From 9c7820dc94ac1cf8dae056cb2373f22a3b13600a Mon Sep 17 00:00:00 2001 From: Evert Prants Date: Sat, 17 Sep 2022 10:13:52 +0300 Subject: [PATCH] move session to module --- src/main.ts | 50 +++++------ src/modules/api/admin/admin.module.ts | 54 ++++++------ .../api/admin/audit-admin.controller.ts | 3 +- .../api/admin/oauth2-admin.controller.ts | 3 +- .../api/admin/privilege-admin.controller.ts | 3 +- .../api/admin/user-admin.controller.ts | 3 +- src/modules/api/api.controller.ts | 19 +++++ .../static-front-end/login/login.module.ts | 28 ++++--- .../oauth2-router/oauth2-router.module.ts | 14 +++- .../register/register.module.ts | 27 +++--- .../session/session.module.ts | 10 +++ .../session/session.providers.ts | 49 +++++++++++ .../settings/settings.module.ts | 84 +++++++++---------- .../static-front-end.module.ts | 2 + .../two-factor/two-factor.module.ts | 20 +++-- 15 files changed, 227 insertions(+), 142 deletions(-) create mode 100644 src/modules/static-front-end/session/session.module.ts create mode 100644 src/modules/static-front-end/session/session.providers.ts diff --git a/src/main.ts b/src/main.ts index f71aa7b..a8180b5 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,9 +1,6 @@ import { NestFactory } from '@nestjs/core'; import { AppModule } from './app.module'; import * as dotenv from 'dotenv'; -import * as session from 'express-session'; -import * as connectRedis from 'connect-redis'; -import * as redis from 'redis'; import * as cookieParser from 'cookie-parser'; import { join } from 'path'; import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger'; @@ -11,6 +8,7 @@ import { NestExpressApplication } from '@nestjs/platform-express'; import { AdminApiModule } from './modules/api/admin/admin.module'; import { OAuth2RouterModule } from './modules/static-front-end/oauth2-router/oauth2-router.module'; import { ConfigurationService } from './modules/config/config.service'; +import { ApiModule } from './modules/api/api.module'; dotenv.config(); @@ -23,20 +21,33 @@ async function bootstrap() { .setTitle('Icy Network Authentication Server') .setDescription('Central authentication and management server') .setVersion('1.0') + .addTag('api') .addTag('admin') .addTag('oauth2') + .addBearerAuth() + .addOAuth2({ + type: 'oauth2', + flows: { + authorizationCode: { + authorizationUrl: '/oauth2/authorize', + tokenUrl: '/oauth2/token', + scopes: { + email: 'Access email address', + image: 'Access profile picture', + privileges: 'List of user privileges', + management: 'Administrative access', + openid: 'Get ID token', + }, + }, + }, + }) .build(); - const document = SwaggerModule.createDocument(app, docBuilder, { - include: [AdminApiModule, OAuth2RouterModule], - }); - SwaggerModule.setup('api', app, document); - const RedisStore = connectRedis(session); - const redisClient = redis.createClient({ - url: process.env.REDIS_URL || 'redis://localhost:6379', - legacyMode: true, + const document = SwaggerModule.createDocument(app, docBuilder, { + include: [ApiModule, AdminApiModule, OAuth2RouterModule], }); - redisClient.connect(); + + SwaggerModule.setup('api/openapi', app, document); // app.use(express.urlencoded()); app.use(cookieParser()); @@ -47,21 +58,6 @@ async function bootstrap() { app.disable('x-powered-by'); } - app.use( - /\/((?!api).)*/, - session({ - name: config.get('app.session_name'), - secret: config.get('app.session_secret'), - resave: true, - saveUninitialized: false, - store: new RedisStore({ client: redisClient }), - cookie: { - sameSite: 'strict', - secure: process.env.NODE_ENV === 'production', - }, - }), - ); - app.useStaticAssets(join(__dirname, '..', 'public'), { prefix: '/public/', }); diff --git a/src/modules/api/admin/admin.module.ts b/src/modules/api/admin/admin.module.ts index c335816..4459095 100644 --- a/src/modules/api/admin/admin.module.ts +++ b/src/modules/api/admin/admin.module.ts @@ -3,7 +3,6 @@ import { MulterModule } from '@nestjs/platform-express'; import * as multer from 'multer'; import * as mime from 'mime-types'; import { join } from 'path'; -import { ConfigurationService } from '../../config/config.service'; import { OAuth2Module } from 'src/modules/oauth2/oauth2.module'; import { ObjectsModule } from 'src/modules/objects/objects.module'; import { OAuth2AdminController } from './oauth2-admin.controller'; @@ -23,37 +22,34 @@ import { AuditAdminController } from './audit-admin.controller'; imports: [ ObjectsModule, OAuth2Module, + ConfigurationModule, MulterModule.registerAsync({ - imports: [ConfigurationModule], - useFactory: async () => { - return { - storage: multer.diskStorage({ - destination: (req, file, cb) => { - cb(null, join(__dirname, '..', '..', '..', '..', 'uploads')); - }, - filename: (req, file, cb) => { - const hashTruncate = req.user.uuid.split('-')[0]; - const timestamp = Math.floor(Date.now() / 1000); - const ext = mime.extension(file.mimetype); - cb(null, `app-${hashTruncate}-${timestamp}.${ext}`); - }, - }), - limits: { - fileSize: 1.049e7, // 10 MiB + useFactory: async () => ({ + storage: multer.diskStorage({ + destination: (req, file, cb) => { + cb(null, join(__dirname, '..', '..', '..', '..', 'uploads')); }, - fileFilter: (req, file, cb) => { - if ( - !file.mimetype.startsWith('image/') || - file.mimetype.includes('svg') - ) { - return cb(new Error('Invalid file type.'), false); - } + filename: (req, file, cb) => { + const hashTruncate = req.user.uuid.split('-')[0]; + const timestamp = Math.floor(Date.now() / 1000); + const ext = mime.extension(file.mimetype); + cb(null, `app-${hashTruncate}-${timestamp}.${ext}`); + }, + }), + limits: { + fileSize: 1.049e7, // 10 MiB + }, + fileFilter: (req, file, cb) => { + if ( + !file.mimetype.startsWith('image/') || + file.mimetype.includes('svg') + ) { + return cb(new Error('Invalid file type.'), false); + } - cb(null, true); - }, - }; - }, - inject: [ConfigurationService], + cb(null, true); + }, + }), }), ], providers: [AdminService], diff --git a/src/modules/api/admin/audit-admin.controller.ts b/src/modules/api/admin/audit-admin.controller.ts index 6ac389b..c4a757e 100644 --- a/src/modules/api/admin/audit-admin.controller.ts +++ b/src/modules/api/admin/audit-admin.controller.ts @@ -1,5 +1,5 @@ import { Controller, Get, Query, UseGuards } from '@nestjs/common'; -import { ApiBearerAuth, ApiTags } from '@nestjs/swagger'; +import { ApiBearerAuth, ApiOAuth2, ApiTags } from '@nestjs/swagger'; import { Privileges } from 'src/decorators/privileges.decorator'; import { Scopes } from 'src/decorators/scopes.decorator'; import { OAuth2Guard } from 'src/guards/oauth2.guard'; @@ -14,6 +14,7 @@ import { PageOptions } from 'src/types/pagination.interfaces'; @ApiBearerAuth() @ApiTags('admin') +@ApiOAuth2(['management']) @Controller('/api/admin/audit') @UseGuards(OAuth2Guard, PrivilegesGuard, ScopesGuard) export class AuditAdminController { diff --git a/src/modules/api/admin/oauth2-admin.controller.ts b/src/modules/api/admin/oauth2-admin.controller.ts index b9e956b..03c93da 100644 --- a/src/modules/api/admin/oauth2-admin.controller.ts +++ b/src/modules/api/admin/oauth2-admin.controller.ts @@ -15,7 +15,7 @@ import { UseGuards, UseInterceptors, } from '@nestjs/common'; -import { ApiBearerAuth, ApiTags } from '@nestjs/swagger'; +import { ApiBearerAuth, ApiOAuth2, ApiTags } from '@nestjs/swagger'; import { FileInterceptor } from '@nestjs/platform-express'; import { unlink } from 'fs/promises'; import { Privileges } from 'src/decorators/privileges.decorator'; @@ -57,6 +57,7 @@ const REQUIRED_CLIENT_FIELDS = ['title', 'grants', 'activated']; @ApiBearerAuth() @ApiTags('admin') +@ApiOAuth2(['management']) @Controller('/api/admin/oauth2') @UseGuards(OAuth2Guard, PrivilegesGuard, ScopesGuard) export class OAuth2AdminController { diff --git a/src/modules/api/admin/privilege-admin.controller.ts b/src/modules/api/admin/privilege-admin.controller.ts index 8af8794..ac57727 100644 --- a/src/modules/api/admin/privilege-admin.controller.ts +++ b/src/modules/api/admin/privilege-admin.controller.ts @@ -6,7 +6,7 @@ import { Post, UseGuards, } from '@nestjs/common'; -import { ApiBearerAuth, ApiTags } from '@nestjs/swagger'; +import { ApiBearerAuth, ApiOAuth2, ApiTags } from '@nestjs/swagger'; import { Privileges } from 'src/decorators/privileges.decorator'; import { Scopes } from 'src/decorators/scopes.decorator'; import { OAuth2Guard } from 'src/guards/oauth2.guard'; @@ -16,6 +16,7 @@ import { PrivilegeService } from 'src/modules/objects/privilege/privilege.servic @ApiBearerAuth() @ApiTags('admin') +@ApiOAuth2(['management']) @Controller('/api/admin/privileges') @UseGuards(OAuth2Guard, PrivilegesGuard, ScopesGuard) export class PrivilegeAdminController { diff --git a/src/modules/api/admin/user-admin.controller.ts b/src/modules/api/admin/user-admin.controller.ts index 235085a..1168851 100644 --- a/src/modules/api/admin/user-admin.controller.ts +++ b/src/modules/api/admin/user-admin.controller.ts @@ -12,7 +12,7 @@ import { Query, UseGuards, } from '@nestjs/common'; -import { ApiBearerAuth, ApiTags } from '@nestjs/swagger'; +import { ApiBearerAuth, ApiOAuth2, ApiTags } from '@nestjs/swagger'; import { Privileges } from 'src/decorators/privileges.decorator'; import { Scopes } from 'src/decorators/scopes.decorator'; import { OAuth2Guard } from 'src/guards/oauth2.guard'; @@ -29,6 +29,7 @@ const RELATIONS = ['picture', 'privileges']; @ApiBearerAuth() @ApiTags('admin') +@ApiOAuth2(['management']) @Controller('/api/admin/users') @UseGuards(OAuth2Guard, PrivilegesGuard, ScopesGuard) export class UserAdminController { diff --git a/src/modules/api/api.controller.ts b/src/modules/api/api.controller.ts index 8d494b0..7df4feb 100644 --- a/src/modules/api/api.controller.ts +++ b/src/modules/api/api.controller.ts @@ -19,7 +19,9 @@ import { OAuth2ClientService } from '../objects/oauth2-client/oauth2-client.serv import { User } from '../objects/user/user.entity'; import { FormUtilityService } from '../utility/services/form-utility.service'; import { UploadService } from '../objects/upload/upload.service'; +import { ApiBearerAuth, ApiTags } from '@nestjs/swagger'; +@ApiTags('api') @Controller({ path: '/api', }) @@ -31,7 +33,22 @@ export class ApiController { private _upload: UploadService, ) {} + @Get() + welcome() { + return { + welcome: { to: 'Icy Network!' }, + api: true, + oauth2: { + authorizationUrl: '/oauth2/authorize', + tokenUrl: '/oauth2/token', + userUrl: '/api/user', + }, + swaggerdoc: '/api/openapi', + }; + } + @Get('/user') + @ApiBearerAuth() @UseGuards(OAuth2Guard) getCurrentUser(@CurrentUser() user: User, @Scope() scopeStr: string) { const scope = scopeStr.split(' '); @@ -73,6 +90,7 @@ export class ApiController { } @Get('/client') + @ApiBearerAuth() @UseGuards(OAuth2Guard, ScopesGuard) async getCurrentClient(@Bearer() token: OAuth2AccessToken) { const client = await this._oaClient.getById(token.client_id, [ @@ -90,6 +108,7 @@ export class ApiController { } @Get('/upload/:file') + @ApiBearerAuth() @UseGuards(OAuth2Guard) async sendFile(@Param('file') fileName: string) { const cleanFile = decodeURI(fileName).replace(/(\&(.*))/, ''); diff --git a/src/modules/static-front-end/login/login.module.ts b/src/modules/static-front-end/login/login.module.ts index c6adab5..ba012a8 100644 --- a/src/modules/static-front-end/login/login.module.ts +++ b/src/modules/static-front-end/login/login.module.ts @@ -1,9 +1,5 @@ -import { - MiddlewareConsumer, - Module, - NestModule, - RequestMethod, -} from '@nestjs/common'; +import { Inject, MiddlewareConsumer, Module, NestModule } from '@nestjs/common'; +import { RequestHandler } from 'express'; import { CSRFMiddleware } from 'src/middleware/csrf.middleware'; import { FlashMiddleware } from 'src/middleware/flash.middleware'; import { UserMiddleware } from 'src/middleware/user.middleware'; @@ -11,19 +7,25 @@ import { ValidateCSRFMiddleware } from 'src/middleware/validate-csrf.middleware' import { AuditModule } from 'src/modules/objects/audit/audit.module'; import { UserTokenModule } from 'src/modules/objects/user-token/user-token.module'; import { UserModule } from 'src/modules/objects/user/user.module'; +import { SessionModule } from '../session/session.module'; import { LoginController } from './login.controller'; @Module({ - imports: [UserModule, UserTokenModule, AuditModule], + imports: [UserModule, UserTokenModule, AuditModule, SessionModule], controllers: [LoginController], }) export class LoginModule implements NestModule { - configure(consumer: MiddlewareConsumer) { - consumer.apply(CSRFMiddleware, UserMiddleware).forRoutes(LoginController); - consumer - .apply(ValidateCSRFMiddleware) - .forRoutes({ path: 'login*', method: RequestMethod.POST }); + constructor(@Inject('SESSION') private _session: RequestHandler) {} - consumer.apply(FlashMiddleware).forRoutes('login*'); + configure(consumer: MiddlewareConsumer) { + consumer + .apply( + this._session, + CSRFMiddleware, + FlashMiddleware, + UserMiddleware, + ValidateCSRFMiddleware, + ) + .forRoutes(LoginController); } } diff --git a/src/modules/static-front-end/oauth2-router/oauth2-router.module.ts b/src/modules/static-front-end/oauth2-router/oauth2-router.module.ts index f44d05a..bb8b6fb 100644 --- a/src/modules/static-front-end/oauth2-router/oauth2-router.module.ts +++ b/src/modules/static-front-end/oauth2-router/oauth2-router.module.ts @@ -1,4 +1,5 @@ -import { MiddlewareConsumer, Module, NestModule } from '@nestjs/common'; +import { Inject, MiddlewareConsumer, Module, NestModule } from '@nestjs/common'; +import { RequestHandler } from 'express'; // import * as cors from 'cors'; import { AuthMiddleware } from 'src/middleware/auth.middleware'; import { CSRFMiddleware } from 'src/middleware/csrf.middleware'; @@ -7,26 +8,31 @@ import { ValidateCSRFMiddleware } from 'src/middleware/validate-csrf.middleware' import { OAuth2Module } from 'src/modules/oauth2/oauth2.module'; import { OAuth2Service } from 'src/modules/oauth2/oauth2.service'; import { UserModule } from 'src/modules/objects/user/user.module'; +import { SessionModule } from '../session/session.module'; import { OAuth2Controller } from './oauth2-router.controller'; @Module({ controllers: [OAuth2Controller], - imports: [OAuth2Module, UserModule], + imports: [OAuth2Module, UserModule, SessionModule], }) export class OAuth2RouterModule implements NestModule { // private corsOpts = cors({ origin: true, credentials: true }); - constructor(private _service: OAuth2Service) {} + constructor( + private _service: OAuth2Service, + @Inject('SESSION') private _session: RequestHandler, + ) {} configure(consumer: MiddlewareConsumer) { consumer .apply( + this._session, CSRFMiddleware, UserMiddleware, AuthMiddleware, ValidateCSRFMiddleware, ) - .forRoutes('oauth2/authorize'); + .forRoutes('/oauth2/authorize'); // consumer // .apply(this.corsOpts) diff --git a/src/modules/static-front-end/register/register.module.ts b/src/modules/static-front-end/register/register.module.ts index 77f6edb..c1ae004 100644 --- a/src/modules/static-front-end/register/register.module.ts +++ b/src/modules/static-front-end/register/register.module.ts @@ -1,31 +1,30 @@ -import { - MiddlewareConsumer, - Module, - NestModule, - RequestMethod, -} from '@nestjs/common'; +import { Inject, MiddlewareConsumer, Module, NestModule } from '@nestjs/common'; +import { RequestHandler } from 'express'; import { CSRFMiddleware } from 'src/middleware/csrf.middleware'; import { FlashMiddleware } from 'src/middleware/flash.middleware'; import { UserMiddleware } from 'src/middleware/user.middleware'; import { ValidateCSRFMiddleware } from 'src/middleware/validate-csrf.middleware'; import { AuditModule } from 'src/modules/objects/audit/audit.module'; import { UserModule } from 'src/modules/objects/user/user.module'; +import { SessionModule } from '../session/session.module'; import { RegisterController } from './register.controller'; @Module({ - imports: [UserModule, AuditModule], + imports: [UserModule, AuditModule, SessionModule], controllers: [RegisterController], }) export class RegisterModule implements NestModule { + constructor(@Inject('SESSION') private _session: RequestHandler) {} + configure(consumer: MiddlewareConsumer) { consumer - .apply(CSRFMiddleware, UserMiddleware) + .apply( + this._session, + CSRFMiddleware, + FlashMiddleware, + UserMiddleware, + ValidateCSRFMiddleware, + ) .forRoutes(RegisterController); - - consumer - .apply(ValidateCSRFMiddleware) - .forRoutes({ path: 'register*', method: RequestMethod.POST }); - - consumer.apply(FlashMiddleware).forRoutes('register*'); } } diff --git a/src/modules/static-front-end/session/session.module.ts b/src/modules/static-front-end/session/session.module.ts new file mode 100644 index 0000000..adda335 --- /dev/null +++ b/src/modules/static-front-end/session/session.module.ts @@ -0,0 +1,10 @@ +import { Module } from '@nestjs/common'; +import { ConfigurationModule } from 'src/modules/config/config.module'; +import { sessionProviders } from './session.providers'; + +@Module({ + providers: [...sessionProviders], + exports: [...sessionProviders], + imports: [ConfigurationModule], +}) +export class SessionModule {} diff --git a/src/modules/static-front-end/session/session.providers.ts b/src/modules/static-front-end/session/session.providers.ts new file mode 100644 index 0000000..98dd49d --- /dev/null +++ b/src/modules/static-front-end/session/session.providers.ts @@ -0,0 +1,49 @@ +import { FactoryProvider } from '@nestjs/common'; +import { ConfigurationService } from 'src/modules/config/config.service'; + +import * as session from 'express-session'; +import * as connectRedis from 'connect-redis'; +import * as redis from 'redis'; +import { RequestHandler } from 'express'; + +export const sessionProviders = [ + { + provide: 'SESSION_STORE', + useFactory: async ( + config: ConfigurationService, + ): Promise => { + const RedisStore = connectRedis(session); + const redisClient = redis.createClient({ + url: + process.env.REDIS_URL || + config.get('app.redis_url') || + 'redis://localhost:6379', + legacyMode: true, + }); + + await redisClient.connect(); + + return new RedisStore({ client: redisClient }); + }, + inject: [ConfigurationService], + } as FactoryProvider, + { + provide: 'SESSION', + useFactory: ( + store: connectRedis.RedisStore, + config: ConfigurationService, + ) => + session({ + name: config.get('app.session_name'), + secret: config.get('app.session_secret'), + resave: true, + saveUninitialized: false, + store, + cookie: { + sameSite: 'strict', + secure: process.env.NODE_ENV === 'production', + }, + }), + inject: ['SESSION_STORE', ConfigurationService], + } as FactoryProvider, +]; diff --git a/src/modules/static-front-end/settings/settings.module.ts b/src/modules/static-front-end/settings/settings.module.ts index 7210db7..d81505d 100644 --- a/src/modules/static-front-end/settings/settings.module.ts +++ b/src/modules/static-front-end/settings/settings.module.ts @@ -1,9 +1,4 @@ -import { - MiddlewareConsumer, - Module, - NestModule, - RequestMethod, -} from '@nestjs/common'; +import { Inject, MiddlewareConsumer, Module, NestModule } from '@nestjs/common'; import { MulterModule } from '@nestjs/platform-express'; import * as multer from 'multer'; import * as mime from 'mime-types'; @@ -12,7 +7,6 @@ import { AuthMiddleware } from 'src/middleware/auth.middleware'; import { FlashMiddleware } from 'src/middleware/flash.middleware'; import { ValidateCSRFMiddleware } from 'src/middleware/validate-csrf.middleware'; import { ConfigurationModule } from 'src/modules/config/config.module'; -import { ConfigurationService } from 'src/modules/config/config.service'; import { UploadModule } from 'src/modules/objects/upload/upload.module'; import { UserModule } from 'src/modules/objects/user/user.module'; import { OAuth2TokenModule } from 'src/modules/objects/oauth2-token/oauth2-token.module'; @@ -24,6 +18,8 @@ import { SettingsService } from './settings.service'; import { CSRFMiddleware } from 'src/middleware/csrf.middleware'; import { UserMiddleware } from 'src/middleware/user.middleware'; import { AuditModule } from 'src/modules/objects/audit/audit.module'; +import { RequestHandler } from 'express'; +import { SessionModule } from '../session/session.module'; @Module({ controllers: [SettingsController], @@ -32,59 +28,55 @@ import { AuditModule } from 'src/modules/objects/audit/audit.module'; UploadModule, UserModule, UserTokenModule, + SessionModule, AuditModule, OAuth2Module, OAuth2ClientModule, OAuth2TokenModule, MulterModule.registerAsync({ - imports: [ConfigurationModule], - useFactory: async (config: ConfigurationService) => { - return { - storage: multer.diskStorage({ - destination: (req, file, cb) => { - cb(null, join(__dirname, '..', '..', '..', '..', 'uploads')); - }, - filename: (req, file, cb) => { - const hashTruncate = req.user.uuid.split('-')[0]; - const timestamp = Math.floor(Date.now() / 1000); - const ext = mime.extension(file.mimetype); - cb(null, `user-${hashTruncate}-${timestamp}.${ext}`); - }, - }), - limits: { - fileSize: 1.049e7, // 10 MiB + useFactory: async () => ({ + storage: multer.diskStorage({ + destination: (req, file, cb) => { + cb(null, join(__dirname, '..', '..', '..', '..', 'uploads')); }, - fileFilter: (req, file, cb) => { - if ( - !file.mimetype.startsWith('image/') || - file.mimetype.includes('svg') - ) { - return cb(new Error('Invalid file type.'), false); - } + filename: (req, file, cb) => { + const hashTruncate = req.user.uuid.split('-')[0]; + const timestamp = Math.floor(Date.now() / 1000); + const ext = mime.extension(file.mimetype); + cb(null, `user-${hashTruncate}-${timestamp}.${ext}`); + }, + }), + limits: { + fileSize: 1.049e7, // 10 MiB + }, + fileFilter: (req, file, cb) => { + if ( + !file.mimetype.startsWith('image/') || + file.mimetype.includes('svg') + ) { + return cb(new Error('Invalid file type.'), false); + } - cb(null, true); - }, - }; - }, - inject: [ConfigurationService], + cb(null, true); + }, + }), }), ], providers: [SettingsService], }) export class SettingsModule implements NestModule { + constructor(@Inject('SESSION') private _session: RequestHandler) {} + configure(consumer: MiddlewareConsumer) { consumer - .apply(CSRFMiddleware, UserMiddleware) + .apply( + this._session, + CSRFMiddleware, + FlashMiddleware, + UserMiddleware, + AuthMiddleware, + ValidateCSRFMiddleware, + ) .forRoutes(SettingsController); - consumer - .apply(ValidateCSRFMiddleware) - .forRoutes( - { path: '/account*', method: RequestMethod.POST }, - { path: '/account*', method: RequestMethod.PATCH }, - { path: '/account*', method: RequestMethod.DELETE }, - ); - - consumer.apply(AuthMiddleware).forRoutes('account*'); - consumer.apply(FlashMiddleware).forRoutes('account*'); } } diff --git a/src/modules/static-front-end/static-front-end.module.ts b/src/modules/static-front-end/static-front-end.module.ts index d668ccd..af16fb2 100644 --- a/src/modules/static-front-end/static-front-end.module.ts +++ b/src/modules/static-front-end/static-front-end.module.ts @@ -6,11 +6,13 @@ import { ObjectsModule } from '../objects/objects.module'; import { LoginModule } from './login/login.module'; import { OAuth2RouterModule } from './oauth2-router/oauth2-router.module'; import { RegisterModule } from './register/register.module'; +import { SessionModule } from './session/session.module'; import { SettingsModule } from './settings/settings.module'; import { TwoFactorModule } from './two-factor/two-factor.module'; @Module({ imports: [ + SessionModule, ConfigurationModule, JWTModule, diff --git a/src/modules/static-front-end/two-factor/two-factor.module.ts b/src/modules/static-front-end/two-factor/two-factor.module.ts index 9191a00..73ec6c7 100644 --- a/src/modules/static-front-end/two-factor/two-factor.module.ts +++ b/src/modules/static-front-end/two-factor/two-factor.module.ts @@ -1,23 +1,33 @@ -import { MiddlewareConsumer, Module, NestModule } from '@nestjs/common'; +import { Inject, MiddlewareConsumer, Module, NestModule } from '@nestjs/common'; +import { RequestHandler } from 'express'; import { AuthMiddleware } from 'src/middleware/auth.middleware'; import { CSRFMiddleware } from 'src/middleware/csrf.middleware'; import { FlashMiddleware } from 'src/middleware/flash.middleware'; import { UserMiddleware } from 'src/middleware/user.middleware'; +import { ValidateCSRFMiddleware } from 'src/middleware/validate-csrf.middleware'; import { AuditModule } from 'src/modules/objects/audit/audit.module'; import { UserTokenModule } from 'src/modules/objects/user-token/user-token.module'; import { UserModule } from 'src/modules/objects/user/user.module'; +import { SessionModule } from '../session/session.module'; import { TwoFactorController } from './two-factor.controller'; @Module({ - imports: [UserModule, UserTokenModule, AuditModule], + imports: [UserModule, UserTokenModule, AuditModule, SessionModule], controllers: [TwoFactorController], }) export class TwoFactorModule implements NestModule { + constructor(@Inject('SESSION') private _session: RequestHandler) {} + configure(consumer: MiddlewareConsumer) { consumer - .apply(CSRFMiddleware, UserMiddleware) + .apply( + this._session, + CSRFMiddleware, + UserMiddleware, + AuthMiddleware, + FlashMiddleware, + ValidateCSRFMiddleware, + ) .forRoutes(TwoFactorController); - consumer.apply(AuthMiddleware).forRoutes('account/two-factor/activate'); - consumer.apply(FlashMiddleware).forRoutes('account/two-factor/activate'); } }