wrap device creation in transaction

Author: mpfeil

packages/api/lib/helpers/jwtHelpers.js

@@ -5,7 +5,7 @@ const { findUserByEmailAndRole } = require('@sensebox/opensensemap-api-models/sr
 const config = require('config'),
   jwt = require('jsonwebtoken'),
   hashJWT = require('./jwtRefreshTokenHasher'),
-  { addTokenToBlacklist, addTokenHashToBlacklist, isTokenBlacklisted } = require('./tokenBlacklist'),
+  { addTokenToBlacklist, addTokenHashToBlacklist, isTokenBlacklisted, addRefreshTokenToBlacklist } = require('./tokenBlacklist'),
   { v4: uuidv4 } = require('uuid'),
   moment = require('moment'),
   { User } = require('@sensebox/opensensemap-api-models'),
@@ -68,8 +68,8 @@ const refreshJwt = async function refreshJwt (refreshToken) {
     throw new ForbiddenError('Refresh token invalid or too old. Please sign in with your username and password.');
   }
 
-  // TODO: invalidate old token
-  // addTokenHashToBlacklist(refreshToken);
+  // Add the old refresh token to the blacklist
+  addRefreshTokenToBlacklist(refreshToken);
 
   const { token, refreshToken: newRefreshToken } = await createToken(user);
 

packages/api/lib/helpers/tokenBlacklist.js

@@ -1,17 +1,8 @@
 'use strict';
 
-const { insertTokenToBlacklist, findToken } = require('@sensebox/opensensemap-api-models/src/token');
+const { insertTokenToBlacklist, findToken, insertTokenToBlacklistWithExpiresAt } = require('@sensebox/opensensemap-api-models/src/token');
 const hashJWT = require('./jwtRefreshTokenHasher');
-
-// TODO: Move this to pg_cron
-// const cleanupExpiredTokens = function cleanupExpiredTokens () {
-//   const now = Date.now() / 1000;
-//   for (const jti of Object.keys(tokenBlacklist)) {
-//     if (tokenBlacklist[jti].exp < now) {
-//       delete tokenBlacklist[jti];
-//     }
-//   }
-// };
+const moment = require('moment');
 
 const isTokenBlacklisted = async function isTokenBlacklisted (token, tokenString) {
   if (!token.jti) { // token has no id.. -> shouldn't be accepted
@@ -37,21 +28,13 @@ const addTokenToBlacklist = function addTokenToBlacklist (token, tokenString) {
   }
 };
 
-const addTokenHashToBlacklist = function addTokenHashToBlacklist (tokenHash) {
-  // cleanupExpiredTokens();
-
-  // if (typeof tokenHash === 'string') {
-  //   // just set the exp claim to now plus one week to be sure
-  //   tokenBlacklist[tokenHash] = {
-  //     exp: moment.utc()
-  //       .add(1, 'week')
-  //       .unix()
-  //   };
-  // }
+const addRefreshTokenToBlacklist = function addRefreshTokenToBlacklist (refreshToken) {
+  insertTokenToBlacklistWithExpiresAt('', refreshToken, moment.utc().add(1, 'week')
+    .unix());
 };
 
 module.exports = {
   isTokenBlacklisted,
   addTokenToBlacklist,
-  addTokenHashToBlacklist
+  addRefreshTokenToBlacklist
 };

packages/models/src/device/index.js

@@ -1,11 +1,11 @@
 'use strict';
 
 const crypto = require('crypto');
-const { deviceTable, sensorTable, accessTokenTable } = require('../../schema/schema');
+const { deviceTable, sensorTable, accessTokenTable, deviceToLocationTable, locationTable } = require('../../schema/schema');
 const sensorLayouts = require('../box/sensorLayouts');
 const { db } = require('../drizzle');
 const ModelError = require('../modelError');
-const { inArray, arrayContains, sql, eq, asc, ilike, getTableColumns } = require('drizzle-orm');
+const { inArray, arrayContains, sql, eq, asc, ilike } = require('drizzle-orm');
 const { insertMeasurement, insertMeasurements } = require('../measurement');
 const SketchTemplater = require('@sensebox/sketch-templater');
 
@@ -94,42 +94,78 @@ const createDevice = async function createDevice (userId, params) {
     }
   }
 
-  // TODO: handle in transaction
-  const [device] = await db
-    .insert(deviceTable)
-    .values({
-      userId,
-      name,
-      exposure,
-      description,
-      latitude: location[1],
-      longitude: location[0],
-      location: sql`ST_SetSRID(ST_MakePoint(${location[1]}, ${location[0]}), 4326)`,
-      useAuth,
-      model,
-      tags: grouptag
-    })
-    .returning();
-
-  const [accessToken] = await db.insert(accessTokenTable).values({
-    deviceId: device.id,
-    token: crypto.randomBytes(32).toString('hex')
-  })
-    .returning({ token: accessTokenTable.token });
-
-  // Iterate over sensors and add device id
-  sensors = sensors.map((sensor) => ({
-    deviceId: device.id,
-    ...sensor
-  }));
-
-  const deviceSensors = await db.insert(sensorTable).values(sensors)
-    .returning();
+  // Handle everything in a transaction to ensure consistency
+  const device = await db.transaction(async (tx) => {
+    const [device] = await tx
+      .insert(deviceTable)
+      .values({
+        userId,
+        name,
+        exposure,
+        description,
+        useAuth,
+        model,
+        latitude: location[1],
+        longitude: location[0],
+        tags: grouptag
+      })
+      .returning();
+
+    const [geometry] = await tx
+      .insert(locationTable)
+      .values({
+        location: sql`ST_SetSRID(ST_MakePoint(${location[1]}, ${location[0]}), 4326)`
+      })
+      .onConflictDoNothing()
+      .returning({ id: locationTable.id });
+
+    if (geometry) {
+      // Create location relation
+      await tx
+        .insert(deviceToLocationTable)
+        .values({ deviceId: device.id, locationId: geometry.id });
+    } else {
+      // Get location id
+      const geom = await tx.query.locationTable.findFirst({
+        columns: {
+          id: true
+        },
+        where: sql`ST_Equals(${locationTable.location}, ST_SetSRID(ST_MakePoint(${location[1]}, ${location[0]}), 4326))`
+      });
+
+      // Create location relation
+      await tx
+        .insert(deviceToLocationTable)
+        .values({ deviceId: device.id, locationId: geom.id });
+    }
 
-  device['accessToken'] = accessToken.token;
-  device['sensors'] = deviceSensors;
+    const [accessToken] = await tx
+      .insert(accessTokenTable)
+      .values({
+        deviceId: device.id,
+        token: crypto.randomBytes(32).toString('hex')
+      })
+      .returning({ token: accessTokenTable.token });
+
+    // Iterate over sensors and add device id
+    sensors = sensors.map((sensor) => ({
+      deviceId: device.id,
+      ...sensor
+    }));
+
+    const deviceSensors = await tx
+      .insert(sensorTable)
+      .values(sensors)
+      .returning();
+
+    device['accessToken'] = accessToken.token;
+    device['sensors'] = deviceSensors;
+
+    return device;
+  });
 
   return device;
+
 };
 
 const deleteDevice = async function (filter) {

packages/models/src/token/index.js

@@ -13,6 +13,14 @@ const insertTokenToBlacklist = async function (hash, token) {
   });
 };
 
+const insertTokenToBlacklistWithExpiresAt = async function (hash, token, expiresAt) {
+  await db.insert(tokenBlacklistTable).values({
+    hash,
+    token,
+    expiresAt: moment.unix(expiresAt)
+  });
+};
+
 const findToken = async function (hash) {
   const blacklistedToken = await db.select().from(tokenBlacklistTable)
     .where(eq(tokenBlacklistTable.hash, hash));
@@ -22,5 +30,6 @@ const findToken = async function (hash) {
 
 module.exports = {
   findToken,
-  insertTokenToBlacklist
+  insertTokenToBlacklist,
+  insertTokenToBlacklistWithExpiresAt
 };

packages/models/src/token/refresh.js

@@ -24,7 +24,7 @@ const findRefreshTokenUser = async function findRefreshTokenUser (token) {
     }
   });
 
-  return token1.user;
+  return token1 ? token1.user : token1;
 };
 
 module.exports = {