feat(medusa): Authentication overhaul (#4064)
* implemented bearer auth * changed naming strat * changed session auth to not use jwt * typo * changed auth header prefix for admin api token auth * fixed supporting functions to work with new session type * removed database calls for bearer auth improving performance * removed unused deps * changed auth in tests * added integration tests * Accepted suggested change Co-authored-by: Carlos R. L. Rodrigues <37986729+carlos-r-l-rodrigues@users.noreply.github.com> * Typo Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * more typos Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * proper formatting Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * removed endregion Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * removed startregion Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * fixed admin JWT integration test * added more fixes to integration tests * Update OAS * Create fluffy-donkeys-hope.md * created API reference for new auth * implemented getToken in medusa-js * Apply suggestions from code review Co-authored-by: Shahed Nasser <shahednasser@gmail.com> * Apply suggestions from code review Co-authored-by: Shahed Nasser <shahednasser@gmail.com> * deleted files which should be autogenerated * Update fluffy-donkeys-hope.md * JSDoc update Co-authored-by: Oli Juhl <59018053+olivermrbl@users.noreply.github.com> * added missing route exports * implemented runtime domain safety in jwt token manager * fixed jwt manager * lint get-token files * Update fluffy-donkeys-hope.md * Revert "deleted files which should be autogenerated" This reverts commit cd5e86623b822e6a6ac37322b952143ccc493df9. * Revert "Apply suggestions from code review" This reverts commit f02f07ce58fd9fcc2dfc80cadbb9df2665108d65. * Revert "created API reference for new auth" This reverts commit c9eafbb36453f5cf8047c79e94f470cb2d023c7d. * renamed header for sending api access tokens * medusa-js - changed apiKey header --------- Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> Co-authored-by: Carlos R. L. Rodrigues <37986729+carlos-r-l-rodrigues@users.noreply.github.com> Co-authored-by: olivermrbl <oliver@mrbltech.com> Co-authored-by: Shahed Nasser <shahednasser@gmail.com>
This commit is contained in:
David Preininger
GitHub
@@ -13,7 +13,7 @@ const { simpleSalesChannelFactory } = require("../../../../factories")
|
||||
|
||||
jest.setTimeout(30000)
|
||||
|
||||
const adminHeaders = { headers: { Authorization: "Bearer test_token" } }
|
||||
const adminHeaders = { headers: { "x-medusa-access-token": "test_token" } }
|
||||
|
||||
describe("/store/carts", () => {
|
||||
let express
|
||||
|
||||
@@ -14,7 +14,7 @@ const {
|
||||
simpleProductFactory,
|
||||
simpleOrderFactory,
|
||||
} = require("../../../../factories")
|
||||
const adminHeaders = { headers: { Authorization: "Bearer test_token" } }
|
||||
const adminHeaders = { headers: { "x-medusa-access-token": "test_token" } }
|
||||
|
||||
describe("Inventory Items endpoints", () => {
|
||||
let appContainer
|
||||
@@ -682,7 +682,7 @@ describe("Inventory Items endpoints", () => {
|
||||
],
|
||||
prices: [{ currency_code: "usd", amount: 100 }],
|
||||
},
|
||||
{ headers: { Authorization: "Bearer test_token" } }
|
||||
{ headers: { "x-medusa-access-token": "test_token" } }
|
||||
)
|
||||
|
||||
const secondVariantId = response.data.product.variants.find(
|
||||
@@ -720,7 +720,7 @@ describe("Inventory Items endpoints", () => {
|
||||
).toHaveLength(2)
|
||||
|
||||
await api.delete(`/admin/inventory-items/${invItem2.id}`, {
|
||||
headers: { Authorization: "Bearer test_token" },
|
||||
headers: { "x-medusa-access-token": "test_token" },
|
||||
})
|
||||
|
||||
expect(
|
||||
|
||||
@@ -21,7 +21,7 @@ const {
|
||||
|
||||
jest.setTimeout(30000)
|
||||
|
||||
const adminHeaders = { headers: { Authorization: "Bearer test_token" } }
|
||||
const adminHeaders = { headers: { "x-medusa-access-token": "test_token" } }
|
||||
|
||||
describe("/store/carts", () => {
|
||||
let express
|
||||
|
||||
@@ -20,7 +20,7 @@ const {
|
||||
|
||||
jest.setTimeout(150000)
|
||||
|
||||
const adminHeaders = { headers: { Authorization: "Bearer test_token" } }
|
||||
const adminHeaders = { headers: { "x-medusa-access-token": "test_token" } }
|
||||
|
||||
describe("/store/carts", () => {
|
||||
let express
|
||||
|
||||
@@ -83,7 +83,7 @@ describe("Create Variant", () => {
|
||||
],
|
||||
prices: [{ currency_code: "usd", amount: 2300 }],
|
||||
},
|
||||
{ headers: { Authorization: "Bearer test_token" } }
|
||||
{ headers: { "x-medusa-access-token": "test_token" } }
|
||||
)
|
||||
|
||||
expect(response.status).toEqual(200)
|
||||
@@ -160,7 +160,7 @@ describe("Create Variant", () => {
|
||||
],
|
||||
prices: [{ currency_code: "usd", amount: 2300 }],
|
||||
},
|
||||
{ headers: { Authorization: "Bearer test_token" } }
|
||||
{ headers: { "x-medusa-access-token": "test_token" } }
|
||||
)
|
||||
.catch((e) => e)
|
||||
|
||||
|
||||
@@ -70,7 +70,7 @@ describe("Delete Variant", () => {
|
||||
],
|
||||
prices: [{ currency_code: "usd", amount: 2300 }],
|
||||
},
|
||||
{ headers: { Authorization: "Bearer test_token" } }
|
||||
{ headers: { "x-medusa-access-token": "test_token" } }
|
||||
)
|
||||
|
||||
const variantId = response.data.product.variants.find(
|
||||
@@ -98,7 +98,7 @@ describe("Delete Variant", () => {
|
||||
).toHaveLength(2)
|
||||
|
||||
await api.delete(`/admin/products/test-product/variants/${variantId}`, {
|
||||
headers: { Authorization: "Bearer test_token" },
|
||||
headers: { "x-medusa-access-token": "test_token" },
|
||||
})
|
||||
|
||||
await expect(variantService.retrieve(variantId)).rejects.toThrow(
|
||||
|
||||
@@ -12,7 +12,7 @@ jest.setTimeout(30000)
|
||||
|
||||
const { simpleProductFactory } = require("../../../../factories")
|
||||
|
||||
const adminHeaders = { headers: { Authorization: "Bearer test_token" } }
|
||||
const adminHeaders = { headers: { "x-medusa-access-token": "test_token" } }
|
||||
|
||||
describe("Get products", () => {
|
||||
let appContainer
|
||||
|
||||
@@ -15,7 +15,7 @@ const {
|
||||
simpleSalesChannelFactory,
|
||||
} = require("../../../../factories")
|
||||
|
||||
const adminHeaders = { headers: { Authorization: "Bearer test_token" } }
|
||||
const adminHeaders = { headers: { "x-medusa-access-token": "test_token" } }
|
||||
|
||||
describe("Get variant", () => {
|
||||
let appContainer
|
||||
|
||||
@@ -13,7 +13,7 @@ jest.setTimeout(30000)
|
||||
const { simpleProductFactory } = require("../../../../factories")
|
||||
const { simpleSalesChannelFactory } = require("../../../../factories")
|
||||
|
||||
const adminHeaders = { headers: { Authorization: "Bearer test_token" } }
|
||||
const adminHeaders = { headers: { "x-medusa-access-token": "test_token" } }
|
||||
|
||||
describe("Create Variant", () => {
|
||||
let appContainer
|
||||
|
||||
@@ -12,7 +12,7 @@ jest.setTimeout(30000)
|
||||
|
||||
const { simpleProductFactory } = require("../../../../factories")
|
||||
const { simpleSalesChannelFactory } = require("../../../../factories")
|
||||
const adminHeaders = { headers: { Authorization: "Bearer test_token" } }
|
||||
const adminHeaders = { headers: { "x-medusa-access-token": "test_token" } }
|
||||
|
||||
describe("List Variants", () => {
|
||||
let appContainer
|
||||
|
||||
@@ -16,7 +16,7 @@ const {
|
||||
simpleRegionFactory,
|
||||
} = require("../../../../factories")
|
||||
const { simpleSalesChannelFactory } = require("../../../../factories")
|
||||
const adminHeaders = { headers: { Authorization: "Bearer test_token" } }
|
||||
const adminHeaders = { headers: { "x-medusa-access-token": "test_token" } }
|
||||
|
||||
describe("Inventory Items endpoints", () => {
|
||||
let appContainer
|
||||
|
||||
Reference in New Issue
Block a user