+    const url = this.googleClient.generateAuthUrl({
+      access_type: 'offline',
+      scope: ['profile', 'email']
+    })
+
+    res.redirect(url)
+  }
+
+  googleCallback = async (
+    req: TypedRequestQuery<typeof GoogleCodeSchema>,
+    res: Response,
+    next: NextFunction
   ) => {
-    const oAuth2Client = new OAuth2Client(
-      GOOGLE_CLIENT_ID,
-      GOOGLE_CLIENT_SECRET,
-      'postmessage'
-    )
+    const { tokens } = await this.googleClient.getToken(req.query.code)
 
-    const { tokens } = await oAuth2Client.getToken(body.code)
+    if (!tokens.id_token) return next(Forbidden())
 
-    const { name, email, picture } = await this.getUserInfoFromGoogleApi(
-      tokens.access_token!
-    )
+    const ticket = await this.googleClient.verifyIdToken({
+      idToken: tokens.id_token,
+      audience: GOOGLE_CLIENT_ID
+    })
 
-    const user = await prisma.user.findUnique({ where: { email } })
+    const payload = ticket.getPayload()
+
+    if (!payload || !payload.email || !payload.name || !payload.picture) {
+      return next(Forbidden('Invalid token'))
+    }
+
+    const { name, email, picture } = payload
+
+    const user = await prisma.user.findUnique({
+      where: { email }
+    })
 
     if (!user) {
       const user = await prisma.user.create({
@@ -131,7 +159,7 @@ class AuthController {
     }
   }
 
-  tokens = async (
+  refresh = async (
     { body }: TypedRequestBody<typeof RefreshTokenSchema>,
     res: Response,
     next: NextFunction
@@ -186,18 +214,6 @@ class AuthController {
 
     return { accessToken, refreshToken }
   }
-
-  private getUserInfoFromGoogleApi = async (accessToken: string) => {
-    const URL = 'https://www.googleapis.com/oauth2/v3/userinfo'
-
-    const r = await fetch(URL, {
-      headers: { Authorization: `Bearer ${accessToken}` }
-    })
-
-    const userInfo = (await r.json()) as GoogleUserResponse
-
-    return userInfo
-  }
 }
 
 export const authController = new AuthController()

app/controllers/board.controller.ts

@@ -3,12 +3,13 @@ import type {
   BoardParamsSchema,
   EditBoardSchema
 } from '@/schemas'
+import type { NextFunction, Request, Response } from 'express'
+import type { ZodType } from 'zod'
 import type {
   TypedRequest,
   TypedRequestBody,
   TypedRequestParams
-} from '@/types'
-import type { NextFunction, Request, Response } from 'express'
+} from 'zod-express-middleware'
 
 import { prisma } from '@/prisma'
 import { NotFound } from 'http-errors'
@@ -85,7 +86,7 @@ class BoardController {
       body,
       params,
       user
-    }: TypedRequest<typeof EditBoardSchema, typeof BoardParamsSchema>,
+    }: TypedRequest<typeof BoardParamsSchema, ZodType, typeof EditBoardSchema>,
     res: Response,
     next: NextFunction
   ) => {

app/controllers/card.controller.ts

@@ -6,8 +6,9 @@ import type {
   MoveCardSchema,
   UpdateCardOrderSchema
 } from '@/schemas'
-import type { TypedRequest, TypedRequestParams } from '@/types'
 import type { NextFunction, Response } from 'express'
+import type { ZodType } from 'zod'
+import type { TypedRequest, TypedRequestParams } from 'zod-express-middleware'
 
 import { prisma } from '@/prisma'
 import { BadRequest, NotFound } from 'http-errors'
@@ -19,7 +20,7 @@ class CardController {
     {
       params,
       body
-    }: TypedRequest<typeof AddCardSchema, typeof ColumnParamsSchema>,
+    }: TypedRequest<typeof ColumnParamsSchema, ZodType, typeof AddCardSchema>,
     res: Response,
     next: NextFunction
   ) => {
@@ -45,7 +46,7 @@ class CardController {
     {
       params,
       body
-    }: TypedRequest<typeof EditCardSchema, typeof CardParamsSchema>,
+    }: TypedRequest<typeof CardParamsSchema, ZodType, typeof EditCardSchema>,
     res: Response,
     next: NextFunction
   ) => {
@@ -72,7 +73,11 @@ class CardController {
     {
       params,
       body
-    }: TypedRequest<typeof UpdateCardOrderSchema, typeof ColumnParamsSchema>,
+    }: TypedRequest<
+      typeof ColumnParamsSchema,
+      ZodType,
+      typeof UpdateCardOrderSchema
+    >,
     res: Response,
     next: NextFunction
   ) => {

app/controllers/column.controller.ts

@@ -1,12 +1,13 @@
 import type {
-  AddColumnSchema,
+  AddBoardSchema,
   BoardParamsSchema,
   ColumnParamsSchema,
   EditColumnSchema,
   UpdateColumnOrderSchema
 } from '@/schemas'
-import type { TypedRequest, TypedRequestParams } from '@/types'
 import type { NextFunction, Response } from 'express'
+import type { ZodType } from 'zod'
+import type { TypedRequest, TypedRequestParams } from 'zod-express-middleware'
 
 import { prisma } from '@/prisma'
 import { BadRequest, NotFound } from 'http-errors'
@@ -19,7 +20,7 @@ class ColumnController {
       params,
       user,
       body
-    }: TypedRequest<typeof AddColumnSchema, typeof BoardParamsSchema>,
+    }: TypedRequest<typeof BoardParamsSchema, ZodType, typeof AddBoardSchema>,
     res: Response,
     next: NextFunction
   ) => {
@@ -50,7 +51,11 @@ class ColumnController {
     {
       params,
       body
-    }: TypedRequest<typeof EditColumnSchema, typeof ColumnParamsSchema>,
+    }: TypedRequest<
+      typeof ColumnParamsSchema,
+      ZodType,
+      typeof EditColumnSchema
+    >,
     res: Response,
     next: NextFunction
   ) => {
@@ -73,7 +78,11 @@ class ColumnController {
     {
       params,
       body
-    }: TypedRequest<typeof UpdateColumnOrderSchema, typeof BoardParamsSchema>,
+    }: TypedRequest<
+      typeof BoardParamsSchema,
+      ZodType,
+      typeof UpdateColumnOrderSchema
+    >,
     res: Response,
     next: NextFunction
   ) => {

app/controllers/user.controller.ts

@@ -1,8 +1,8 @@
 import type { EditUserSchema, NeedHelpSchema } from '@/schemas'
-import type { TypedRequestBody } from '@/types'
 import type { User } from '@prisma/client'
 import type { NextFunction, Request, Response } from 'express'
 import type { Options } from 'nodemailer/lib/mailer'
+import type { TypedRequestBody } from 'zod-express-middleware'
 
 import { prisma } from '@/prisma'
 import { hash } from 'argon2'

app/middlewares/index.ts

@@ -1,4 +1,3 @@
 export { authenticate } from './authenticate'
 export { upload } from './multer'
-export { validateRequest } from './validate-request'
 export { notFoundHandler, globalErrorHandler } from './errorHandler'

app/middlewares/validate-request.ts

@@ -1,11 +1,12 @@
 import { Router } from 'express'
+import { validateRequest } from 'zod-express-middleware'
 
 import { authController } from '@/controllers'
 
-import { authenticate, validateRequest } from '@/middlewares'
+import { authenticate } from '@/middlewares'
 
 import {
-  GoogleAuthSchema,
+  GoogleCodeSchema,
   RefreshTokenSchema,
   SigninSchema,
   SignupSchema
@@ -25,16 +26,18 @@ authRouter.post(
   authController.signin
 )
 
-authRouter.post(
-  '/google',
-  validateRequest({ body: GoogleAuthSchema }),
-  authController.google
+authRouter.post('/google/redirect', authController.googleRedirect)
+
+authRouter.get(
+  '/google/callback',
+  validateRequest({ query: GoogleCodeSchema }),
+  authController.googleCallback
 )
 
 authRouter.post(
-  '/tokens',
+  '/refresh',
   validateRequest({ body: RefreshTokenSchema }),
-  authController.tokens
+  authController.refresh
 )
 
 authRouter.post('/logout', authenticate, authController.logout)