Rework user types: create AuthenticatedUser and AnonymousUser class
Both are subclasses of an abstract User class which contains almost everything interesting.
This commit is contained in:
@@ -4,7 +4,12 @@
|
||||
// password reset, and email verification.
|
||||
|
||||
import type { Request as ExpressRequest } from "express";
|
||||
import { AnonymousUser, type User, type UserId } from "../user";
|
||||
import {
|
||||
type AnonymousUser,
|
||||
anonymousUser,
|
||||
type User,
|
||||
type UserId,
|
||||
} from "../user";
|
||||
import { hashPassword, verifyPassword } from "./password";
|
||||
import type { AuthStore } from "./store";
|
||||
import {
|
||||
@@ -27,7 +32,7 @@ type SimpleResult = { success: true } | { success: false; error: string };
|
||||
// Result of validating a request/token - contains both user and session
|
||||
export type AuthResult =
|
||||
| { authenticated: true; user: User; session: SessionData }
|
||||
| { authenticated: false; user: typeof AnonymousUser; session: null };
|
||||
| { authenticated: false; user: AnonymousUser; session: null };
|
||||
|
||||
export class AuthService {
|
||||
constructor(private store: AuthStore) {}
|
||||
@@ -83,7 +88,7 @@ export class AuthService {
|
||||
}
|
||||
|
||||
if (!token) {
|
||||
return { authenticated: false, user: AnonymousUser, session: null };
|
||||
return { authenticated: false, user: anonymousUser, session: null };
|
||||
}
|
||||
|
||||
return this.validateToken(token);
|
||||
@@ -94,16 +99,16 @@ export class AuthService {
|
||||
const session = await this.store.getSession(tokenId);
|
||||
|
||||
if (!session) {
|
||||
return { authenticated: false, user: AnonymousUser, session: null };
|
||||
return { authenticated: false, user: anonymousUser, session: null };
|
||||
}
|
||||
|
||||
if (session.tokenType !== "session") {
|
||||
return { authenticated: false, user: AnonymousUser, session: null };
|
||||
return { authenticated: false, user: anonymousUser, session: null };
|
||||
}
|
||||
|
||||
const user = await this.store.getUserById(session.userId as UserId);
|
||||
if (!user || !user.isActive()) {
|
||||
return { authenticated: false, user: AnonymousUser, session: null };
|
||||
return { authenticated: false, user: anonymousUser, session: null };
|
||||
}
|
||||
|
||||
// Update last used (fire and forget)
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
// Authentication storage interface and in-memory implementation.
|
||||
// The interface allows easy migration to PostgreSQL later.
|
||||
|
||||
import { User, type UserId } from "../user";
|
||||
import { AuthenticatedUser, type User, type UserId } from "../user";
|
||||
import { generateToken, hashToken } from "./token";
|
||||
import type { AuthMethod, SessionData, TokenId, TokenType } from "./types";
|
||||
|
||||
@@ -123,7 +123,7 @@ export class InMemoryAuthStore implements AuthStore {
|
||||
}
|
||||
|
||||
async createUser(data: CreateUserData): Promise<User> {
|
||||
const user = User.create(data.email, {
|
||||
const user = AuthenticatedUser.create(data.email, {
|
||||
displayName: data.displayName,
|
||||
status: "pending", // Pending until email verified
|
||||
});
|
||||
@@ -151,7 +151,7 @@ export class InMemoryAuthStore implements AuthStore {
|
||||
const user = this.users.get(userId);
|
||||
if (user) {
|
||||
// Create new user with active status
|
||||
const updatedUser = User.create(user.email, {
|
||||
const updatedUser = AuthenticatedUser.create(user.email, {
|
||||
id: user.id,
|
||||
displayName: user.displayName,
|
||||
status: "active",
|
||||
|
||||
@@ -64,17 +64,17 @@ export const tokenLifetimes: Record<TokenType, number> = {
|
||||
};
|
||||
|
||||
// Import here to avoid circular dependency at module load time
|
||||
import { AnonymousUser, type MaybeUser } from "../user";
|
||||
import type { User } from "../user";
|
||||
|
||||
// Session wrapper class providing a consistent interface for handlers.
|
||||
// Always present on Call (never null), but may represent an anonymous session.
|
||||
export class Session {
|
||||
constructor(
|
||||
private readonly data: SessionData | null,
|
||||
private readonly user: MaybeUser,
|
||||
private readonly user: User,
|
||||
) {}
|
||||
|
||||
getUser(): MaybeUser {
|
||||
getUser(): User {
|
||||
return this.user;
|
||||
}
|
||||
|
||||
@@ -83,7 +83,7 @@ export class Session {
|
||||
}
|
||||
|
||||
isAuthenticated(): boolean {
|
||||
return this.user !== AnonymousUser;
|
||||
return !this.user.isAnonymous();
|
||||
}
|
||||
|
||||
get tokenId(): string | undefined {
|
||||
|
||||
Reference in New Issue
Block a user