feat(medusa): Authentication overhaul (#4064)

* implemented bearer auth * changed naming strat * changed session auth to not use jwt * typo * changed auth header prefix for admin api token auth * fixed supporting functions to work with new session type * removed database calls for bearer auth improving performance * removed unused deps * changed auth in tests * added integration tests * Accepted suggested change Co-authored-by: Carlos R. L. Rodrigues <37986729+carlos-r-l-rodrigues@users.noreply.github.com> * Typo Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * more typos Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * proper formatting Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * removed endregion Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * removed startregion Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * fixed admin JWT integration test * added more fixes to integration tests * Update OAS * Create fluffy-donkeys-hope.md * created API reference for new auth * implemented getToken in medusa-js * Apply suggestions from code review Co-authored-by: Shahed Nasser <shahednasser@gmail.com> * Apply suggestions from code review Co-authored-by: Shahed Nasser <shahednasser@gmail.com> * deleted files which should be autogenerated * Update fluffy-donkeys-hope.md * JSDoc update Co-authored-by: Oli Juhl <59018053+olivermrbl@users.noreply.github.com> * added missing route exports * implemented runtime domain safety in jwt token manager * fixed jwt manager * lint get-token files * Update fluffy-donkeys-hope.md * Revert "deleted files which should be autogenerated" This reverts commit cd5e86623b822e6a6ac37322b952143ccc493df9. * Revert "Apply suggestions from code review" This reverts commit f02f07ce58fd9fcc2dfc80cadbb9df2665108d65. * Revert "created API reference for new auth" This reverts commit c9eafbb36453f5cf8047c79e94f470cb2d023c7d. * renamed header for sending api access tokens * medusa-js - changed apiKey header --------- Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> Co-authored-by: Carlos R. L. Rodrigues <37986729+carlos-r-l-rodrigues@users.noreply.github.com> Co-authored-by: olivermrbl <oliver@mrbltech.com> Co-authored-by: Shahed Nasser <shahednasser@gmail.com>
2023-09-25 19:57:44 +02:00
parent 07e65f5aba
commit 2caff2efc7
98 changed files with 864 additions and 351 deletions
--- a/integration-tests/api/tests/taxes/admin-tax-rates.js
+++ b/integration-tests/api/tests/taxes/admin-tax-rates.js
@@ -48,7 +48,7 @@ describe("/admin/tax-rates", () => {

    const response = await api.get("/admin/tax-rates", {
      headers: {
-        authorization: "Bearer test_token",
+        "x-medusa-access-token": "test_token",
      },
    })

@@ -66,7 +66,7 @@ describe("/admin/tax-rates", () => {
      `/admin/tax-rates?fields[]=rate&fields[]=product_count&fields[]=id&expand[]=products&rate[gt]=80`,
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -85,7 +85,7 @@ describe("/admin/tax-rates", () => {
      `/admin/tax-rates?region_id[]=${regions[0].id}&region_id[]=${regions[1].id}`,
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -106,7 +106,7 @@ describe("/admin/tax-rates", () => {

    const response = await api.get(`/admin/tax-rates/${tax_rates[0].id}`, {
      headers: {
-        authorization: "Bearer test_token",
+        "x-medusa-access-token": "test_token",
      },
    })

@@ -129,7 +129,7 @@ describe("/admin/tax-rates", () => {
      `/admin/tax-rates/${tax_rates[0].id}?fields[]=id&fields[]=region_id`,
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -159,7 +159,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -191,7 +191,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -231,7 +231,7 @@ describe("/admin/tax-rates", () => {
        },
        {
          headers: {
-            authorization: "Bearer test_token",
+            "x-medusa-access-token": "test_token",
          },
        }
      )
@@ -260,7 +260,7 @@ describe("/admin/tax-rates", () => {
        },
        {
          headers: {
-            authorization: "Bearer test_token",
+            "x-medusa-access-token": "test_token",
          },
        }
      )
@@ -294,7 +294,7 @@ describe("/admin/tax-rates", () => {
        },
        {
          headers: {
-            authorization: "Bearer test_token",
+            "x-medusa-access-token": "test_token",
          },
        }
      )
@@ -330,7 +330,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -361,7 +361,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -391,7 +391,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -425,7 +425,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -460,7 +460,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -499,7 +499,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -530,7 +530,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -566,7 +566,7 @@ describe("/admin/tax-rates", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -595,7 +595,7 @@ describe("/admin/tax-rates", () => {
    const api = useApi()
    const response = await api.delete(`/admin/tax-rates/${rate.id}`, {
      headers: {
-        authorization: "Bearer test_token",
+        "x-medusa-access-token": "test_token",
      },
    })

--- a/integration-tests/api/tests/taxes/shipping-options.js
+++ b/integration-tests/api/tests/taxes/shipping-options.js
@@ -60,7 +60,7 @@ describe("Shipping Options Totals Calculations", () => {

    const res = await api.get(`/admin/shipping-options`, {
      headers: {
-        Authorization: `Bearer test_token`,
+        "x-medusa-access-token": "test_token",
      },
    })