2023-01-10 11:30:39 +00:00
|
|
|
import {
|
|
|
|
|
Body,
|
|
|
|
|
Controller,
|
|
|
|
|
Get,
|
|
|
|
|
Post,
|
2023-04-06 06:11:01 +00:00
|
|
|
Query,
|
2023-01-11 13:59:33 +00:00
|
|
|
Request,
|
2023-01-10 11:30:39 +00:00
|
|
|
Res,
|
2023-01-11 13:59:33 +00:00
|
|
|
UseGuards,
|
2024-05-27 16:19:42 +00:00
|
|
|
UseInterceptors,
|
2023-01-10 11:30:39 +00:00
|
|
|
} from '@nestjs/common';
|
2023-01-09 13:32:14 +00:00
|
|
|
import { AuthService } from './auth.service';
|
2023-02-01 12:22:33 +00:00
|
|
|
import { SignInMagicDto } from './dto/signin-magic.dto';
|
2023-02-01 13:17:11 +00:00
|
|
|
import { VerifyMagicDto } from './dto/verify-magic.dto';
|
2023-01-10 10:36:42 +00:00
|
|
|
import { Response } from 'express';
|
2023-01-10 11:30:39 +00:00
|
|
|
import * as E from 'fp-ts/Either';
|
2023-01-11 13:59:33 +00:00
|
|
|
import { RTJwtAuthGuard } from './guards/rt-jwt-auth.guard';
|
2023-03-21 11:12:30 +00:00
|
|
|
import { JwtAuthGuard } from './guards/jwt-auth.guard';
|
2023-01-11 13:59:33 +00:00
|
|
|
import { GqlUser } from 'src/decorators/gql-user.decorator';
|
|
|
|
|
import { AuthUser } from 'src/types/AuthUser';
|
|
|
|
|
import { RTCookie } from 'src/decorators/rt-cookie.decorator';
|
2024-03-05 12:35:58 +00:00
|
|
|
import { AuthProvider, authCookieHandler, authProviderCheck } from './helper';
|
2023-03-14 13:49:22 +00:00
|
|
|
import { GoogleSSOGuard } from './guards/google-sso.guard';
|
|
|
|
|
import { GithubSSOGuard } from './guards/github-sso.guard';
|
|
|
|
|
import { MicrosoftSSOGuard } from './guards/microsoft-sso-.guard';
|
2023-03-21 11:15:50 +00:00
|
|
|
import { ThrottlerBehindProxyGuard } from 'src/guards/throttler-behind-proxy.guard';
|
|
|
|
|
import { SkipThrottle } from '@nestjs/throttler';
|
2023-08-03 14:42:54 +00:00
|
|
|
import { AUTH_PROVIDER_NOT_SPECIFIED } from 'src/errors';
|
2023-12-12 10:42:58 +00:00
|
|
|
import { ConfigService } from '@nestjs/config';
|
2024-03-05 12:35:58 +00:00
|
|
|
import { throwHTTPErr } from 'src/utils';
|
2024-05-27 16:19:42 +00:00
|
|
|
import { UserLastLoginInterceptor } from 'src/interceptors/user-last-login.interceptor';
|
2023-03-21 11:15:50 +00:00
|
|
|
|
|
|
|
|
@UseGuards(ThrottlerBehindProxyGuard)
|
2023-02-01 13:49:39 +00:00
|
|
|
@Controller({ path: 'auth', version: '1' })
|
2023-01-09 13:32:14 +00:00
|
|
|
export class AuthController {
|
2023-12-12 10:42:58 +00:00
|
|
|
constructor(
|
|
|
|
|
private authService: AuthService,
|
|
|
|
|
private configService: ConfigService,
|
|
|
|
|
) {}
|
|
|
|
|
|
|
|
|
|
@Get('providers')
|
|
|
|
|
async getAuthProviders() {
|
|
|
|
|
const providers = await this.authService.getAuthProviders();
|
|
|
|
|
return { providers };
|
|
|
|
|
}
|
2023-01-09 13:32:14 +00:00
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Route to initiate magic-link auth for a users email
|
|
|
|
|
*/
|
2023-01-09 13:32:14 +00:00
|
|
|
@Post('signin')
|
2023-04-06 06:11:01 +00:00
|
|
|
async signInMagicLink(
|
|
|
|
|
@Body() authData: SignInMagicDto,
|
|
|
|
|
@Query('origin') origin: string,
|
|
|
|
|
) {
|
2023-12-12 10:42:58 +00:00
|
|
|
if (
|
|
|
|
|
!authProviderCheck(
|
|
|
|
|
AuthProvider.EMAIL,
|
|
|
|
|
this.configService.get('INFRA.VITE_ALLOWED_AUTH_PROVIDERS'),
|
|
|
|
|
)
|
|
|
|
|
) {
|
2023-08-03 14:42:54 +00:00
|
|
|
throwHTTPErr({ message: AUTH_PROVIDER_NOT_SPECIFIED, statusCode: 404 });
|
2023-12-12 10:42:58 +00:00
|
|
|
}
|
2023-08-03 14:42:54 +00:00
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
const deviceIdToken = await this.authService.signInMagicLink(
|
|
|
|
|
authData.email,
|
2023-04-06 06:11:01 +00:00
|
|
|
origin,
|
2023-01-30 13:25:53 +00:00
|
|
|
);
|
|
|
|
|
if (E.isLeft(deviceIdToken)) throwHTTPErr(deviceIdToken.left);
|
|
|
|
|
return deviceIdToken.right;
|
2023-01-09 13:32:14 +00:00
|
|
|
}
|
2023-01-10 10:36:42 +00:00
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Route to verify and sign in a valid user via magic-link
|
|
|
|
|
*/
|
2023-01-10 10:36:42 +00:00
|
|
|
@Post('verify')
|
2023-02-01 13:17:11 +00:00
|
|
|
async verify(@Body() data: VerifyMagicDto, @Res() res: Response) {
|
2023-01-30 13:25:53 +00:00
|
|
|
const authTokens = await this.authService.verifyMagicLinkTokens(data);
|
2023-01-10 11:30:39 +00:00
|
|
|
if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
|
2025-07-28 11:16:30 +00:00
|
|
|
authCookieHandler(res, authTokens.right, false, null, this.configService);
|
2023-01-10 10:36:42 +00:00
|
|
|
}
|
2023-01-11 13:59:33 +00:00
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Route to refresh auth tokens with Refresh Token Rotation
|
|
|
|
|
* @see https://auth0.com/docs/secure/tokens/refresh-tokens/refresh-token-rotation
|
|
|
|
|
*/
|
2023-01-11 13:59:33 +00:00
|
|
|
@Get('refresh')
|
|
|
|
|
@UseGuards(RTJwtAuthGuard)
|
|
|
|
|
async refresh(
|
|
|
|
|
@GqlUser() user: AuthUser,
|
|
|
|
|
@RTCookie() refresh_token: string,
|
|
|
|
|
@Res() res,
|
|
|
|
|
) {
|
|
|
|
|
const newTokenPair = await this.authService.refreshAuthTokens(
|
|
|
|
|
refresh_token,
|
|
|
|
|
user,
|
|
|
|
|
);
|
|
|
|
|
if (E.isLeft(newTokenPair)) throwHTTPErr(newTokenPair.left);
|
2025-07-28 11:16:30 +00:00
|
|
|
authCookieHandler(res, newTokenPair.right, false, null, this.configService);
|
2023-01-11 13:59:33 +00:00
|
|
|
}
|
2023-01-12 19:22:29 +00:00
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Route to initiate SSO auth via Google
|
|
|
|
|
*/
|
2023-01-12 19:22:29 +00:00
|
|
|
@Get('google')
|
2023-03-14 13:49:22 +00:00
|
|
|
@UseGuards(GoogleSSOGuard)
|
2023-01-12 19:22:29 +00:00
|
|
|
async googleAuth(@Request() req) {}
|
|
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Callback URL for Google SSO
|
|
|
|
|
* @see https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow#how-it-works
|
|
|
|
|
*/
|
2023-01-12 19:22:29 +00:00
|
|
|
@Get('google/callback')
|
2023-03-21 11:15:50 +00:00
|
|
|
@SkipThrottle()
|
2023-03-14 13:49:22 +00:00
|
|
|
@UseGuards(GoogleSSOGuard)
|
2024-05-27 16:19:42 +00:00
|
|
|
@UseInterceptors(UserLastLoginInterceptor)
|
2023-01-12 19:22:29 +00:00
|
|
|
async googleAuthRedirect(@Request() req, @Res() res) {
|
2023-01-19 09:43:55 +00:00
|
|
|
const authTokens = await this.authService.generateAuthTokens(req.user.uid);
|
2023-01-12 19:22:29 +00:00
|
|
|
if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
|
2023-03-14 13:49:22 +00:00
|
|
|
authCookieHandler(
|
|
|
|
|
res,
|
|
|
|
|
authTokens.right,
|
|
|
|
|
true,
|
|
|
|
|
req.authInfo.state.redirect_uri,
|
2025-07-28 11:16:30 +00:00
|
|
|
this.configService,
|
2023-03-14 13:49:22 +00:00
|
|
|
);
|
2023-01-12 19:22:29 +00:00
|
|
|
}
|
2023-01-12 20:41:42 +00:00
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Route to initiate SSO auth via Github
|
|
|
|
|
*/
|
2023-01-12 20:41:42 +00:00
|
|
|
@Get('github')
|
2023-03-14 13:49:22 +00:00
|
|
|
@UseGuards(GithubSSOGuard)
|
2023-01-12 20:41:42 +00:00
|
|
|
async githubAuth(@Request() req) {}
|
|
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Callback URL for Github SSO
|
|
|
|
|
* @see https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow#how-it-works
|
|
|
|
|
*/
|
2023-01-12 20:41:42 +00:00
|
|
|
@Get('github/callback')
|
2023-03-21 11:15:50 +00:00
|
|
|
@SkipThrottle()
|
2023-03-14 13:49:22 +00:00
|
|
|
@UseGuards(GithubSSOGuard)
|
2024-05-27 16:19:42 +00:00
|
|
|
@UseInterceptors(UserLastLoginInterceptor)
|
2023-01-12 20:41:42 +00:00
|
|
|
async githubAuthRedirect(@Request() req, @Res() res) {
|
2023-01-19 09:43:55 +00:00
|
|
|
const authTokens = await this.authService.generateAuthTokens(req.user.uid);
|
2023-01-12 20:41:42 +00:00
|
|
|
if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
|
2023-03-14 13:49:22 +00:00
|
|
|
authCookieHandler(
|
|
|
|
|
res,
|
|
|
|
|
authTokens.right,
|
|
|
|
|
true,
|
|
|
|
|
req.authInfo.state.redirect_uri,
|
2025-07-28 11:16:30 +00:00
|
|
|
this.configService,
|
2023-03-14 13:49:22 +00:00
|
|
|
);
|
2023-01-12 20:41:42 +00:00
|
|
|
}
|
2023-01-18 17:04:15 +00:00
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Route to initiate SSO auth via Microsoft
|
|
|
|
|
*/
|
2023-01-18 17:04:15 +00:00
|
|
|
@Get('microsoft')
|
2023-03-14 13:49:22 +00:00
|
|
|
@UseGuards(MicrosoftSSOGuard)
|
2023-01-18 17:04:15 +00:00
|
|
|
async microsoftAuth(@Request() req) {}
|
|
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Callback URL for Microsoft SSO
|
|
|
|
|
* @see https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow#how-it-works
|
|
|
|
|
*/
|
2023-01-18 17:04:15 +00:00
|
|
|
@Get('microsoft/callback')
|
2023-03-21 11:15:50 +00:00
|
|
|
@SkipThrottle()
|
2023-03-14 13:49:22 +00:00
|
|
|
@UseGuards(MicrosoftSSOGuard)
|
2024-05-27 16:19:42 +00:00
|
|
|
@UseInterceptors(UserLastLoginInterceptor)
|
2023-01-18 17:04:15 +00:00
|
|
|
async microsoftAuthRedirect(@Request() req, @Res() res) {
|
2023-01-19 09:43:55 +00:00
|
|
|
const authTokens = await this.authService.generateAuthTokens(req.user.uid);
|
2023-01-18 17:04:15 +00:00
|
|
|
if (E.isLeft(authTokens)) throwHTTPErr(authTokens.left);
|
2023-03-14 13:49:22 +00:00
|
|
|
authCookieHandler(
|
|
|
|
|
res,
|
|
|
|
|
authTokens.right,
|
|
|
|
|
true,
|
|
|
|
|
req.authInfo.state.redirect_uri,
|
2025-07-28 11:16:30 +00:00
|
|
|
this.configService,
|
2023-03-14 13:49:22 +00:00
|
|
|
);
|
2023-01-18 17:04:15 +00:00
|
|
|
}
|
|
|
|
|
|
2023-01-30 13:25:53 +00:00
|
|
|
/**
|
|
|
|
|
** Log user out by clearing cookies containing auth tokens
|
|
|
|
|
*/
|
2023-01-18 17:04:15 +00:00
|
|
|
@Get('logout')
|
|
|
|
|
async logout(@Res() res: Response) {
|
|
|
|
|
res.clearCookie('access_token');
|
|
|
|
|
res.clearCookie('refresh_token');
|
2023-01-19 09:43:55 +00:00
|
|
|
return res.status(200).send();
|
2023-01-18 17:04:15 +00:00
|
|
|
}
|
2023-03-21 11:12:30 +00:00
|
|
|
|
|
|
|
|
@Get('verify/admin')
|
|
|
|
|
@UseGuards(JwtAuthGuard)
|
|
|
|
|
async verifyAdmin(@GqlUser() user: AuthUser) {
|
|
|
|
|
const userInfo = await this.authService.verifyAdmin(user);
|
|
|
|
|
if (E.isLeft(userInfo)) throwHTTPErr(userInfo.left);
|
|
|
|
|
return userInfo.right;
|
|
|
|
|
}
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
|
|
|
|
|
@Get('desktop')
|
|
|
|
|
@UseGuards(JwtAuthGuard)
|
|
|
|
|
@UseInterceptors(UserLastLoginInterceptor)
|
|
|
|
|
async desktopAuthCallback(
|
|
|
|
|
@GqlUser() user: AuthUser,
|
|
|
|
|
@Query('redirect_uri') redirectUri: string,
|
|
|
|
|
) {
|
|
|
|
|
if (!redirectUri || !redirectUri.startsWith('http://localhost')) {
|
|
|
|
|
throwHTTPErr({
|
|
|
|
|
message: 'Invalid desktop callback URL',
|
2025-05-09 09:37:20 +00:00
|
|
|
statusCode: 400,
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const tokens = await this.authService.generateAuthTokens(user.uid);
|
|
|
|
|
if (E.isLeft(tokens)) throwHTTPErr(tokens.left);
|
|
|
|
|
|
|
|
|
|
return tokens.right;
|
|
|
|
|
}
|
2025-09-22 13:36:40 +00:00
|
|
|
|
|
|
|
|
@Get('verify-token')
|
|
|
|
|
@UseGuards(JwtAuthGuard)
|
|
|
|
|
async verifyToken(@GqlUser() user: AuthUser) {
|
|
|
|
|
return {
|
|
|
|
|
isValid: true,
|
|
|
|
|
uid: user.uid,
|
|
|
|
|
message: 'Token is valid',
|
|
|
|
|
};
|
|
|
|
|
}
|
2023-01-09 13:32:14 +00:00
|
|
|
}
|