Hangar/frontend/plugins/api.ts

import { Context } from '@nuxt/types';
import { Inject } from '@nuxt/types/app';
import { AxiosError, AxiosRequestConfig } from 'axios';
import Cookie from 'cookie';
import jwtDecode, { JwtPayload } from 'jwt-decode';
import qs from 'qs';
import { HangarApiException } from 'hangar-api';

interface StatCookie {
    // eslint-disable-next-line camelcase
    hangar_stats: string;
    Path: string;
    'Max-Age': string;
    Expires: string;
    SameSite: Cookie.CookieSerializeOptions['sameSite'];
    Secure?: boolean;
}

const createApi = ({ $axios, store, app: { $cookies } }: Context) => {
    class API {
        getToken(forceFetch: boolean = true): Promise<string | null> {
            if (store.state.auth.token) {
                if (API.validateToken(store.state.auth.token)) {
                    return Promise.resolve(store.state.auth.token);
                } else {
                    return this.refreshToken();
                }
            } else if (forceFetch) {
                return this.refreshToken();
            } else {
                return Promise.resolve(null);
            }
        }

        private refreshToken(): Promise<string | null> {
            return new Promise<string | null>((resolve) => {
                return $axios
                    .get<{ token: string; refreshToken: string; cookieName: string; expiresIn: number }>('/refresh')
                    .then((value) => {
                        store.commit('auth/SET_TOKEN', value.data.token);
                        $cookies.set(value.data.cookieName, value.data.refreshToken, {
                            path: '/',
                            expires: new Date(Date.now() + value.data.expiresIn * 1000),
                            sameSite: 'strict',
                            secure: process.env.nodeEnv === 'production',
                        });
                        resolve(value.data.token);
                    })
                    .catch(() => {
                        resolve(null);
                    });
            });
        }

        request<T>(url: string, authed: boolean = true, method: AxiosRequestConfig['method'] = 'get', data: object = {}): Promise<T> {
            return this.getToken(authed).then((token) => {
                return this._request(`v1/${url}`, token, method, data);
            });
        }

        requestInternal<T = void>(url: string, authed: boolean = true, method: AxiosRequestConfig['method'] = 'get', data: object = {}): Promise<T> {
            return this.getToken(authed).then((token) => {
                return this.requestInternalWithToken<T>(url, token, authed, method, data);
            });
        }

        requestInternalWithToken<T>(
            url: string,
            token: string | null,
            authed: boolean = true,
            method: AxiosRequestConfig['method'] = 'get',
            data: object = {}
        ): Promise<T> {
            let tokenPromise: Promise<string | null>;
            if (token && !API.validateToken(token)) {
                tokenPromise = this.getToken(true);
            } else {
                tokenPromise = Promise.resolve(token);
            }

            return tokenPromise.then((token) => {
                if (authed && !token) {
                    // eslint-disable-next-line prefer-promise-reject-errors
                    return Promise.reject({
                        isAxiosError: true,
                        response: {
                            data: {
                                isHangarApiException: true,
                                httpError: {
                                    statusCode: 401,
                                },
                                message: 'You must be logged in',
                            } as HangarApiException,
                        },
                    });
                } else {
                    return this._request(`internal/${url}`, token, method, data);
                }
            });
        }

        private static validateToken(token: string): boolean {
            const decodedToken = jwtDecode<JwtPayload>(token);
            if (!decodedToken.exp) {
                return false;
            }
            return decodedToken.exp * 1000 > Date.now() - 10 * 1000; // check against 10 seconds earlier to mitigate tokens expiring mid-request
        }

        private _request<T>(url: string, token: string | null, method: AxiosRequestConfig['method'], data: object): Promise<T> {
            const headers: Record<string, string> = token ? { Authorization: `HangarAuth ${token}` } : {};
            return new Promise<T>((resolve, reject) => {
                return $axios
                    .request<T>({
                        method,
                        url: `/api/${url}`,
                        headers,
                        data: method?.toLowerCase() !== 'get' ? data : {},
                        params: method?.toLowerCase() === 'get' ? data : {},
                        paramsSerializer: (params) => {
                            return qs.stringify(params, {
                                arrayFormat: 'repeat',
                            });
                        },
                    })
                    .then(({ data, headers }) => {
                        // check for stats cookie
                        if (headers['set-cookie']) {
                            const statString = headers['set-cookie'].find((c: string) => c.startsWith('hangar_stats'));
                            if (statString) {
                                const statCookie: StatCookie = (Cookie.parse(statString) as unknown) as StatCookie;
                                $cookies.set('hangar_stats', statCookie.hangar_stats, {
                                    path: statCookie.Path,
                                    expires: new Date(statCookie.Expires),
                                    sameSite: 'strict',
                                    secure: statCookie.Secure,
                                });
                            }
                        }
                        resolve(data);
                    })
                    .catch((error: AxiosError) => {
                        reject(error);
                    });
            });
        }
    }

    return new API();
};

type apiType = ReturnType<typeof createApi>;

declare module 'vue/types/vue' {
    interface Vue {
        $api: apiType;
    }
}

declare module '@nuxt/types' {
    interface NuxtAppOptions {
        $api: apiType;
    }

    interface Context {
        $api: apiType;
    }
}

declare module 'vuex/types/index' {
    // eslint-disable-next-line no-unused-vars,@typescript-eslint/no-unused-vars
    interface Store<S> {
        $api: apiType;
    }
}

export default (ctx: Context, inject: Inject) => {
    inject('api', createApi(ctx));
};
nuxt demo 2021-01-21 11:36:18 +08:00			`import { Context } from '@nuxt/types';`
			`import { Inject } from '@nuxt/types/app';`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`import { AxiosError, AxiosRequestConfig } from 'axios';`
project view tracking 2021-04-05 11:17:34 +08:00			`import Cookie from 'cookie';`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`import jwtDecode, { JwtPayload } from 'jwt-decode';`
perm decorators 2021-02-05 08:22:22 +08:00			`import qs from 'qs';`
clear up a few more todos 2021-04-03 14:56:55 +08:00			`import { HangarApiException } from 'hangar-api';`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00
project view tracking 2021-04-05 11:17:34 +08:00			`interface StatCookie {`
			`// eslint-disable-next-line camelcase`
			`hangar_stats: string;`
			`Path: string;`
			`'Max-Age': string;`
			`Expires: string;`
			`SameSite: Cookie.CookieSerializeOptions['sameSite'];`
			`Secure?: boolean;`
			`}`

bit more vue work 2021-02-09 02:26:18 +08:00			`const createApi = ({ $axios, store, app: { $cookies } }: Context) => {`
nuxt demo 2021-01-21 11:36:18 +08:00			`class API {`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`getToken(forceFetch: boolean = true): Promise<string \| null> {`
			`if (store.state.auth.token) {`
			`if (API.validateToken(store.state.auth.token)) {`
			`return Promise.resolve(store.state.auth.token);`
nuxt demo 2021-01-21 11:36:18 +08:00			`} else {`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`return this.refreshToken();`
nuxt demo 2021-01-21 11:36:18 +08:00			`}`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`} else if (forceFetch) {`
jwt authorization 2021-02-03 07:47:15 +08:00			`return this.refreshToken();`
			`} else {`
			`return Promise.resolve(null);`
			`}`
			`}`

finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`private refreshToken(): Promise<string \| null> {`
jwt authorization 2021-02-03 07:47:15 +08:00			`return new Promise<string \| null>((resolve) => {`
			`return $axios`
token expiry leeway & fix refresh token expiry 2021-02-05 02:11:03 +08:00			`.get<{ token: string; refreshToken: string; cookieName: string; expiresIn: number }>('/refresh')`
jwt authorization 2021-02-03 07:47:15 +08:00			`.then((value) => {`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`store.commit('auth/SET_TOKEN', value.data.token);`
better refresh token expiry/naming 2021-02-05 01:49:02 +08:00			`$cookies.set(value.data.cookieName, value.data.refreshToken, {`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`path: '/',`
token expiry leeway & fix refresh token expiry 2021-02-05 02:11:03 +08:00			`expires: new Date(Date.now() + value.data.expiresIn * 1000),`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`sameSite: 'strict',`
fix env handling 2021-03-17 01:43:58 +08:00			`secure: process.env.nodeEnv === 'production',`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`});`
			`resolve(value.data.token);`
jwt authorization 2021-02-03 07:47:15 +08:00			`})`
			`.catch(() => {`
			`resolve(null);`
			`});`
			`});`
			`}`

finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`request<T>(url: string, authed: boolean = true, method: AxiosRequestConfig['method'] = 'get', data: object = {}): Promise<T> {`
			`return this.getToken(authed).then((token) => {`
			return this._request(`v1/${url}`, token, method, data);
user updated every route change & header data 2021-01-22 13:18:09 +08:00			`});`
			`}`

bit more vue work 2021-02-09 02:26:18 +08:00			`requestInternal<T = void>(url: string, authed: boolean = true, method: AxiosRequestConfig['method'] = 'get', data: object = {}): Promise<T> {`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`return this.getToken(authed).then((token) => {`
			`return this.requestInternalWithToken<T>(url, token, authed, method, data);`
jwt authorization 2021-02-03 07:47:15 +08:00			`});`
			`}`

finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`requestInternalWithToken<T>(`
			`url: string,`
			`token: string \| null,`
			`authed: boolean = true,`
			`method: AxiosRequestConfig['method'] = 'get',`
			`data: object = {}`
			`): Promise<T> {`
bit more header work and error handling 2021-02-08 07:19:16 +08:00			`let tokenPromise: Promise<string \| null>;`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`if (token && !API.validateToken(token)) {`
bit more header work and error handling 2021-02-08 07:19:16 +08:00			`tokenPromise = this.getToken(true);`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`} else {`
bit more header work and error handling 2021-02-08 07:19:16 +08:00			`tokenPromise = Promise.resolve(token);`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`}`

bit more header work and error handling 2021-02-08 07:19:16 +08:00			`return tokenPromise.then((token) => {`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`if (authed && !token) {`
clear up a few more todos 2021-04-03 14:56:55 +08:00			`// eslint-disable-next-line prefer-promise-reject-errors`
			`return Promise.reject({`
			`isAxiosError: true,`
			`response: {`
			`data: {`
			`isHangarApiException: true,`
			`httpError: {`
			`statusCode: 401,`
			`},`
			`message: 'You must be logged in',`
			`} as HangarApiException,`
			`},`
			`});`
			`} else {`
			return this._request(`internal/${url}`, token, method, data);
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`}`
jwt authorization 2021-02-03 07:47:15 +08:00			`});`
nuxt demo 2021-01-21 11:36:18 +08:00			`}`

finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`private static validateToken(token: string): boolean {`
			`const decodedToken = jwtDecode<JwtPayload>(token);`
			`if (!decodedToken.exp) {`
			`return false;`
			`}`
token expiry leeway & fix refresh token expiry 2021-02-05 02:11:03 +08:00			`return decodedToken.exp * 1000 > Date.now() - 10 * 1000; // check against 10 seconds earlier to mitigate tokens expiring mid-request`
user updated every route change & header data 2021-01-22 13:18:09 +08:00			`}`

finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`private _request<T>(url: string, token: string \| null, method: AxiosRequestConfig['method'], data: object): Promise<T> {`
started on versions 2021-02-10 16:31:43 +08:00			const headers: Record<string, string> = token ? { Authorization: `HangarAuth ${token}` } : {};
nuxt demo 2021-01-21 11:36:18 +08:00			`return new Promise<T>((resolve, reject) => {`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`return $axios`
			`.request<T>({`
			`method,`
			url: `/api/${url}`,
			`headers,`
perm decorators 2021-02-05 08:22:22 +08:00			`data: method?.toLowerCase() !== 'get' ? data : {},`
			`params: method?.toLowerCase() === 'get' ? data : {},`
			`paramsSerializer: (params) => {`
			`return qs.stringify(params, {`
			`arrayFormat: 'repeat',`
			`});`
			`},`
yay, working login 2021-01-22 11:11:24 +08:00			`})`
project view tracking 2021-04-05 11:17:34 +08:00			`.then(({ data, headers }) => {`
			`// check for stats cookie`
			`if (headers['set-cookie']) {`
			`const statString = headers['set-cookie'].find((c: string) => c.startsWith('hangar_stats'));`
			`if (statString) {`
			`const statCookie: StatCookie = (Cookie.parse(statString) as unknown) as StatCookie;`
			`$cookies.set('hangar_stats', statCookie.hangar_stats, {`
			`path: statCookie.Path,`
			`expires: new Date(statCookie.Expires),`
			`sameSite: 'strict',`
			`secure: statCookie.Secure,`
			`});`
			`}`
			`}`
			`resolve(data);`
			`})`
finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`.catch((error: AxiosError) => {`
			`reject(error);`
tiny bit of auth 2021-01-22 15:27:42 +08:00			`});`
nuxt demo 2021-01-21 11:36:18 +08:00			`});`
			`}`
			`}`

			`return new API();`
			`};`

			`type apiType = ReturnType<typeof createApi>;`

			`declare module 'vue/types/vue' {`
			`interface Vue {`
			`$api: apiType;`
			`}`
			`}`

			`declare module '@nuxt/types' {`
			`interface NuxtAppOptions {`
			`$api: apiType;`
			`}`

			`interface Context {`
			`$api: apiType;`
			`}`
			`}`

			`declare module 'vuex/types/index' {`
author & staff page backend 2021-01-31 10:00:11 +08:00			`// eslint-disable-next-line no-unused-vars,@typescript-eslint/no-unused-vars`
nuxt demo 2021-01-21 11:36:18 +08:00			`interface Store<S> {`
			`$api: apiType;`
			`}`
			`}`

finished user auth * work on notifications 2021-02-04 17:34:24 +08:00			`export default (ctx: Context, inject: Inject) => {`
			`inject('api', createApi(ctx));`
nuxt demo 2021-01-21 11:36:18 +08:00			`};`