TofuStack/src/lib/server/api/controllers/iam.controller.ts

import { setCookie } from 'hono/cookie';
import { inject, injectable } from 'tsyringe';
import { zValidator } from '@hono/zod-validator';
import { IamService } from '../services/iam.service';
import { limiter } from '../middlewares/rate-limiter.middlware';
import { requireAuth } from '../middlewares/auth.middleware';
import { Controler } from '../common/types/controller';
import { registerEmailDto } from '$lib/server/api/dtos/register-email.dto';
import { signInEmailDto } from '$lib/server/api/dtos/signin-email.dto';
import { updateEmailDto } from '$lib/server/api/dtos/update-email.dto';
import { verifyEmailDto } from '$lib/server/api/dtos/verify-email.dto';
import { LuciaService } from '../services/lucia.service';

@injectable()
export class IamController extends Controler {
	constructor(
		@inject(IamService) private iamService: IamService,
		@inject(LuciaService) private luciaService: LuciaService,
	) {
		super();
	}

	routes() {
		return this.controller
			.get('/user', async (c) => {
				const user = c.var.user;
				return c.json({ user: user });
			})
			.post('/login/request', zValidator('json', registerEmailDto), limiter({ limit: 10, minutes: 60 }), async (c) => {
				const { email } = c.req.valid('json');
				await this.iamService.createLoginRequest({ email });
				return c.json({ message: 'Verification email sent' });
			})
			.post('/login/verify', zValidator('json', signInEmailDto), limiter({ limit: 10, minutes: 60 }), async (c) => {
				const { email, token } = c.req.valid('json');
				const session = await this.iamService.verifyLoginRequest({ email, token });
				const sessionCookie = this.luciaService.lucia.createSessionCookie(session.id);
				setCookie(c, sessionCookie.name, sessionCookie.value, {
					path: sessionCookie.attributes.path,
					maxAge: sessionCookie.attributes.maxAge,
					domain: sessionCookie.attributes.domain,
					sameSite: sessionCookie.attributes.sameSite as any,
					secure: sessionCookie.attributes.secure,
					httpOnly: sessionCookie.attributes.httpOnly,
					expires: sessionCookie.attributes.expires
				});
				return c.json({ message: 'ok' });
			})
			.post('/logout', requireAuth, async (c) => {
				const sessionId = c.var.session.id;
				await this.iamService.logout(sessionId);
				const sessionCookie = this.luciaService.lucia.createBlankSessionCookie();
				setCookie(c, sessionCookie.name, sessionCookie.value, {
					path: sessionCookie.attributes.path,
					maxAge: sessionCookie.attributes.maxAge,
					domain: sessionCookie.attributes.domain,
					sameSite: sessionCookie.attributes.sameSite as any,
					secure: sessionCookie.attributes.secure,
					httpOnly: sessionCookie.attributes.httpOnly,
					expires: sessionCookie.attributes.expires
				});
				return c.json({ status: 'success' });
			})
			.patch('/email', requireAuth, zValidator('json', updateEmailDto), limiter({ limit: 10, minutes: 60 }), async (c) => {
				const json = c.req.valid('json');
				await this.iamService.dispatchEmailVerificationRequest(c.var.user.id, json.email);
				return c.json({ message: 'Verification email sent' });
			})
			// this could also be named to use custom methods, aka /email#verify
			// https://cloud.google.com/apis/design/custom_methods
			.post('/email/verification', requireAuth, zValidator('json', verifyEmailDto), limiter({ limit: 10, minutes: 60 }), async (c) => {
				const json = c.req.valid('json');
				await this.iamService.processEmailVerificationRequest(c.var.user.id, json.token);
				return c.json({ message: 'Verified and updated' });
			});
	}
}
Seperated iam logic into multiple services 2024-06-26 17:15:38 +00:00			`import { setCookie } from 'hono/cookie';`
added technical api structure 2024-05-25 06:02:26 +00:00			`import { inject, injectable } from 'tsyringe';`
			`import { zValidator } from '@hono/zod-validator';`
			`import { IamService } from '../services/iam.service';`
simplifying iam service 2024-08-07 15:13:36 +00:00			`import { limiter } from '../middlewares/rate-limiter.middlware';`
			`import { requireAuth } from '../middlewares/auth.middleware';`
removed providers in favor of services 2024-09-02 04:36:41 +00:00			`import { Controler } from '../common/types/controller';`
moved dtos within api folder 2024-09-01 21:32:50 +00:00			`import { registerEmailDto } from '$lib/server/api/dtos/register-email.dto';`
			`import { signInEmailDto } from '$lib/server/api/dtos/signin-email.dto';`
			`import { updateEmailDto } from '$lib/server/api/dtos/update-email.dto';`
			`import { verifyEmailDto } from '$lib/server/api/dtos/verify-email.dto';`
removed providers in favor of services 2024-09-02 04:36:41 +00:00			`import { LuciaService } from '../services/lucia.service';`
added technical api structure 2024-05-25 06:02:26 +00:00
			`@injectable()`
removed providers in favor of services 2024-09-02 04:36:41 +00:00			`export class IamController extends Controler {`
added technical api structure 2024-05-25 06:02:26 +00:00			`constructor(`
			`@inject(IamService) private iamService: IamService,`
removed providers in favor of services 2024-09-02 04:36:41 +00:00			`@inject(LuciaService) private luciaService: LuciaService,`
refactored controller and jobs 2024-08-31 17:54:31 +00:00			`) {`
			`super();`
			`}`
added technical api structure 2024-05-25 06:02:26 +00:00
Removed fragmented controllers in favor of hono's native chaining 2024-05-27 17:38:59 +00:00			`routes() {`
			`return this.controller`
			`.get('/user', async (c) => {`
			`const user = c.var.user;`
			`return c.json({ user: user });`
			`})`
Seperated iam logic into multiple services 2024-06-26 17:15:38 +00:00			`.post('/login/request', zValidator('json', registerEmailDto), limiter({ limit: 10, minutes: 60 }), async (c) => {`
added technical api structure 2024-05-25 06:02:26 +00:00			`const { email } = c.req.valid('json');`
combined all iam services 2024-08-07 15:19:21 +00:00			`await this.iamService.createLoginRequest({ email });`
added technical api structure 2024-05-25 06:02:26 +00:00			`return c.json({ message: 'Verification email sent' });`
Removed fragmented controllers in favor of hono's native chaining 2024-05-27 17:38:59 +00:00			`})`
Seperated iam logic into multiple services 2024-06-26 17:15:38 +00:00			`.post('/login/verify', zValidator('json', signInEmailDto), limiter({ limit: 10, minutes: 60 }), async (c) => {`
Removed fragmented controllers in favor of hono's native chaining 2024-05-27 17:38:59 +00:00			`const { email, token } = c.req.valid('json');`
combined all iam services 2024-08-07 15:19:21 +00:00			`const session = await this.iamService.verifyLoginRequest({ email, token });`
removed providers in favor of services 2024-09-02 04:36:41 +00:00			`const sessionCookie = this.luciaService.lucia.createSessionCookie(session.id);`
Removed fragmented controllers in favor of hono's native chaining 2024-05-27 17:38:59 +00:00			`setCookie(c, sessionCookie.name, sessionCookie.value, {`
			`path: sessionCookie.attributes.path,`
			`maxAge: sessionCookie.attributes.maxAge,`
			`domain: sessionCookie.attributes.domain,`
			`sameSite: sessionCookie.attributes.sameSite as any,`
			`secure: sessionCookie.attributes.secure,`
			`httpOnly: sessionCookie.attributes.httpOnly,`
			`expires: sessionCookie.attributes.expires`
			`});`
			`return c.json({ message: 'ok' });`
			`})`
			`.post('/logout', requireAuth, async (c) => {`
			`const sessionId = c.var.session.id;`
			`await this.iamService.logout(sessionId);`
removed providers in favor of services 2024-09-02 04:36:41 +00:00			`const sessionCookie = this.luciaService.lucia.createBlankSessionCookie();`
Removed fragmented controllers in favor of hono's native chaining 2024-05-27 17:38:59 +00:00			`setCookie(c, sessionCookie.name, sessionCookie.value, {`
			`path: sessionCookie.attributes.path,`
			`maxAge: sessionCookie.attributes.maxAge,`
			`domain: sessionCookie.attributes.domain,`
			`sameSite: sessionCookie.attributes.sameSite as any,`
			`secure: sessionCookie.attributes.secure,`
			`httpOnly: sessionCookie.attributes.httpOnly,`
			`expires: sessionCookie.attributes.expires`
			`});`
			`return c.json({ status: 'success' });`
			`})`
added owasp recommendations to IAM methods 2024-06-27 18:27:14 +00:00			`.patch('/email', requireAuth, zValidator('json', updateEmailDto), limiter({ limit: 10, minutes: 60 }), async (c) => {`
added technical api structure 2024-05-25 06:02:26 +00:00			`const json = c.req.valid('json');`
combined all iam services 2024-08-07 15:19:21 +00:00			`await this.iamService.dispatchEmailVerificationRequest(c.var.user.id, json.email);`
added technical api structure 2024-05-25 06:02:26 +00:00			`return c.json({ message: 'Verification email sent' });`
Removed fragmented controllers in favor of hono's native chaining 2024-05-27 17:38:59 +00:00			`})`
simplifying iam service 2024-08-07 15:13:36 +00:00			`// this could also be named to use custom methods, aka /email#verify`
added owasp recommendations to IAM methods 2024-06-27 18:27:14 +00:00			`// https://cloud.google.com/apis/design/custom_methods`
			`.post('/email/verification', requireAuth, zValidator('json', verifyEmailDto), limiter({ limit: 10, minutes: 60 }), async (c) => {`
added technical api structure 2024-05-25 06:02:26 +00:00			`const json = c.req.valid('json');`
combined all iam services 2024-08-07 15:19:21 +00:00			`await this.iamService.processEmailVerificationRequest(c.var.user.id, json.token);`
added technical api structure 2024-05-25 06:02:26 +00:00			`return c.json({ message: 'Verified and updated' });`
Removed fragmented controllers in favor of hono's native chaining 2024-05-27 17:38:59 +00:00			`});`
added technical api structure 2024-05-25 06:02:26 +00:00			`}`
			`}`