feat(medusa): Authentication overhaul (#4064)

* implemented bearer auth * changed naming strat * changed session auth to not use jwt * typo * changed auth header prefix for admin api token auth * fixed supporting functions to work with new session type * removed database calls for bearer auth improving performance * removed unused deps * changed auth in tests * added integration tests * Accepted suggested change Co-authored-by: Carlos R. L. Rodrigues <37986729+carlos-r-l-rodrigues@users.noreply.github.com> * Typo Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * more typos Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * proper formatting Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * removed endregion Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * removed startregion Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> * fixed admin JWT integration test * added more fixes to integration tests * Update OAS * Create fluffy-donkeys-hope.md * created API reference for new auth * implemented getToken in medusa-js * Apply suggestions from code review Co-authored-by: Shahed Nasser <shahednasser@gmail.com> * Apply suggestions from code review Co-authored-by: Shahed Nasser <shahednasser@gmail.com> * deleted files which should be autogenerated * Update fluffy-donkeys-hope.md * JSDoc update Co-authored-by: Oli Juhl <59018053+olivermrbl@users.noreply.github.com> * added missing route exports * implemented runtime domain safety in jwt token manager * fixed jwt manager * lint get-token files * Update fluffy-donkeys-hope.md * Revert "deleted files which should be autogenerated" This reverts commit cd5e86623b822e6a6ac37322b952143ccc493df9. * Revert "Apply suggestions from code review" This reverts commit f02f07ce58fd9fcc2dfc80cadbb9df2665108d65. * Revert "created API reference for new auth" This reverts commit c9eafbb36453f5cf8047c79e94f470cb2d023c7d. * renamed header for sending api access tokens * medusa-js - changed apiKey header --------- Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> Co-authored-by: Carlos R. L. Rodrigues <37986729+carlos-r-l-rodrigues@users.noreply.github.com> Co-authored-by: olivermrbl <oliver@mrbltech.com> Co-authored-by: Shahed Nasser <shahednasser@gmail.com>
2023-09-25 19:57:44 +02:00
parent 07e65f5aba
commit 2caff2efc7
98 changed files with 864 additions and 351 deletions
--- a/integration-tests/plugins/tests/medusa-plugin-sendgrid/index.js
+++ b/integration-tests/plugins/tests/medusa-plugin-sendgrid/index.js
@@ -58,7 +58,7 @@ describe("medusa-plugin-sendgrid", () => {
    const response = await api.post(
      `/admin/orders/${order.id}/cancel`,
      {},
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )
    expect(response.status).toEqual(200)

@@ -146,7 +146,7 @@ describe("medusa-plugin-sendgrid", () => {
    const { data: fulfillmentData } = await api.post(
      `/admin/orders/${order.id}/fulfillment`,
      { items: [{ item_id: "test-item", quantity: 2 }] },
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    const fulfillment = fulfillmentData.order.fulfillments[0]
@@ -154,7 +154,7 @@ describe("medusa-plugin-sendgrid", () => {
    const response = await api.post(
      `/admin/orders/${order.id}/shipment`,
      { fulfillment_id: fulfillment.id },
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    expect(response.status).toEqual(200)
@@ -344,7 +344,7 @@ describe("medusa-plugin-sendgrid", () => {
        additional_items: [{ variant_id: "variant-2", quantity: 1 }],
        return_items: [{ item_id: "test-item", quantity: 1 }],
      },
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    expect(response.status).toEqual(200)
@@ -359,7 +359,7 @@ describe("medusa-plugin-sendgrid", () => {
          quantity: i.quantity,
        })),
      },
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    const sendgridService = appContainer.resolve("sendgridService")
@@ -386,7 +386,7 @@ describe("medusa-plugin-sendgrid", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -403,7 +403,7 @@ describe("medusa-plugin-sendgrid", () => {
          quantity: i.quantity,
        })),
      },
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    const sendgridService = appContainer.resolve("sendgridService")
@@ -440,7 +440,7 @@ describe("medusa-plugin-sendgrid", () => {
          { reason: "missing_item", item_id: "test-item", quantity: 1 },
        ],
      },
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    expect(response.status).toEqual(200)
@@ -450,14 +450,14 @@ describe("medusa-plugin-sendgrid", () => {
    const { data: fulfillmentData } = await api.post(
      `/admin/orders/${order.id}/claims/${claimId}/fulfillments`,
      {},
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    const fulfillmentId = fulfillmentData.order.claims[0].fulfillments[0].id
    await api.post(
      `/admin/orders/${order.id}/claims/${claimId}/shipments`,
      { fulfillment_id: fulfillmentId },
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    const sendgridService = appContainer.resolve("sendgridService")
@@ -545,7 +545,7 @@ describe("medusa-plugin-sendgrid", () => {
        additional_items: [{ variant_id: "variant-2", quantity: 1 }],
        return_items: [{ item_id: "test-item", quantity: 1 }],
      },
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    expect(response.status).toEqual(200)
@@ -573,14 +573,14 @@ describe("medusa-plugin-sendgrid", () => {
    const { data: fulfillmentData } = await api.post(
      `/admin/orders/${order.id}/swaps/${swapId}/fulfillments`,
      {},
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    const fulfillmentId = fulfillmentData.order.swaps[0].fulfillments[0].id
    await api.post(
      `/admin/orders/${order.id}/swaps/${swapId}/shipments`,
      { fulfillment_id: fulfillmentId },
-      { headers: { authorization: "Bearer test_token" } }
+      { headers: { "x-medusa-access-token": "test_token" } }
    )

    const sendgridService = appContainer.resolve("sendgridService")
@@ -729,7 +729,7 @@ describe("medusa-plugin-sendgrid", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )
@@ -759,7 +759,7 @@ describe("medusa-plugin-sendgrid", () => {
      },
      {
        headers: {
-          authorization: "Bearer test_token",
+          "x-medusa-access-token": "test_token",
        },
      }
    )