163 lines
4.8 KiB
JavaScript
163 lines
4.8 KiB
JavaScript
// routes/auth.js
|
||
const express = require("express")
|
||
const router = express.Router()
|
||
|
||
const requireAuth = require("../middleware/requireAuth.js")
|
||
const { validate } = require("../middleware/validate.middleware")
|
||
const authService = require("../services/auth.service")
|
||
const { endpoints } = require("@shared/contracts")
|
||
|
||
const { mapLoginRequestToLoginInput, mapLoginResultToResponse } = require("../adapters/responses/login.adapter")
|
||
const { mapRegisterRequestToRegisterInput, mapRegisterResultToResponse } = require("../adapters/responses/register.adapter")
|
||
const { mapMeRequestToUserId, mapMeResultToResponse } = require("../adapters/responses/me.adapter")
|
||
|
||
const { auth } = endpoints
|
||
|
||
// NOT: app.js’de cookie-parser olmalı:
|
||
// const cookieParser = require("cookie-parser")
|
||
// app.use(cookieParser())
|
||
|
||
function getCookieOptions() {
|
||
const isProd = process.env.NODE_ENV === "production"
|
||
|
||
// DEV: http localhost -> secure false, sameSite lax
|
||
if (!isProd) {
|
||
return {
|
||
httpOnly: true,
|
||
secure: false,
|
||
sameSite: "lax",
|
||
path: "/",
|
||
}
|
||
}
|
||
|
||
// PROD: cross-site kullanacaksan (frontend ayrı domain)
|
||
return {
|
||
httpOnly: true,
|
||
secure: true,
|
||
sameSite: "none",
|
||
path: "/",
|
||
}
|
||
}
|
||
|
||
|
||
function setRefreshCookie(res, refreshToken) {
|
||
const opts = getCookieOptions()
|
||
const maxAgeMs = Number(process.env.REFRESH_COOKIE_MAX_AGE_MS || 1000 * 60 * 60 * 24 * 30)
|
||
res.cookie("rt", refreshToken, { ...opts, maxAge: maxAgeMs })
|
||
}
|
||
|
||
function clearRefreshCookie(res) {
|
||
const opts = getCookieOptions()
|
||
res.clearCookie("rt", { ...opts })
|
||
}
|
||
|
||
router.post(
|
||
"/register",
|
||
validate(auth.registerRequestSchema, "body", "validatedRegisterInput"),
|
||
async (req, res) => {
|
||
try {
|
||
const input = mapRegisterRequestToRegisterInput(req.validatedRegisterInput)
|
||
|
||
const result = await authService.register({
|
||
...input,
|
||
meta: { ip: req.ip, userAgent: req.headers["user-agent"] || null },
|
||
})
|
||
|
||
// refresh cookie set
|
||
if (result.refreshToken) setRefreshCookie(res, result.refreshToken)
|
||
|
||
// response body: access + user (adapter refresh'i koymamalı)
|
||
const response = auth.authResponseSchema.parse(mapRegisterResultToResponse(result))
|
||
res.json(response)
|
||
} catch (err) {
|
||
const status = err.statusCode || 500
|
||
res.status(status).json({ message: err.message || "Kayit islemi basarisiz." })
|
||
}
|
||
}
|
||
)
|
||
|
||
router.post(
|
||
"/login",
|
||
validate(auth.loginRequestSchema, "body", "validatedLoginInput"),
|
||
async (req, res) => {
|
||
try {
|
||
const input = mapLoginRequestToLoginInput(req.validatedLoginInput)
|
||
|
||
const result = await authService.login({
|
||
...input,
|
||
meta: { ip: req.ip, userAgent: req.headers["user-agent"] || null },
|
||
})
|
||
|
||
// refresh cookie set
|
||
setRefreshCookie(res, result.refreshToken)
|
||
|
||
const response = auth.authResponseSchema.parse(mapLoginResultToResponse(result))
|
||
res.json(response)
|
||
} catch (err) {
|
||
console.error("LOGIN ERROR:", err) // <-- ekle
|
||
console.error("LOGIN ERROR MSG:", err?.message)
|
||
console.error("LOGIN ERROR STACK:", err?.stack)
|
||
|
||
const status = err.statusCode || 500
|
||
res.status(status).json({
|
||
message: err.statusCode ? err.message : "Giris islemi basarisiz.",
|
||
})
|
||
}
|
||
}
|
||
)
|
||
|
||
router.post("/refresh", async (req, res) => {
|
||
try {
|
||
const refreshToken = req.cookies?.rt
|
||
if (!refreshToken) return res.status(401).json({ message: "Refresh token yok" })
|
||
|
||
const result = await authService.refresh({
|
||
refreshToken,
|
||
meta: { ip: req.ip, userAgent: req.headers["user-agent"] || null },
|
||
})
|
||
|
||
// rotate -> yeni refresh cookie
|
||
setRefreshCookie(res, result.refreshToken)
|
||
|
||
// body: access + user (adapter refresh'i koymamalı)
|
||
const response = auth.authResponseSchema.parse(mapLoginResultToResponse(result))
|
||
res.json(response)
|
||
} catch (err) {
|
||
clearRefreshCookie(res)
|
||
const status = err.statusCode || 401
|
||
res.status(status).json({ message: err.message || "Refresh basarisiz" })
|
||
}
|
||
})
|
||
|
||
router.post("/logout", async (req, res) => {
|
||
try {
|
||
const refreshToken = req.cookies?.rt
|
||
|
||
// logout idempotent olsun
|
||
if (refreshToken) {
|
||
await authService.logout({ refreshToken })
|
||
}
|
||
|
||
clearRefreshCookie(res)
|
||
res.status(204).send()
|
||
} catch (err) {
|
||
clearRefreshCookie(res)
|
||
const status = err.statusCode || 500
|
||
res.status(status).json({ message: err.message || "Cikis basarisiz" })
|
||
}
|
||
})
|
||
|
||
router.get("/me", requireAuth, async (req, res) => {
|
||
try {
|
||
const userId = mapMeRequestToUserId(req) // req.auth.userId okumalı
|
||
const user = await authService.getMe(userId)
|
||
const response = auth.meResponseSchema.parse(mapMeResultToResponse(user))
|
||
res.json(response)
|
||
} catch (err) {
|
||
const status = err.statusCode || 500
|
||
res.status(status).json({ message: err.message || "Sunucu hatasi" })
|
||
}
|
||
})
|
||
|
||
module.exports = router
|