feat(auth): remove crypto-random-string in favour of @standardnotes/sncrypto-node
This commit is contained in:
Karol Sójko
parent
3e23d8d5d5
commit
35f931a708
6 changed files with 11 additions and 23 deletions
9
.pnp.cjs
generated
9
.pnp.cjs
generated
|
|
@ -2589,7 +2589,6 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
|
|||
["axios", "npm:0.27.2"],\
|
||||
["bcryptjs", "npm:2.4.3"],\
|
||||
["cors", "npm:2.8.5"],\
|
||||
["crypto-random-string", "npm:3.3.0"],\
|
||||
["dayjs", "npm:1.11.3"],\
|
||||
["dotenv", "npm:16.0.1"],\
|
||||
["eslint", "npm:8.19.0"],\
|
||||
|
|
@ -5509,14 +5508,6 @@ function $$SETUP_STATE(hydrateRuntimeState, basePath) {
|
|||
}]\
|
||||
]],\
|
||||
["crypto-random-string", [\
|
||||
["npm:3.3.0", {\
|
||||
"packageLocation": "./.yarn/cache/crypto-random-string-npm-3.3.0-4f73472f10-deff986631.zip/node_modules/crypto-random-string/",\
|
||||
"packageDependencies": [\
|
||||
["crypto-random-string", "npm:3.3.0"],\
|
||||
["type-fest", "npm:0.8.1"]\
|
||||
],\
|
||||
"linkType": "HARD"\
|
||||
}],\
|
||||
["npm:4.0.0", {\
|
||||
"packageLocation": "./.yarn/cache/crypto-random-string-npm-4.0.0-b9f0f76168-91f148f27b.zip/node_modules/crypto-random-string/",\
|
||||
"packageDependencies": [\
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -49,7 +49,6 @@
|
|||
"axios": "^0.27.2",
|
||||
"bcryptjs": "2.4.3",
|
||||
"cors": "2.8.5",
|
||||
"crypto-random-string": "3.3.0",
|
||||
"dayjs": "^1.11.3",
|
||||
"dotenv": "^16.0.1",
|
||||
"express": "^4.18.1",
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ import { RevokedSession } from './RevokedSession'
|
|||
import { SettingServiceInterface } from '../Setting/SettingServiceInterface'
|
||||
import { LogSessionUserAgentOption } from '@standardnotes/settings'
|
||||
import { Setting } from '../Setting/Setting'
|
||||
import { CryptoNode } from '@standardnotes/sncrypto-node'
|
||||
|
||||
describe('SessionService', () => {
|
||||
let sessionRepository: SessionRepositoryInterface
|
||||
|
|
@ -25,6 +26,7 @@ describe('SessionService', () => {
|
|||
let deviceDetector: UAParser
|
||||
let timer: TimerInterface
|
||||
let logger: winston.Logger
|
||||
let cryptoNode: CryptoNode
|
||||
|
||||
const createService = () =>
|
||||
new SessionService(
|
||||
|
|
@ -37,6 +39,7 @@ describe('SessionService', () => {
|
|||
123,
|
||||
234,
|
||||
settingService,
|
||||
cryptoNode,
|
||||
)
|
||||
|
||||
beforeEach(() => {
|
||||
|
|
@ -96,6 +99,10 @@ describe('SessionService', () => {
|
|||
logger.warn = jest.fn()
|
||||
logger.error = jest.fn()
|
||||
logger.debug = jest.fn()
|
||||
|
||||
cryptoNode = {} as jest.Mocked<CryptoNode>
|
||||
cryptoNode.generateRandomKey = jest.fn().mockReturnValue('foo bar')
|
||||
cryptoNode.base64URLEncode = jest.fn().mockReturnValue('foobar')
|
||||
})
|
||||
|
||||
it('should mark a revoked session as received', async () => {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
import * as crypto from 'crypto'
|
||||
import * as winston from 'winston'
|
||||
import * as dayjs from 'dayjs'
|
||||
import * as cryptoRandomString from 'crypto-random-string'
|
||||
import { UAParser } from 'ua-parser-js'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { v4 as uuidv4 } from 'uuid'
|
||||
|
|
@ -20,6 +19,7 @@ import { SettingServiceInterface } from '../Setting/SettingServiceInterface'
|
|||
import { LogSessionUserAgentOption, SettingName } from '@standardnotes/settings'
|
||||
import { SessionBody } from '@standardnotes/responses'
|
||||
import { Uuid } from '@standardnotes/common'
|
||||
import { CryptoNode } from '@standardnotes/sncrypto-node'
|
||||
|
||||
@injectable()
|
||||
export class SessionService implements SessionServiceInterface {
|
||||
|
|
@ -35,6 +35,7 @@ export class SessionService implements SessionServiceInterface {
|
|||
@inject(TYPES.ACCESS_TOKEN_AGE) private accessTokenAge: number,
|
||||
@inject(TYPES.REFRESH_TOKEN_AGE) private refreshTokenAge: number,
|
||||
@inject(TYPES.SettingService) private settingService: SettingServiceInterface,
|
||||
@inject(TYPES.CryptoNode) private cryptoNode: CryptoNode,
|
||||
) {}
|
||||
|
||||
async createNewSessionForUser(dto: {
|
||||
|
|
@ -263,8 +264,8 @@ export class SessionService implements SessionServiceInterface {
|
|||
}
|
||||
|
||||
private async createTokens(session: Session): Promise<SessionBody> {
|
||||
const accessToken = cryptoRandomString({ length: 16, type: 'url-safe' })
|
||||
const refreshToken = cryptoRandomString({ length: 16, type: 'url-safe' })
|
||||
const accessToken = this.cryptoNode.base64URLEncode(await this.cryptoNode.generateRandomKey(48))
|
||||
const refreshToken = this.cryptoNode.base64URLEncode(await this.cryptoNode.generateRandomKey(48))
|
||||
|
||||
const hashedAccessToken = crypto.createHash('sha256').update(accessToken).digest('hex')
|
||||
const hashedRefreshToken = crypto.createHash('sha256').update(refreshToken).digest('hex')
|
||||
|
|
|
|||
10
yarn.lock
10
yarn.lock
|
|
@ -1852,7 +1852,6 @@ __metadata:
|
|||
axios: ^0.27.2
|
||||
bcryptjs: 2.4.3
|
||||
cors: 2.8.5
|
||||
crypto-random-string: 3.3.0
|
||||
dayjs: ^1.11.3
|
||||
dotenv: ^16.0.1
|
||||
eslint: ^8.14.0
|
||||
|
|
@ -4219,15 +4218,6 @@ __metadata:
|
|||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"crypto-random-string@npm:3.3.0":
|
||||
version: 3.3.0
|
||||
resolution: "crypto-random-string@npm:3.3.0"
|
||||
dependencies:
|
||||
type-fest: ^0.8.1
|
||||
checksum: deff9866311a3a17ffd26ecdcebbbe9e1e12cf2fca5dd6e89993c9a03342d6da83f9f82cb0bfd7b31265d45eea710f376bc2af37bf3b053ef0cade920b8b04ba
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"crypto-random-string@npm:^4.0.0":
|
||||
version: 4.0.0
|
||||
resolution: "crypto-random-string@npm:4.0.0"
|
||||
|
|
|
|||
Loading…
Reference in a new issue