feat: Use next-auth session to authenticate in api.

packages/api/src/context/createApiContext.js

@@ -14,14 +14,22 @@
   limitations under the License.
 */
 
-import createReadConfigFile from './readConfigFile.js';
+import createAuthorize from './createAuthorize.js';
+import createReadConfigFile from './createReadConfigFile.js';
 
-async function createApiContext({ buildDirectory, connections, logger, operators, secrets }) {
+async function createApiContext({
+  buildDirectory,
+  connections,
+  logger,
+  operators,
+  secrets,
+  session,
+}) {
   const readConfigFile = createReadConfigFile({ buildDirectory });
   const config = await readConfigFile('config.json');
   return {
     authenticated: false,
-    authorize: () => true,
+    authorize: createAuthorize({ session }),
     config,
     connections,
     logger,

packages/api/src/context/createAuthorize.js

@@ -16,7 +16,16 @@
 
 import { ServerError } from '../context/errors.js';
 
-function createAuthorize({ authenticated = false, roles = [] }) {
+function createAuthorize({ session }) {
+  console.log('createAuthorize', session);
+
+  // Next-auth getSession provides a session object if the user is authenticated
+  // else session will be null
+
+  const authenticated = !!session;
+  console.log(authenticated);
+  // TODO: roles
+  const roles = [];
   function authorize({ auth }) {
     if (auth.public === true) return true;
     if (auth.public === false) {

packages/api/src/context/createContext.js

@@ -1,45 +0,0 @@
-/*
-  Copyright 2020-2022 Lowdefy, Inc
-
-  Licensed under the Apache License, Version 2.0 (the "License");
-  you may not use this file except in compliance with the License.
-  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
-*/
-
-import createAuthorize from './createAuthorize.js';
-import createReadConfigFile from './readConfigFile.js';
-import verifyAuthorizationHeader from './verifyAuthorizationHeader.js';
-
-async function createContext({ buildDirectory, connections, secrets }) {
-  const readConfigFile = createReadConfigFile({ buildDirectory });
-  const config = await readConfigFile('config.json');
-  function contextFn({ headers, host, logger, protocol, setHeader }) {
-    const context = {
-      config,
-      connections,
-      headers,
-      host,
-      logger,
-      protocol,
-      readConfigFile,
-      secrets,
-      setHeader,
-    };
-    const { authenticated, user, roles } = verifyAuthorizationHeader(context);
-    context.authorize = createAuthorize({ authenticated, roles });
-    context.authenticated = authenticated;
-    context.user = user;
-    return context;
-  }
-  return contextFn;
-}
-
-export default createContext;

packages/api/src/context/createContext.test.js

@@ -1,121 +0,0 @@
-/*
-  Copyright 2020-2022 Lowdefy, Inc
-
-  Licensed under the Apache License, Version 2.0 (the "License");
-  you may not use this file except in compliance with the License.
-  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
-*/
-
-test.todo('Add tests for createApiContext');
-
-// import createAuthorize from './createAuthorize.js';
-// import createContext from './createContext.js';
-// import createReadConfigFile from './readConfigFile.js';
-// import verifyAuthorizationHeader from './verifyAuthorizationHeader.js';
-
-// jest.mock('./createAuthorize');
-// jest.mock('./readConfigFile');
-// jest.mock('./verifyAuthorizationHeader');
-
-// const connections = { Connection: true };
-// const secrets = { secret: true };
-
-// createAuthorize.mockImplementation(({ authenticated, roles = [] }) => ({ authenticated, roles }));
-
-// createReadConfigFile.mockImplementation(({ buildDirectory }) => (path) => ({
-//   buildDirectory,
-//   path,
-// }));
-
-// verifyAuthorizationHeader.mockImplementation(() => ({
-//   authenticated: true,
-//   user: { sub: 'sub' },
-//   roles: ['roles'],
-// }));
-
-// test('createContext', async () => {
-//   const contextFn = await createContext({ connections, buildDirectory: 'buildDirectory', secrets });
-//   const context = contextFn({
-//     headers: { header: 'header' },
-//     host: 'host',
-//     logger: 'logger',
-//     protocol: 'https',
-//     setHeader: 'setHeaderFunction',
-//   });
-//   expect(context).toMatchInlineSnapshot(`
-//     Object {
-//       "authenticated": true,
-//       "authorize": Object {
-//         "authenticated": true,
-//         "roles": Array [
-//           "roles",
-//         ],
-//       },
-//       "config": Object {
-//         "buildDirectory": "buildDirectory",
-//         "path": "config.json",
-//       },
-//       "connections": Object {
-//         "Connection": true,
-//       },
-//       "headers": Object {
-//         "header": "header",
-//       },
-//       "host": "host",
-//       "logger": "logger",
-//       "protocol": "https",
-//       "readConfigFile": [Function],
-//       "secrets": Object {
-//         "secret": true,
-//       },
-//       "setHeader": "setHeaderFunction",
-//       "user": Object {
-//         "sub": "sub",
-//       },
-//     }
-//   `);
-//   expect(verifyAuthorizationHeader.mock.calls).toMatchInlineSnapshot(`
-//     Array [
-//       Array [
-//         Object {
-//           "authenticated": true,
-//           "authorize": Object {
-//             "authenticated": true,
-//             "roles": Array [
-//               "roles",
-//             ],
-//           },
-//           "config": Object {
-//             "buildDirectory": "buildDirectory",
-//             "path": "config.json",
-//           },
-//           "connections": Object {
-//             "Connection": true,
-//           },
-//           "headers": Object {
-//             "header": "header",
-//           },
-//           "host": "host",
-//           "logger": "logger",
-//           "protocol": "https",
-//           "readConfigFile": [Function],
-//           "secrets": Object {
-//             "secret": true,
-//           },
-//           "setHeader": "setHeaderFunction",
-//           "user": Object {
-//             "sub": "sub",
-//           },
-//         },
-//       ],
-//     ]
-//   `);
-// });

packages/api/src/context/createReadConfigFile.test.js

@@ -24,11 +24,11 @@ jest.unstable_mockModule('@lowdefy/node-utils', () => {
   };
 });
 
-test('readConfigFile', async () => {
+test('createReadConfigFile', async () => {
   const nodeUtils = await import('@lowdefy/node-utils');
 
   nodeUtils.readFile.mockImplementation(() => Promise.resolve('config value'));
-  const createReadConfigFile = (await import('./readConfigFile.js')).default;
+  const createReadConfigFile = (await import('./createReadConfigFile.js')).default;
   const readConfigFile = createReadConfigFile({ buildDirectory: '/build' });
   const res = await readConfigFile('file');
   expect(res).toEqual('config value');

packages/client/src/auth/createAuthMethods.js

@@ -47,8 +47,8 @@ function createAuthMethods(lowdefy, auth) {
     );
   }
   // TODO: fix callbackUrl
-  function logout({ callbackUrl }) {
-    auth.signOut({ callbackUrl: getCallbackUrl({ lowdefy, callbackUrl }) });
+  function logout() {
+    auth.signOut();
   }
   return {
     login,