fix(auth): add account for session

Signed-off-by: Innei <i@innei.in>

apps/core/src/modules/auth/auth.config.ts

@@ -8,7 +8,10 @@ import { SECURITY } from '~/app.config.test'
 import { isDev } from '~/global/env.global'
 import { getDatabaseConnection } from '~/utils/database.util'
 
-import { AUTH_JS_USER_COLLECTION } from './auth.constant'
+import {
+  AUTH_JS_ACCOUNT_COLLECTION,
+  AUTH_JS_USER_COLLECTION,
+} from './auth.constant'
 
 export const authConfig: ServerAuthConfig = {
   basePath: isDev ? '/auth' : `/api/v${API_VERSION}/auth`,
@@ -25,7 +28,10 @@ export const authConfig: ServerAuthConfig = {
   adapter: MongoDBAdapter(
     getDatabaseConnection().then((c) => c.getClient()),
     {
-      collections: { Users: AUTH_JS_USER_COLLECTION },
+      collections: {
+        Users: AUTH_JS_USER_COLLECTION,
+        Accounts: AUTH_JS_ACCOUNT_COLLECTION,
+      },
     },
   ),
 }

apps/core/src/modules/auth/auth.constant.ts

@@ -1,3 +1,4 @@
 export const AuthConfigInjectKey = Symbol()
 
 export const AUTH_JS_USER_COLLECTION = 'readers'
+export const AUTH_JS_ACCOUNT_COLLECTION = 'accounts'

apps/core/src/modules/auth/auth.controller.ts

@@ -15,6 +15,7 @@ import {
   Patch,
   Post,
   Query,
+  Req,
 } from '@nestjs/common'
 import { EventEmitter2 } from '@nestjs/event-emitter'
 
@@ -22,6 +23,7 @@ import { ApiController } from '~/common/decorators/api-controller.decorator'
 import { Auth } from '~/common/decorators/auth.decorator'
 import { EventBusEvents } from '~/constants/event-bus.constant'
 import { MongoIdDto } from '~/shared/dto/id.dto'
+import { FastifyBizRequest } from '~/transformers/get-req.transformer'
 
 import { AuthService } from './auth.service'
 
@@ -104,4 +106,20 @@ export class AuthController {
   async oauthAsOwner() {
     return this.authService.setCurrentOauthAsOwner()
   }
+
+  @Get('session')
+  async getSession(@Req() req: FastifyBizRequest) {
+    const session = await this.authService.getSessionUser(req.raw)
+
+    if (!session) {
+      return null
+    }
+
+    const account = await this.authService.getOauthUserAccount(session.userId)
+
+    return {
+      ...session.user,
+      ...account,
+    }
+  }
 }

apps/core/src/modules/auth/auth.middleware.ts

@@ -65,7 +65,9 @@ export class AuthMiddleware implements NestMiddleware, OnModuleInit {
       return
     }
 
-    if (req.originalUrl.includes('/auth/token')) {
+    const bypassPath = ['/token', '/session']
+
+    if (bypassPath.some((path) => req.originalUrl.includes(path))) {
       next()
       return
     }

apps/core/src/modules/auth/auth.service.ts

@@ -22,7 +22,11 @@ import { DatabaseService } from '~/processors/database/database.service'
 import { JWTService } from '~/processors/helper/helper.jwt.service'
 import { InjectModel } from '~/transformers/model.transformer'
 
-import { AUTH_JS_USER_COLLECTION, AuthConfigInjectKey } from './auth.constant'
+import {
+  AUTH_JS_ACCOUNT_COLLECTION,
+  AUTH_JS_USER_COLLECTION,
+  AuthConfigInjectKey,
+} from './auth.constant'
 import { ServerAuthConfig } from './auth.implement'
 import { SessionUser } from './auth.interface'
 
@@ -205,6 +209,22 @@ export class AuthService {
     return 'OK'
   }
 
+  getOauthUserAccount(userId: string) {
+    return this.databaseService.db
+      .collection(AUTH_JS_ACCOUNT_COLLECTION)
+      .findOne(
+        {
+          userId: new Types.ObjectId(userId),
+        },
+        {
+          projection: {
+            _id: 0,
+            userId: 0,
+            access_token: 0,
+          },
+        },
+      )
+  }
   getOauthProviders() {
     return this.authConfig.providers.map((p) => p.name)
   }