feat(server): move authentication to tokens stored in the database (#1381)

* chore: add typeorm commands to npm and set default database config values * feat: move to server side authentication tokens * fix: websocket should emit error and disconnect on error thrown by the server * refactor: rename cookie-auth-strategy to user-auth-strategy * feat: user tokens and API keys now use SHA256 hash for performance improvements * test: album e2e test remove unneeded module import * infra: truncate api key table as old keys will no longer work with new hash algorithm * fix(server): e2e tests (#1435) * fix: root module paths * chore: linting * chore: rename user-auth to strategy.ts and make validate return AuthUserDto * fix: we should always send HttpOnly for our auth cookies * chore: remove now unused crypto functions and jwt dependencies * fix: return the extra fields for AuthUserDto in auth service validate --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
2025-10-29 17:40:28 +00:00 · 2023-01-27 20:50:07 +00:00
parent 9be71f603e
commit 3f2513a717
61 changed files with 373 additions and 517 deletions
--- a/server/libs/domain/test/crypto.repository.mock.ts
+++ b/server/libs/domain/test/crypto.repository.mock.ts
@@ -3,9 +3,8 @@ import { ICryptoRepository } from '../src';
 export const newCryptoRepositoryMock = (): jest.Mocked<ICryptoRepository> => {
  return {
    randomBytes: jest.fn().mockReturnValue(Buffer.from('random-bytes', 'utf8')),
-    compareSync: jest.fn().mockReturnValue(true),
-    hash: jest.fn().mockImplementation((input) => Promise.resolve(`${input} (hashed)`)),
-    signJwt: jest.fn().mockReturnValue('signed-jwt'),
-    verifyJwtAsync: jest.fn().mockResolvedValue({ userId: 'test', email: 'test' }),
+    compareBcrypt: jest.fn().mockReturnValue(true),
+    hashBcrypt: jest.fn().mockImplementation((input) => Promise.resolve(`${input} (hashed)`)),
+    hashSha256: jest.fn().mockImplementation((input) => `${input} (hashed)`),
  };
 };