feat: Use new (tested) accessToken utils to set and remove cookies

2019-02-20 23:07:12 +00:00
parent 3e8bac4590
commit cf1def239d
2 changed files with 5 additions and 26 deletions
--- a/api-server/server/boot/authentication.js
+++ b/api-server/server/boot/authentication.js
@ -6,7 +6,6 @@ import { isEmail } from 'validator';
 import { check } from 'express-validator/check';

 import { homeLocation } from '../../../config/env';
-import { createCookieConfig } from '../utils/cookieConfig';
 import {
  createPassportCallbackAuthenticator,
  saveResponseAuthCookies,
@ -18,6 +17,7 @@ import {
  createValidatorErrorHandler
 } from '../utils/middleware';
 import { wrapHandledError } from '../utils/create-handled-error.js';
+import { removeCookies } from '../utils/getSetAccessToken';

 const isSignUpDisabled = !!process.env.DISABLE_SIGNUP;
 if (isSignUpDisabled) {
@ -68,11 +68,7 @@ module.exports = function enableAuthentication(app) {
          redirectTo: homeLocation
        });
      }
-      const config = createCookieConfig(req);
-      res.clearCookie('jwt_access_token', config);
-      res.clearCookie('access_token', config);
-      res.clearCookie('userId', config);
-      res.clearCookie('_csrf', config);
+      removeCookies(req, res);
      res.redirect(homeLocation);
    });
  });
--- a/api-server/server/component-passport.js
+++ b/api-server/server/component-passport.js
@ -5,13 +5,11 @@ import {
  PassportConfigurator
 } from '@freecodecamp/loopback-component-passport';
 import url from 'url';
-import jwt from 'jsonwebtoken';
 import dedent from 'dedent';

 import { homeLocation } from '../../config/env';
-import { jwtSecret } from '../../config/secrets';
 import passportProviders from './passport-providers';
-import { createCookieConfig } from './utils/cookieConfig';
+import { setAccessTokenToResponse } from './utils/getSetAccessToken';

 const passportOptions = {
  emailOptional: true,
@ -143,15 +141,7 @@ export const saveResponseAuthCookies = () => {

    const { accessToken } = user;

-    const cookieConfig = {
-      ...createCookieConfig(req),
-      maxAge: 77760000000
-    };
-    const jwtAccess = jwt.sign({ accessToken }, jwtSecret);
-    res.cookie('jwt_access_token', jwtAccess, cookieConfig);
-    res.cookie('access_token', accessToken.id, cookieConfig);
-    res.cookie('userId', accessToken.userId, cookieConfig);
-
+    setAccessTokenToResponse({ accessToken }, req, res);
    return next();
  };
 };
@ -221,14 +211,7 @@ we recommend using your email address: ${user.email} to sign in instead.
            `
          );
        }
-        const cookieConfig = {
-          ...createCookieConfig(req),
-          maxAge: accessToken.ttl
-        };
-        const jwtAccess = jwt.sign({ accessToken }, jwtSecret);
-        res.cookie('jwt_access_token', jwtAccess, cookieConfig);
-        res.cookie('access_token', accessToken.id, cookieConfig);
-        res.cookie('userId', accessToken.userId, cookieConfig);
+        setAccessTokenToResponse({ accessToken }, req, res);
        req.login(user);
      }