asyavee/medusa-store
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat: Separate registration from authentication in auth domain (#8683)

Browse Source 
* wip

* feat: Introduce register

* fix: user command

* fix: Invite HTTP tests

* fix: Auth tests

* fix: Invite modules tests
This commit is contained in:
Oli Juhl
2024-08-27 13:44:52 +02:00
committed by GitHub
parent c6eba80af6
commit c11ef01c15
21 changed files with 459 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/core/utils/src/auth/abstract-auth-provider.ts
+65 -56
View File
@@ -7,39 +7,39 @@ import {
/**
* ### constructor
*
*
* The constructor allows you to access resources from the module's container using the first parameter,
* and the module's options using the second parameter.
*
*
* If you're creating a client or establishing a connection with a third-party service, do it in the constructor.
*
*
* In the constructor, you must pass to the parent constructor two parameters:
*
*
* 1. The first one is an empty object.
* 2. The second is an object having two properties:
* - `provider`: The ID of the provider. For example, `emailpass`.
* - `displayName`: The label or displayable name of the provider. For example, `Email and Password Authentication`.
*
*
* #### Example
*
*
* ```ts
* import { AbstractAuthModuleProvider } from "@medusajs/utils"
* import { Logger } from "@medusajs/types"
*
*
* type InjectedDependencies = {
* logger: Logger
* }
*
*
* type Options = {
* apiKey: string
* }
*
*
* class MyAuthProviderService extends AbstractAuthModuleProvider {
* protected logger_: Logger
* protected options_: Options
* // assuming you're initializing a client
* protected client
*
*
* constructor (
* { logger }: InjectedDependencies,
* options: Options
@@ -51,17 +51,17 @@ import {
* displayName: "My Custom Authentication"
* }
* )
*
*
* this.logger_ = logger
* this.options_ = options
*
*
* // assuming you're initializing a client
* this.client = new Client(options)
* }
*
*
* // ...
* }
*
*
* export default MyAuthProviderService
* ```
*/
@@ -93,7 +93,7 @@ export abstract class AbstractAuthModuleProvider implements IAuthProvider {
/**
* @ignore
*
*
* @privateRemarks
* Documenting the constructor in the class's TSDocs as it's difficult to relay
* the necessary information with this constructor's signature.
@@ -108,41 +108,41 @@ export abstract class AbstractAuthModuleProvider implements IAuthProvider {
/**
* This method authenticates the user.
*
* The authentication happens either by directly authenticating or returning a redirect URL to continue
*
* The authentication happens either by directly authenticating or returning a redirect URL to continue
* the authentication with a third party provider.
*
*
* @param {AuthenticationInput} data - The details of the authentication request.
* @param {AuthIdentityProviderService} authIdentityProviderService - The service used to retrieve or
* @param {AuthIdentityProviderService} authIdentityProviderService - The service used to retrieve or
* create an auth identity. It has two methods: `create` to create an auth identity,
* and `retrieve` to retrieve an auth identity. When you authenticate the user, you can create an auth identity
* using this service.
* @returns {Promise<AuthenticationResponse>} The authentication response.
*
*
* @privateRemarks
* TODO add a link to the authentication flow document once it's public.
*
*
* @example
* For example, if your authentication provider doesn't require validating a callback:
*
*
* ```ts
* import {
* AuthIdentityProviderService,
* AuthenticationInput,
* import {
* AuthIdentityProviderService,
* AuthenticationInput,
* AuthenticationResponse
* } from "@medusajs/types"
* // ...
*
*
* class MyAuthProviderService extends AbstractAuthModuleProvider {
* // ...
* async authenticate(
* data: AuthenticationInput,
* data: AuthenticationInput,
* authIdentityProviderService: AuthIdentityProviderService
* ): Promise<AuthenticationResponse> {
* const isAuthenticated = false
* // TODO perform custom logic to authenticate the user
* // ...
*
*
* if (!isAuthenticated) {
* // if the authentication didn't succeed, return
* // an object of the following format
@@ -151,11 +151,11 @@ export abstract class AbstractAuthModuleProvider implements IAuthProvider {
* error: "Incorrect credentials"
* }
* }
*
*
* // authentication is successful, create an auth identity
* // if doesn't exist
* let authIdentity
*
*
* try {
* authIdentity = await authIdentityProviderService.retrieve({
* entity_id: data.body.email, // email or some ID
@@ -171,7 +171,7 @@ export abstract class AbstractAuthModuleProvider implements IAuthProvider {
* }
* })
* }
*
*
* return {
* success: true,
* authIdentity
@@ -179,27 +179,27 @@ export abstract class AbstractAuthModuleProvider implements IAuthProvider {
* }
* }
* ```
*
*
* If your authentication provider requires validating callback:
*
*
* ```ts
* import {
* AuthIdentityProviderService,
* AuthenticationInput,
* import {
* AuthIdentityProviderService,
* AuthenticationInput,
* AuthenticationResponse
* } from "@medusajs/types"
* // ...
*
*
* class MyAuthProviderService extends AbstractAuthModuleProvider {
* // ...
* async authenticate(
* data: AuthenticationInput,
* data: AuthenticationInput,
* authIdentityProviderService: AuthIdentityProviderService
* ): Promise<AuthenticationResponse> {
* const isAuthenticated = false
* // TODO perform custom logic to authenticate the user
* // ...
*
*
* if (!isAuthenticated) {
* // if the authentication didn't succeed, return
* // an object of the following format
@@ -208,7 +208,7 @@ export abstract class AbstractAuthModuleProvider implements IAuthProvider {
* error: "Incorrect credentials"
* }
* }
*
*
* return {
* success: true,
* location: "some-url.com"
@@ -222,43 +222,52 @@ export abstract class AbstractAuthModuleProvider implements IAuthProvider {
authIdentityProviderService: AuthIdentityProviderService
): Promise<AuthenticationResponse>
register(
data: AuthenticationInput,
authIdentityProviderService: AuthIdentityProviderService
): Promise<AuthenticationResponse> {
throw new Error(
`Method 'register' not implemented for provider ${this.provider}`
)
}
/**
* This method validates the callback of an authentication request.
*
*
* In an authentication flow that requires performing an action with a third-party service, such as login
* with a social account, the {@link authenticate} method is called first.
*
* Then, the third-party service redirects to the Medusa application's validate callback API route.
*
* Then, the third-party service redirects to the Medusa application's validate callback API route.
* That route uses this method to authenticate the user.
*
*
* @param {AuthenticationInput} data - The details of the authentication request.
* @param {AuthIdentityProviderService} authIdentityProviderService - The service used to retrieve or
* @param {AuthIdentityProviderService} authIdentityProviderService - The service used to retrieve or
* create an auth identity. It has two methods: `create` to create an auth identity,
* and `retrieve` to retrieve an auth identity. When you authenticate the user, you can create an auth identity
* using this service.
* @returns {Promise<AuthenticationResponse>} The authentication response.
*
*
* @privateRemarks
* TODO add a link to the authentication flow document once it's public.
*
*
* @example
* import {
* AuthIdentityProviderService,
* AuthenticationInput,
* import {
* AuthIdentityProviderService,
* AuthenticationInput,
* AuthenticationResponse
* } from "@medusajs/types"
* // ...
*
*
* class MyAuthProviderService extends AbstractAuthModuleProvider {
* // ...
* async validateCallback(
* data: AuthenticationInput,
* data: AuthenticationInput,
* authIdentityProviderService: AuthIdentityProviderService
* ): Promise<AuthenticationResponse> {
* const isAuthenticated = false
* // TODO perform custom logic to authenticate the user
* // ...
*
*
* if (!isAuthenticated) {
* // if the authentication didn't succeed, return
* // an object of the following format
@@ -267,11 +276,11 @@ export abstract class AbstractAuthModuleProvider implements IAuthProvider {
* error: "Something went wrong"
* }
* }
*
*
* // authentication is successful, create an auth identity
* // if doesn't exist
* let authIdentity
*
*
* try {
* authIdentity = await authIdentityProviderService.retrieve({
* entity_id: data.body.email, // email or some ID
@@ -287,7 +296,7 @@ export abstract class AbstractAuthModuleProvider implements IAuthProvider {
* }
* })
* }
*
*
* return {
* success: true,
* authIdentity