SessionRoutes => Adapt login route and create refreshTokens route

ExpressAPI/src/routes/SessionRoutes.ts

@@ -2,21 +2,30 @@ import { Express }               from 'express-serve-static-core';
 import express                   from 'express';
 import * as ExpressValidator     from 'express-validator';
 import { StatusCodes }           from 'http-status-codes';
-import * as bcrypt               from 'bcryptjs';
 import RoutesManager             from '../express/RoutesManager';
 import ParamsValidatorMiddleware from '../middlewares/ParamsValidatorMiddleware';
-import UserManager               from '../managers/UserManager';
 import SecurityMiddleware        from '../middlewares/SecurityMiddleware';
-import { User }                  from '../types/DatabaseTypes';
+import GitlabManager             from '../managers/GitlabManager';
+import UserManager               from '../managers/UserManager';
+import DojoStatusCode            from '../shared/types/Dojo/DojoStatusCode';
+import SharedGitlabManager       from '../shared/managers/SharedGitlabManager';
+import Config                    from '../config/Config';
 
 
 class SessionRoutes implements RoutesManager {
     private readonly loginValidator: ExpressValidator.Schema = {
-        user    : {
+        accessToken : {
             trim    : true,
             notEmpty: true
         },
-        password: {
+        refreshToken: {
+            trim    : true,
+            notEmpty: true
+        }
+    };
+
+    private readonly refreshTokensValidator: ExpressValidator.Schema = {
+        refreshToken: {
             trim    : true,
             notEmpty: true
         }
@@ -24,26 +33,43 @@ class SessionRoutes implements RoutesManager {
 
     registerOnBackend(backend: Express) {
         backend.post('/login', ParamsValidatorMiddleware.validate(this.loginValidator), this.login);
+        backend.post('/refresh_tokens', ParamsValidatorMiddleware.validate(this.refreshTokensValidator), this.refreshTokens);
         backend.get('/test_session', SecurityMiddleware.check(true), (req: express.Request, res: express.Response) => req.session.sendResponse(res, StatusCodes.OK));
     }
 
     private async login(req: express.Request, res: express.Response) {
+        try {
             const params: {
-            user: string, password: string
+                accessToken: string, refreshToken: string
             } = req.body;
 
-        const user: User | undefined = await UserManager.getByMail(params.user);
+            const gitlabUser = await GitlabManager.getUserProfile(params.accessToken);
 
-        if ( user ) {
-            if ( bcrypt.compareSync(params.password, user.password ?? '') ) {
-                req.session.profile = user;
+            if ( gitlabUser ) {
+                req.session.profile = await UserManager.getUpdateFromGitlabProfile(gitlabUser, params.refreshToken);
 
                 req.session.sendResponse(res, StatusCodes.OK);
                 return;
+            } else {
+                req.session.sendResponse(res, StatusCodes.NOT_FOUND);
+            }
+        } catch ( error ) {
+            req.session.sendResponse(res, StatusCodes.INTERNAL_SERVER_ERROR, {}, 'Unknown error while logging in', DojoStatusCode.LOGIN_FAILED);
         }
     }
 
-        req.session.sendResponse(res, StatusCodes.NOT_FOUND);
+    private async refreshTokens(req: express.Request, res: express.Response) {
+        try {
+            const params: {
+                refreshToken: string
+            } = req.body;
+
+            const gitlabTokens = await SharedGitlabManager.getTokens(params.refreshToken, true, Config.login.gitlab.client.secret);
+
+            req.session.sendResponse(res, StatusCodes.OK, gitlabTokens);
+        } catch ( error ) {
+            req.session.sendResponse(res, StatusCodes.INTERNAL_SERVER_ERROR, {}, 'Unknown error while refresh tokens', DojoStatusCode.REFRESH_TOKENS_FAILED);
+        }
     }
 }