feat(server): move authentication to tokens stored in the database (#1381)

* chore: add typeorm commands to npm and set default database config values * feat: move to server side authentication tokens * fix: websocket should emit error and disconnect on error thrown by the server * refactor: rename cookie-auth-strategy to user-auth-strategy * feat: user tokens and API keys now use SHA256 hash for performance improvements * test: album e2e test remove unneeded module import * infra: truncate api key table as old keys will no longer work with new hash algorithm * fix(server): e2e tests (#1435) * fix: root module paths * chore: linting * chore: rename user-auth to strategy.ts and make validate return AuthUserDto * fix: we should always send HttpOnly for our auth cookies * chore: remove now unused crypto functions and jwt dependencies * fix: return the extra fields for AuthUserDto in auth service validate --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
2025-11-14 17:36:12 +00:00 · 2023-01-27 20:50:07 +00:00 · 2023-01-27 20:50:07 +00:00 · 3f2513a717
commit 3f2513a717
parent 9be71f603e
61 changed files with 373 additions and 517 deletions
--- a/server/libs/infra/src/db/entities/user-token.entity.ts
+++ b/server/libs/infra/src/db/entities/user-token.entity.ts
@ -0,0 +1,20 @@
+import { Column, CreateDateColumn, Entity, ManyToOne, PrimaryGeneratedColumn, UpdateDateColumn } from 'typeorm';
+import { UserEntity } from './user.entity';
+
+@Entity('user_token')
+export class UserTokenEntity {
+  @PrimaryGeneratedColumn('uuid')
+  id!: string;
+
+  @Column({ select: false })
+  token!: string;
+
+  @ManyToOne(() => UserEntity)
+  user!: UserEntity;
+
+  @CreateDateColumn({ type: 'timestamptz' })
+  createdAt!: string;
+
+  @UpdateDateColumn({ type: 'timestamptz' })
+  updatedAt!: string;
+}